536 matches found
PostNuke FormExpress Module - Blind SQL Injection
Date: 17/03/2010 Software Link: http://sourceforge.net/projects/pn-formexpress/ Version: 0.3.2 PostNuke ContentExpress Module Blind Sql Injection Reported by Sharif University of Technology CSIRT Vulnerability Analysis and Penetration Testing Group cert.sharif.edu , nsc.sharif.edu === POC ===...
PHP XML-RPC Arbitrary Code Execution
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'PHP XML-RPC...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PostNuke: SQL injection...
New SQL Injection vulnerability in PostNuke
Здравствуйте 3APA3A! Сообщаю вам о найденной мною SQL Injection уязвимости в системе PostNuke. В дополнение к ранее найденной SQL Injection в PostNuke http://websecurity.com.ua/3169/. SQL Injection: http://site/modules.php?op=modload&name=AStatic&file=index&sid=-120or20version3E4 Уязвима версия...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. PostNuke: SQL injection...
Zikula / PostNuke Detection (HTTP)
HTTP based detection of Zikula / PostNuke. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.900620...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. myPHPNuke: SQL injection, crossite scripting. PostNuke: SQL injection...
SQL Injection vulnerability in PostNuke
Здравствуйте 3APA3A! Сообщаю вам о найденной мною ещё 24.08.2008 SQL Injection уязвимости в системе PostNuke. SQL Injection: http://site/modules.php?op=modload&name=News&file=article&sid=-120or20version3E4 Уязвима версия PostNuke 0.7.1 и предыдущие версии и потенциально следующие версии...
CVE-2009-0728
SQL injection vulnerability in the MyeGallery module for MAXdev MDPro MD-Pro and Postnuke allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php...
Sql injection
SQL injection vulnerability in the MyeGallery module for MAXdev MDPro MD-Pro and Postnuke allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php...
CVE-2009-0728
SQL injection vulnerability in the MyeGallery module for MAXdev MDPro MD-Pro and Postnuke allows remote attackers to execute arbitrary SQL commands via the pid parameter in a showpic action to index.php...
CVE-2009-0728
The CVE-2009-0728 issue affects MAXdev MDPro (MD-Pro) with the My_eGallery module. The root cause is improper input filtering of the pid parameter in index.php when module=My_eGallery and do=showpic, enabling a remote SQL injection that can execute arbitrary SQL commands. Exploitation details are...
FreeBSD Ports: postnuke
The remote host is missing an update to the system as announced in the referenced advisory. VID f3eec2b5-8cd8-11d9-8066-000a95bc6fae OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: postnuke
The remote host is missing an update to the system as announced in the referenced advisory. VID 7e580822-8cd8-11d9-8c81-000a95bc6fae OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: postnuke
The remote host is missing an update to the system as announced in the referenced advisory. VID 0274a9f1-0759-11da-bc08-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: postnuke
The remote host is missing an update to the system as announced in the referenced advisory. VID 35f2679f-52d7-11db-8f1a-000a48049292 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: postnuke
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: postnuke
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: postnuke
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: postnuke
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...