1673 matches found
Unfixed XSS vulnerability at www.salafestival.com
Security researcher X3R0, has submitted on 15/10/2010 a cross-site-scripting XSS vulnerability affecting www.salafestival.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/12/2011. It is currently...
Entrans 0.3.2 Cross Site Scripting / SQL Injection
======================================= Vulnerability ID: HTB22606 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinentrans.html Product: Entrans Vendor: Khader Abbeb N http://sourceforge.net/projects/entrans/ Vulnerable Version: 0.3.2 and Probably Prior Versions Vendor Notification: ...
Unfixed XSS vulnerability at www.veronikazemanova.ic.cz
Security researcher Sony, has submitted on 09/07/2010 a cross-site-scripting XSS vulnerability affecting www.veronikazemanova.ic.cz, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 28/12/2011. It is...
A-Blog v2.0 (sources/search.php) SQL Injection Exploit
Exploit for python platform in category web applications ====================================================== A-Blog v2.0 sources/search.php SQL Injection Exploit ====================================================== !/usr/bin/python Exploit Title: A-Blog v2.0 sources/search.php SQL Injection...
A-Blog 2.0 - sourcessearch.php SQL Injection
A-Blog 2.0 - sourcessearch.php SQL Injection !/usr/bin/python Exploit Title: A-Blog v2.0 sources/search.php SQL Injection Exploit Date : 05 September 2010 Author : Ptrace Security Gianni Gnesa gnix Contact : researchatptrace-securitydotcom Software Link: http://sourceforge.net/projects/a-blog/...
A-Blog 2.0 - '/sources/search.php' SQL Injection
!/usr/bin/python Exploit Title: A-Blog v2.0 sources/search.php SQL Injection Exploit Date : 05 September 2010 Author : Ptrace Security Gianni Gnesa gnix Contact : researchatptrace-securitydotcom Software Link: http://sourceforge.net/projects/a-blog/ Version : 2.0 Tested on : EasyPHP 5.3.1.0 for...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Accessories Me PHP Affiliate Script 1.4 allow remote attackers to inject arbitrary web script or HTML via the 1 Keywords parameter to search.php and 2 SearchIndex parameter to browse.php...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Silurus Classifieds 1.0 allow remote attackers to inject arbitrary web script or HTML via the ID parameter to 1 category.php and 2 wcategory.php, and the 3 keywords parameter to search.php...
CVE-2009-4983
Multiple cross-site scripting XSS vulnerabilities in Silurus Classifieds 1.0 allow remote attackers to inject arbitrary web script or HTML via the ID parameter to 1 category.php and 2 wcategory.php, and the 3 keywords parameter to search.php...
Gazelle CMS - Multiple Vulnerabilities
Gazelle CMS - Multiple Vulnerabilities Exploit Title: AnantaGazelle Local File inclusion / Xss Vulnerabilities Date: 23/08/2010 Author: Sweet Contact : [email protected] Software Link: www.anantasoft.com Download:http://www.anantasoft.com/index.php?Gazelle%20CMS/Download Version: AnantaGazelle1...
Webedition 6.0.0.8 (Search.php) Denial of Service
Exploit for php platform in category web applications =============================================================== Webedition 6.0.0.8 Search.php Denial of Service Vulnerability ===============================================================...
Unfixed XSS vulnerability at deel.xia.jp
Security researcher pimpim, has submitted on 08/07/2010 a cross-site-scripting XSS vulnerability affecting deel.xia.jp, which at the time of submission ranked 4628431 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/07/2010. It is currently...
MyPHP Forum SQL injection vulnerability-vulnerability warning-the black bar safety net
Affected system: MyPHP. ws MyPHP Forum v3. 0 Final Description: BUGTRAQ ID: 2 7 1 1 8 MyPHP Forum is an easy to erect and easy to use based on MySQL with PHP Forum. MyPHP Forum process user requests data when there is an input validation vulnerability, a remote attacker could exploit this...
Unfixed XSS vulnerability at www.comes.com.pl
Security researcher cbr, has submitted on 25/07/2010 a cross-site-scripting XSS vulnerability affecting www.comes.com.pl, which at the time of submission ranked 1117472 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is currently...
Pligg 'search.php' Cross Site Scripting Vulnerability
Pligg is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal...
ecshop shop system is a variant of the invasion-bug warning-the black bar safety net
EXP variants of code:search. php? encode=YToxOntzOjQ6ImF0dHIiO2E6MTp7czoxmju6ijenksbhbmqgmt0yiedst1vqiejzigdvb2rzx2lkihvuaw9uigfsbcbzzwxly3qgy29uy2f0khvzzxjfbmftzswwednhlhbhc3n3b3jklccixccpihvuaw9uihnlbgvjdcaxiyinkswxigzyb20gzwnzx2fkbwlux3vzzxijijtzoje6ijeio319 For example: http://www.. com/searc...
E-Book Store - SQL Injection
E-Book Store - SQL Injection :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information Advisory/Exploit Title = E-Book Store SQL Injection Vulnerability Author = Valentin Hoebel Contact = [email protected] :::::::::::::::::::::::::::::::::::::: 0x2...
E-Book Store - SQL Injection
:::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information Advisory/Exploit Title = E-Book Store SQL Injection Vulnerability Author = Valentin Hoebel Contact = [email protected] :::::::::::::::::::::::::::::::::::::: 0x2...
EasyCarportal Xss / Sql Injection Vulnerability
Exploit for php platform in category web applications =============================================== EasyCarportal Xss / Sql Injection Vulnerability =============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 ...
CVE-2010-2042
SQL injection vulnerability in search.php in ECShop 2.7.2 allows remote attackers to execute arbitrary SQL commands via the encode parameter. NOTE: some of these details are obtained from third party information...