FreeBSD : Remote code injection in phpMyAdmin (142)

The following package needs to be updated: phpMyAdmin %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg0d4c31accb9111d88898000d6111a684.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

phpMyAdmin 2.5.7 - Remote code Injection

phpMyAdmin 2.5.7 - Remote code Injection / phpmy-explt.c written by Nasir Simbolon eagle kecapi com Jakarta, Indonesia June, 10 2004 A phpMyAdmin-2.5.7 exploite program. This is a kind of mysql server wrapper acts like a proxy except that it will sends a fake table name, when client query "SHOW...

phpMyAdmin 2.5.7 Remote code injection Exploit

No description provided by source. / phpmy-explt.c written by Nasir Simbolon nasir kecapi com eagle kecapi com Jakarta, Indonesia June, 10 2004 A phpMyAdmin-2.5.7 exploite program. This is a kind of mysql server wrapper acts like a proxy except that it will sends a fake table name, when client...

phpMyAdmin 2.5.7 Remote code injection Exploit

Exploit for unknown platform in category web applications ============================================== phpMyAdmin 2.5.7 Remote code injection Exploit ============================================== / phpmy-explt.c written by Nasir Simbolon eagle kecapi com Jakarta, Indonesia June, 10 2004 A...

phpMyAdmin 2.5.7 - Remote code Injection

/ phpmy-explt.c written by Nasir Simbolon eagle kecapi com Jakarta, Indonesia June, 10 2004 A phpMyAdmin-2.5.7 exploite program. This is a kind of mysql server wrapper acts like a proxy except that it will sends a fake table name, when client query "SHOW TABLES", by replacing the real table name...

Remote code injection in phpMyAdmin

This vulnerability would allow remote user to inject PHP code to be executed by eval function. This vulnerability is only exploitable if variable $cfg'LeftFrameLight' is set to FALSE in file config.inc.php...

security flaw

Cross-site scripting XSS vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using readbody.php...

TikiWiki Project 1.8 - Add Site Multiple Options Remote Code Injections

TikiWiki Project 1.8 - Add Site Multiple Options Remote Code Injections source: https://www.securityfocus.com/bid/10100/info Multiple vulnerabilities have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as...

TikiWiki Project 1.8 - Add Site Multiple Options Remote Code Injections

source: https://www.securityfocus.com/bid/10100/info Multiple vulnerabilities have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting, HTML injection, SQL injection,...

CVE-2004-1825

Cross-site scripting XSS vulnerability in index.php in Mambo Open Source 4.5 stable 1.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the 1 return or 2 moschangetemplate parameters...

gallery -- remote code injection via HTTP_POST_VARS

A web server running Gallery can be exploited for arbitrary PHP code execution through the use of a maliciously crafted URL...

CVE-2004-0091

CVE-2004-0091 is an XSS issue in vBulletin’s register.php (unknown versions) exploitable via the reg_site parameter. The vendor disputes the existence of reg_site/reg_site variable in vBulletin 2/3 sources; no concrete exploitation or fix/version details are provided in the connected documents. R...

CVE-2003-1293

Multiple cross-site scripting XSS vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the 1 Name, 2 Email and 3 Message fields when signing the guestbook...

CVE-2003-1227

PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the GALLERYBASEDIR parameter, a different vulnerability than CVE-2002-1412. NOTE: this issue...

CVE-2003-1420

Cross-site scripting XSS vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header...

[UNIX] Snif Script Cross Site Scripting Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

IdealBB 1.4.9 Beta - HTML Injection

source: https://www.securityfocus.com/bid/8480/info IdealBB is prone to an HTML injection vulnerability. This could permit remote attackers to inject malicious HTML and script code into board messages. The attacker's code may be rendered in the web browser of the user viewing the malicious messag...

Clickcess ChitChat.NET - name Cross-Site Scripting

Clickcess ChitChat.NET - name Cross-Site Scripting source: https://www.securityfocus.com/bid/8417/info It has been reported that a html injection issue exists in the Clickcess ChitChat.NET discussion forum software. The vulnerability is reported to be present in the Name and Topic Title text boxe...

CVE-2003-0320

header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcmsuseradmin parameter to "1" and modifying the adminroot parameter to point to a URL that contains a Trojan horse header.inc.php script...

CVE-2003-0320

CVE-2003-0320 affects ttCMS 2.3 and earlier. The vulnerability allows remote attackers to inject arbitrary PHP code by setting ttcms_user_admin=1 and altering admin_root to point to a URL containing a Trojan horse header.inc.php script. Documented impact indicates possible arbitrary PHP code exec...