2982 matches found
CVE-2008-5784
CVE-2008-5784 affects V3 Chat – Profiles/Dating Script 3.0.2. The root cause is an authentication bypass: setting the admin cookie to 1 grants remote attackers administrative access. Impact is described as remote authentication bypass with full admin privileges (per the sources). There is no expl...
Pro Chat Rooms 3.0.2 XSS / XSRF
Pro Chat Rooms Version 3.0.2 XSS/CSRF Vulnerabilties AUTHOR : ZynbER MAiL : ZynbERatGmaildotcom HOME : NoWhere Script WebSite : http://www.prochatrooms.com Version : Pro Chat Rooms Version 3.0.2 EXPLOITS : -==XSS==- http://www.yoursite.com/path/profiles/index.php?gud=XSSED Vulnerable code in...
Sql injection
SQL injection vulnerability in Pro Chat Rooms 3.0.3, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the gud parameter to 1 profiles/index.php and 2 profiles/admin.php...
v3chatprofiles-insecure.txt
V3 Chat - Profiles/Dating Script v3.0.2 Insecure Cookie Handling Vulnerability + Discovered By : Mountassif Moad + Greetz : All my freind Exploit: javascript:document.cookie = "admin=1; path=/";...
V3 Chat - Profiles/Dating Script 3.0.2 Insecure Cookie Handling Vuln
No description provided by source. + V3 Chat - Profiles/Dating Script v3.0.2 Insecure Cookie Handling Vulnerability + Discovered By : Mountassif Moad + Greetz : All my freind Exploit: javascript:document.cookie = "admin=1; path=/";...
V3 Chat Profiles/Dating Script 3.0.2 (Auth Bypass) SQL Injection Vuln
No description provided by source. V3 Chat - Profiles/Dating Script v3.0.2 Auth Bypass Vulnerability ----------------------------------------------------------------- Discovered By: d3b4g contact: bl4ckendatgmaildotcom Risk: High -------------------------------------------------------------------...
V3 Chat ProfilesDating Script 3.0.2 - Insecure Cookie Handling
V3 Chat ProfilesDating Script 3.0.2 - Insecure Cookie Handling + V3 Chat - Profiles/Dating Script v3.0.2 Insecure Cookie Handling Vulnerability + Discovered By : Mountassif Moad + Greetz : All my freind Exploit: javascript:document.cookie = "admin=1; path=/"; milw0rm.com 2008-11-08...
V3 Chat ProfilesDating Script 3.0.2 - Authentication Bypass
V3 Chat ProfilesDating Script 3.0.2 - Authentication Bypass V3 Chat - Profiles/Dating Script v3.0.2 Auth Bypass Vulnerability ----------------------------------------------------------------- Discovered By: d3b4g contact: bl4ckendatgmaildotcom Risk: High...
V3 Chat - Profiles/Dating Script 3.0.2 Insecure Cookie Handling Vuln
Exploit for unknown platform in category web applications ==================================================================== V3 Chat - Profiles/Dating Script 3.0.2 Insecure Cookie Handling Vuln ==================================================================== + V3 Chat - Profiles/Dating Scri...
V3 Chat Profiles/Dating Script 3.0.2 - Authentication Bypass
V3 Chat - Profiles/Dating Script v3.0.2 Auth Bypass Vulnerability ----------------------------------------------------------------- Discovered By: d3b4g contact: bl4ckendatgmaildotcom Risk: High --------------------------------------------------------------------- Exploit: USe this information to...
V3 Chat Profiles/Dating Script 3.0.2 - Insecure Cookie Handling
V3 Chat - Profiles/Dating Script v3.0.2 Insecure Cookie Handling Vulnerability + Discovered By : Mountassif Moad + Greetz : All my freind Exploit: javascript:document.cookie = "admin=1; path=/"; milw0rm.com 2008-11-08...
CVE-2008-4805
Multiple cross-site scripting XSS vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via 1 the community title, 2 API input, and vectors related to the 3 Homepage, 4 Blogs, 5 Profiles, 6 Dogear, 7 Activities, and 8 Global Search...
CVE-2008-4809
Multiple unspecified vulnerabilities in the Profiles search pages in IBM Lotus Connections 2.x before 2.0.1 have unknown impact and attack vectors related to "Active" content. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Information disclosure
Multiple unspecified vulnerabilities in the Profiles search pages in IBM Lotus Connections 2.x before 2.0.1 have unknown impact and attack vectors related to "Active" content. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in IBM Lotus Connections 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via 1 the community title, 2 API input, and vectors related to the 3 Homepage, 4 Blogs, 5 Profiles, 6 Dogear, 7 Activities, and 8 Global Search...
CVE-2008-4809
Multiple unspecified vulnerabilities in the Profiles search pages in IBM Lotus Connections 2.x before 2.0.1 have unknown impact and attack vectors related to "Active" content. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-4809
Technical details for CVE-2008-4809 are not publicly available in the provided documents. No concrete affected products/versions or exploits are listed. Monitor for updates.
e107-sql.txt
e107 Plugin alternateprofiles newuser.php?id Remote SQL-injetion Vulnerability Author boom3rang -------------------------------- Site www.khg-crew.ws -------------------------------- Greetz KHG & H!tm@N & chs & redc00de & proxy-ki11er & Hurley -------------------------------- ! Script Name: E107 ...
Code injection
PhpWebGallery 1.7.0 and 1.7.1 allows remote authenticated users with advisor privileges to obtain the real e-mail addresses of other users by editing the user's profile...
MS Internet Explorer / MSN ICC Profiles Crash PoC Exploit
No description provided by source. /-----------------------------edwardgagnon--------------/ Can crash msn and execute commands Windows has a buffer overflow vulnerability in the processing of embedded ICC Profiles inside images jpeg, tiff, etc... To test - create a jpeg in adobe photoshop and sa...