3009 matches found
Feed on Feeds 0.5 - Remote PHP Code Injection
strtolower$b"'.$key.'" ? -1 : 1;'; 1096. 1097. else 1098. 1099. $compare = createfunction'$a,$b','if strtolower$a"'.$key.'" == strtolower$b"'.$key.'" return 0;else return strtolower$a"'.$key.'" strtolower$b"'.$key.'" ? -1 : 1;'; 1100. 1101. 1102. usort$tab,$compare ; 1103. return $tab ; 1104. The...
Feed on Feeds 0.5 - Remote PHP Code Injection
Feed on Feeds 0.5 - Remote PHP Code Injection strtolower$b"'.$key.'" ? -1 : 1;'; 1096. 1097. else 1098. 1099. $compare = createfunction'$a,$b','if strtolower$a"'.$key.'" == strtolower$b"'.$key.'" return 0;else return strtolower$a"'.$key.'" strtolower$b"'.$key.'" ? -1 : 1;'; 1100. 1101. 1102...
Feed on Feeds <= 0.5 Remote PHP Code Injection Exploit
Exploit for php platform in category web applications strtolower$b"'.$key.'" ? -1 : 1;'; 1096. 1097. else 1098. 1099. $compare = createfunction'$a,$b','if strtolower$a"'.$key.'" == strtolower$b"'.$key.'" return 0;else return strtolower$a"'.$key.'" strtolower$b"'.$key.'" ? -1 : 1;'; 1100. 1101...
CVE-2010-4850
CVE-2010-4850 affects Diferior 8.03, with multiple XSS vulnerabilities in post_content (post/edit/2/p1.html), slogan (admin/site/2.html), and subcatname/description (admin/forum/create_sub.html). Root cause is insufficient input sanitization, allowing remote attackers to inject arbitrary script/H...
CVE-2011-2932
Cross-site scripting XSS vulnerability in activesupport/lib/activesupport/coreext/string/outputsafety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a...
DEBIAN-CVE-2011-2506
setup/lib/ConfigGenerator.class.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal...
phpMyAdmin Prior to 3.3.10.2 and 3.4.3.1 多个远程漏洞
phpMyAdmin是容易发生多个远程漏洞,包括PHP代码执行和本地文件包含漏洞。 成功的攻击可能会危及受影响的应用程序和可能底层的计算机。 phpMyAdmin版本3.3.10.2和3.4.3.1是脆弱的。 Typo3 phpMyAdmin 4.11.1 phpMyAdmin phpMyAdmin 3.4.3 phpMyAdmin phpMyAdmin 3.3.8 phpMyAdmin phpMyAdmin 3.3.7 phpMyAdmin phpMyAdmin 3.3.6 phpMyAdmin phpMyAdmin 3.4.1 phpMyAdmin phpMyAdmin 3.3.9....
phpMyAdmin 3.x - Swekey Remote Code Injection
phpMyAdmin 3.x - Swekey Remote Code Injection ':'';? . , \ . . ,/ , / , \ \ // / / / \ | | \ / | |\ /| | | | | | | | / | | | | / | | | || | | | | | \ \ | | | || | \ \ | | | | | | | | | | | | / / | | | | | | | | | | | | | | | |// || || | |// || || ||| | || ||| || | ||...
phpMyAdmin 3.x - Swekey Remote Code Injection
':'';? . , \ . . ,/ , / , \ \ // / / / \ | | \ / | |\ /| | | | | | | | / | | | | / | | | || | | | | | \ \ | | | || | \ \ | | | | | | | | | | | | / / | | | | | | | | | | | | | | | |// || || | |// || || ||| | || ||| || | ||...
phpMyAdmin 3.x Swekey Remote Code Injection Exploit
Exploit for php platform in category web applications ':'';? . , \ . . ,/ , / , \ \ // / / / \ | | \ / | |\ /| | | | | | | | / | | | | / | | | || | | | | | \ \ | | | || | \ \ | | | | | | | | | | | | / / | | | | | | | | | | | | | | | |// || || | |// || || ||| | || ||| || | ||...
phpMyAdmin 3.x Swekey Remote Code Injection Exploit
No description provided by source. ?php / Exploit Title: phpMyAdmin 3.x Swekey Remote Code Injection Exploit Date: 2011-07-09 Author: Mango of ha.xxor.se Version: phpMyAdmin 3.3.10.2 || phpMyAdmin 3.4.3.1 CVE : CVE-2011-2505, CVE-2011-2506 Advisory:...
CVE-2011-2626
Opera before 11.50 allows remote attackers to cause a denial of service application crash by using "injected script" to set the SRC attribute of an IFRAME element...
CVE-2011-1815
CVE-2011-1815 affects Google Chrome (pre-12.0.742.91). The vulnerability allows remote attackers to inject script into a tab page via vectors related to extensions, specifically extension script injection into new tab page. The issue is tied to Chrome’s extension framework and is mitigated by upd...
Cross site scripting
Cross-site scripting XSS vulnerability in HP Proliant Support Pack PSP before 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-1714
Cross-site scripting XSS vulnerability in framework/source/resource/qx/test/jsonpprimitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remote attackers to inject arbitrary web script or HTML via the callback parameter...
CVE-2011-1524
CVE-2011-1524 is an XSS vulnerability in the Symantec LiveUpdate Administrator (LUA) management login GUI prior to version 2.3. The issue allows remote attackers to inject arbitrary script via the username field, demonstrated by inserting an IFRAME into the event log. Affected component is the LU...
CVE-2010-3274
Affected product/version: ManageEngine ADSelfService Plus (Zoho) prior to 4.5 Build 4500. Vulnerability type: Cross‑site scripting (XSS) in EmployeeSearch.cc, affecting the search functionality; exploits reflect user input back to the page. Impact/reason: Remote attackers can inject arbitrary scr...
CVE-2011-0446
Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...
Smarty Template Engine 2.6.9 - '$smarty.template' PHP Code Injection
source: https://www.securityfocus.com/bid/46366/info Smarty Template Engine is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the webserver process. This may facilitate a compromise of the applicati...
CVE-2011-0526
CVE-2011-0526 is a documented XSS in Vanilla Forums prior to 2.0.17. An attacker could inject arbitrary script/HTML via the Target parameter in the /entry/signin action (index.php). The Red Hat and NVD entries confirm the affected product and vector, with no exploitation details provided in the s...