Lucene search
K

536 matches found

Exploit DB
Exploit DB
added 2010/03/17 12:0 a.m.36 views

PostNuke FormExpress Module - Blind SQL Injection

Date: 17/03/2010 Software Link: http://sourceforge.net/projects/pn-formexpress/ Version: 0.3.2 PostNuke ContentExpress Module Blind Sql Injection Reported by Sharif University of Technology CSIRT Vulnerability Analysis and Penetration Testing Group cert.sharif.edu , nsc.sharif.edu === POC ===...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2009/10/30 12:0 a.m.112 views

PHP XML-RPC Arbitrary Code Execution

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'PHP XML-RPC...

7.5CVSS0.4AI score0.79071EPSS
Exploits5
securityvulns
securityvulns
added 2009/08/31 12:0 a.m.37 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PostNuke: SQL injection...

6.8CVSS1.6AI score0.01517EPSS
Exploits1References1Affected Software1
securityvulns
securityvulns
added 2009/08/28 12:0 a.m.30 views

New SQL Injection vulnerability in PostNuke

Здравствуйте 3APA3A! Сообщаю вам о найденной мною SQL Injection уязвимости в системе PostNuke. В дополнение к ранее найденной SQL Injection в PostNuke http://websecurity.com.ua/3169/. SQL Injection: http://site/modules.php?op=modload&name=AStatic&file=index&sid=-120or20version3E4 Уязвима версия...

Exploits0
securityvulns
securityvulns
added 2009/08/28 12:0 a.m.39 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PostNuke: SQL injection...

1.6AI score
Exploits0References2Affected Software2
OpenVAS
OpenVAS
added 2009/06/02 12:0 a.m.14 views

Zikula / PostNuke Detection (HTTP)

HTTP based detection of Zikula / PostNuke. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.900620...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2009/05/25 12:0 a.m.34 views

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. myPHPNuke: SQL injection, crossite scripting. PostNuke: SQL injection...

1.5AI score
Exploits0References7Affected Software5
securityvulns
securityvulns
added 2009/05/25 12:0 a.m.34 views

SQL Injection vulnerability in PostNuke

Здравствуйте 3APA3A! Сообщаю вам о найденной мною ещё 24.08.2008 SQL Injection уязвимости в системе PostNuke. SQL Injection: http://site/modules.php?op=modload&name=News&file=article&sid=-120or20version3E4 Уязвима версия PostNuke 0.7.1 и предыдущие версии и потенциально следующие версии...

0.2AI score
Exploits0
NVD
NVD
added 2009/02/24 11:30 p.m.19 views

CVE-2009-0728

SQL injection vulnerability in the MyeGallery module for MAXdev MDPro MD-Pro and Postnuke allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php...

7.5CVSS8.4AI score0.0095EPSS
Exploits2References2
Prion
Prion
added 2009/02/24 11:30 p.m.23 views

Sql injection

SQL injection vulnerability in the MyeGallery module for MAXdev MDPro MD-Pro and Postnuke allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php...

7.5CVSS9AI score0.0095EPSS
Exploits2References2
Cvelist
Cvelist
added 2009/02/24 11:0 p.m.26 views

CVE-2009-0728

SQL injection vulnerability in the MyeGallery module for MAXdev MDPro MD-Pro and Postnuke allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php...

8.4AI score0.0095EPSS
Exploits2References2
CVE
CVE
added 2009/02/24 11:0 p.m.60 views

CVE-2009-0728

The CVE-2009-0728 issue affects MAXdev MDPro (MD-Pro) with the My_eGallery module. The root cause is improper input filtering of the pid parameter in index.php when module=My_eGallery and do=showpic, enabling a remote SQL injection that can execute arbitrary SQL commands. Exploitation details are...

7.5CVSS8.7AI score0.0095EPSS
Exploits2References2Affected Software1
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.23 views

FreeBSD Ports: postnuke

The remote host is missing an update to the system as announced in the referenced advisory. VID f3eec2b5-8cd8-11d9-8066-000a95bc6fae OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

7.5CVSS0.2AI score0.01198EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.24 views

FreeBSD Ports: postnuke

The remote host is missing an update to the system as announced in the referenced advisory. VID 7e580822-8cd8-11d9-8c81-000a95bc6fae OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

4.3CVSS6.7AI score0.01164EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.53 views

FreeBSD Ports: postnuke

The remote host is missing an update to the system as announced in the referenced advisory. VID 0274a9f1-0759-11da-bc08-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

7.5CVSS0.1AI score0.79071EPSS
Exploits6
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.19 views

FreeBSD Ports: postnuke

The remote host is missing an update to the system as announced in the referenced advisory. VID 35f2679f-52d7-11db-8f1a-000a48049292 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

7.5CVSS0.01351EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.11 views

FreeBSD Ports: postnuke

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS7.1AI score0.01351EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.21 views

FreeBSD Ports: postnuke

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS7.1AI score0.01164EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.11 views

FreeBSD Ports: postnuke

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS7.1AI score0.01198EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.20 views

FreeBSD Ports: postnuke

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.5CVSS6.5AI score0.79071EPSS
Exploits6References5
Rows per page
Query Builder