Lucene search
K

963 matches found

0day.today
0day.today
added 2009/10/23 12:0 a.m.50 views

Vivvo CMS 4.1.5.1 file disclosure

Exploit for unknown platform in category web applications ================================= Vivvo CMS 4.1.5.1 file disclosure ================================= Description of vulnerable software: Vivvo CMS is an intuitive content management system atop a powerful programming framework, empowering...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/09/01 12:0 a.m.15 views

phpBB3 - addon prime_quick_style GetAdmin

phpBB3 - addon primequickstyle GetAdmin phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited by -SmoG- target file: primequickstyle.php vuln: POST parameter "primequickstyle" is injectable. source: http://www.phpbb.com/community/viewtopic.php?f=70&t=692625 HowTo: after...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2009/09/01 12:0 a.m.23 views

phpBB3 addon prime_quick_style GetAdmin Vulnerability

No description provided by source. phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited by -SmoG- target file: primequickstyle.php vuln: POST parameter "primequickstyle" is injectable. source: http://www.phpbb.com/community/viewtopic.php?f=70&t=692625 HowTo: after login...

7.1AI score
Exploits0
0day.today
0day.today
added 2009/09/01 12:0 a.m.19 views

phpBB3 addon prime_quick_style GetAdmin Vulnerability

Exploit for unknown platform in category web applications ===================================================== phpBB3 addon primequickstyle GetAdmin Vulnerability ===================================================== phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/09/01 12:0 a.m.57 views

phpBB3 - addon prime_quick_style GetAdmin

phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited by -SmoG- target file: primequickstyle.php vuln: POST parameter "primequickstyle" is injectable. source: http://www.phpbb.com/community/viewtopic.php?f=70&t=692625 HowTo: after login, go to "./ucp.php" and manipulate...

7.4AI score
Exploits0
myhack58
myhack58
added 2009/04/14 12:0 a.m.14 views

Dust on the network enterprise website management system vulnerability-vulnerability warning-the black bar safety net

company. asp a get way to get the variable id's value is only filtered spaces and judgment Whether the value is empty contains an anti-note only the filter get way to pass the incoming parameter value company. asp it is request. querystring"id" that is not using the post And cookie injection but...

7.3AI score
Exploits0
CVE
CVE
added 2009/02/18 5:0 p.m.42 views

CVE-2009-0643

CVE-2009-0643 describes a static code injection in Simple PHP News 1.0 final. An attacker can inject arbitrary PHP code into news.txt via the post parameter and then trigger execution by requesting display.php, indicating a combination of unsafeguarded input handling and file-based code execution...

5.1CVSS7.6AI score0.04811EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2008/10/21 1:18 a.m.1 views

CVE-2008-4632

Multiple directory traversal vulnerabilities in index.php in Kure 0.6.3, when magicquotesgpc is disabled, allow remote attackers to read and possibly execute arbitrary local files via a .. dot dot in the 1 post and 2 doc parameters...

6.8CVSS6AI score0.01929EPSS
Exploits0References5
0day.today
0day.today
added 2008/10/16 12:0 a.m.13 views

Kure 0.6.3 (index.php post,doc) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== Kure 0.6.3 index.php post,doc Local File Inclusion Vulnerability ================================================================== Kure 0.6.3 index.php post,doc Local File...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2008/06/23 5:41 p.m.2 views

CVE-2008-2823

SQL injection vulnerability in newsarchive.php in PHPeasyblog formerly phpeasynews 1.13 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter...

7.5CVSS6.4AI score0.00967EPSS
Exploits1References4
Prion
Prion
added 2008/06/06 6:32 p.m.18 views

Sql injection

SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remote attackers to execute arbitrary SQL commands via the post parameter...

7.5CVSS9.1AI score0.0101EPSS
Exploits0References4Affected Software1
Exploit DB
Exploit DB
added 2008/03/25 12:0 a.m.48 views

BolinOS 4.6.1 - Local File Inclusion / Cross-Site Scripting

Digital Security Research Group DSecRG Advisory DSECRG-08-022 Application: BolinOS Versions Affected: 4.6.1 Vendor URL: http://www.bolinos.com Bugs: Local File Include,Multiple XSS, System information disclosure Exploits: YES Reported: 13.03.2008 Second report: 18.03.2008 Vendor response: none...

7.4AI score
Exploits0
Prion
Prion
added 2007/09/17 5:17 p.m.13 views

Sql injection

SQL injection vulnerability in classes/gelato.class.php in Gelato allows remote attackers to execute arbitrary SQL commands via the post parameter to index.php...

7.5CVSS9.1AI score0.01622EPSS
Exploits1References8Affected Software1
UbuntuCve
UbuntuCve
added 2007/03/03 7:19 p.m.22 views

CVE-2007-1244

Cross-site request forgery CSRF vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting X...

6.8CVSS5.9AI score0.07315EPSS
Exploits1References1
OSV
OSV
added 2007/03/03 7:19 p.m.3 views

DEBIAN-CVE-2007-1244

Cross-site request forgery CSRF vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting X...

6.8CVSS6.2AI score0.07315EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2007/03/03 7:0 p.m.29 views

CVE-2007-1244

Cross-site request forgery CSRF vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting X...

6.8CVSS6.7AI score0.07315EPSS
Exploits1
securityvulns
securityvulns
added 2007/02/02 12:0 a.m.70 views

[Full-disclosure] Remote Sql Injection in EasyMoblog 0.5.1 # 2

·= Security Advisory =· Issue: Sql injection Vulnerability in EasyMoblog by Umberto Caldera. Discovered Date: 30/01/07 Author: Tal Argoni, LegendaryZion. talargoni at gmail.com Product Vendor: http://sourceforge.net/project/showfiles.php?groupid=88633 Ver: easymoblog-0.5.1 Details: EasyMoblog is...

1.4AI score
Exploits0
NVD
NVD
added 2006/12/27 11:28 p.m.15 views

CVE-2006-6773

pages/register/register.php in Fishyshoop 0.930 beta allows remote attackers to create arbitrary administrative users by setting the isadmin HTTP POST parameter to 1...

7.5CVSS6.8AI score0.02426EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2006/10/14 12:0 a.m.23 views

NoahsClassifieds.txt

Noah's Classifieds is prone to a Cross Site Scripting Vulnerability, due to a failure in the application to properly sanitize the "frommethod" POST parameter in "index.php" : alert'XSS Vulnerable';" Advisory: http://zone14.free.fr/advisories/5/ --Raphael HUCK...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/10/12 12:0 a.m.85 views

Noah's Classifieds Cross Site Scripting Vulnerability

Noah's Classifieds is prone to a Cross Site Scripting Vulnerability, due to a failure in the application to properly sanitize the "frommethod" POST parameter in "index.php" : html body form method="POST" enctype="multipart/form-data" action="http://www.example.com/classifieds/index.php" input...

0.2AI score
Exploits0
Rows per page
Query Builder