Lucene search
K

58 matches found

0day.today
0day.today
added 2012/02/22 12:0 a.m.26 views

Limesurvey (PHPSurveyor v.1.91+ stable) Blind SQL Injection

Exploit for php platform in category web applications Exploit Title: LimeSurvey Blind SQL injection Author: TorTukiTu - OpenSphere Version: 1.91+ build 11804 Tested on: php ckeprotectedCckeprotectedC ------------------------------------------------------------------------- TorTukiTu - Killing...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2012/02/22 12:0 a.m.14 views

LimeSurvey (PHPSurveyor 1.91+ stable) - Blind SQL Injection

LimeSurvey PHPSurveyor 1.91+ stable - Blind SQL Injection Exploit Title: LimeSurvey Blind SQL injection Date: 20/02/2012 Author: TorTukiTu - OpenSphere Version: 1.91+ build 11804 Tested on: php ckeprotectedCckeprotectedC -------------------------------------------------------------------------...

0.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2011/07/18 12:0 a.m.13 views

Fedora 15 : phpMyAdmin-3.4.3.1-1.fc15 (2011-9132)

Changes for 3.4.3.1 2011-06-07 - PMASA-2011-5 Possible session manipulation in Swekey authentication http://www.phpmyadmin.net/homepage/security/PMASA-2011 -5.php - PMASA-2011-6 Possible code injection in setup script in case session variables are compromised...

5.5AI score
Exploits0References6
Packet Storm
Packet Storm
added 2011/07/08 12:0 a.m.62 views

phpMyAdmin 3.x Remote Code Execution

phpMyAdmin 3.x Multiple Remote Code Executions This post details a few interesting vulnerabilities I found while relaxing and reading the sourcecode of phpMyAdmin. My original advisory can be found here. If you would like me to audit your PHP project, check out Xxor's PHP code auditing service. T...

7.5CVSS0.12879EPSS
Exploits18
phpMyAdmin
phpMyAdmin
added 2011/07/02 12:0 a.m.57 views

Possible code injection in setup script in case session variables are compromised.

PMASA-2011-6 Announcement-ID: PMASA-2011-6 Date: 2011-07-02 Summary Possible code injection in setup script in case session variables are compromised. Description An unsanitized key from the Servers array is written in a comment of the generated config. An attacker can modify this key by modifyin...

7.5CVSS5.8AI score0.09626EPSS
Exploits14Affected Software1
RedHat Linux
RedHat Linux
added 2010/11/29 9:31 p.m.3 views

php: session serializer session data injection vulnerability (MOPS-2010-060)

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...

5CVSS5.9AI score0.0219EPSS
Exploits1References4
Cvelist
Cvelist
added 2010/08/20 7:0 p.m.27 views

CVE-2010-3065

The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly handle the PSUNDEFMARKER marker, which allows context-dependent attackers to modify arbitrary session variables via a crafted session variable name...

9.4AI score0.0219EPSS
Exploits1References7
NVD
NVD
added 2009/12/31 7:30 p.m.10 views

CVE-2009-4533

The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders for a default value, which allows remote attackers to read session variables via unspecified vectors...

5CVSS6.7AI score0.01524EPSS
Exploits0References8
Prion
Prion
added 2009/12/31 7:30 p.m.11 views

Code injection

The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders for a default value, which allows remote attackers to read session variables via unspecified vectors...

5CVSS7.2AI score0.01524EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2009/12/31 7:0 p.m.38 views

CVE-2009-4533

CVE-2009-4533 affects the Drupal Webform module (5.x before 5.x-2.8 and 6.x before 6.x-2.8). The underlying issue is that pages containing token placeholders for a default value are not prevented from being cached, which can allow remote attackers to read session variables via unspecified vectors...

5CVSS6.7AI score0.01524EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2009/12/31 7:0 p.m.16 views

CVE-2009-4533

The Webform module 5.x before 5.x-2.8 and 6.x before 6.x-2.8, a module for Drupal, does not prevent caching of a page that contains token placeholders for a default value, which allows remote attackers to read session variables via unspecified vectors...

6.7AI score0.01524EPSS
Exploits0References8
Packet Storm
Packet Storm
added 2009/07/24 12:0 a.m.17 views

Scripteen Free Image Hosting Script 2.3 SQL Injection

=================== Scripteen Free Image Hosting Script v2.3 SQL Injection vulnerable =================== The vulnerable: header.php line 53-62 $userid=$SESSION'userid'; $usergid=$SESSION'usergid'; if !$userid || empty$userid || $userid=="" $userid = $COOKIE'cookid'; if !$usergid || empty$usergid...

0.8AI score
Exploits0
Drupal
Drupal
added 2009/05/27 12:0 a.m.14 views

SA-CONTRIB-2009-031 - Ajax Session - Multiple vulnerabilities

The Ajax session module allows users to set PHP session variables using AJAX. The module does not make proper use of the Drupal API, leaving it open to multiple vulnerabilities, including Cross Site Request Forgeries CSRF and Cross Site Scripting XSS. Versions affected Ajax Session 5.x-1.0 Drupal...

7AI score
Exploits0References4
Exploit DB
Exploit DB
added 2007/02/19 12:0 a.m.22 views

Powerschool 4.3.6/5.1.2 - JavaScript File Request Information Disclosure

source: https://www.securityfocus.com/bid/22611/info Powerschool is prone to an information-disclosure vulnerability because the application discloses information about administrative session variables. An attacker can exploit these issue to obtain sensitive information that may aid in other...

7.4AI score
Exploits0
Prion
Prion
added 2006/02/10 11:2 a.m.25 views

Code injection

desktop.php in eyeOS 0.8.9 and earlier tests for the existence of the SESSION variable before calling the sessionstart function, which allows remote attackers to execute arbitrary PHP code and possibly conduct other attacks by modifying critical assumed-immutable variables, as demonstrated using...

7.5CVSS8.2AI score0.01806EPSS
Exploits0References8Affected Software1
securityvulns
securityvulns
added 2006/01/12 12:0 a.m.27 views

[Full-disclosure] Session data pollution vulnerabilities in web applications

In web applications I've tested recently I have stumbled upon something that seems to be new class of bugs. Quick googling did not turn up any reference to this kind of vulnerabilities, so I thought I should describe it. The problem boils down to the application reusing the same session variable...

7.5AI score
Exploits0
securityvulns
securityvulns
added 2005/07/02 12:0 a.m.32 views

[Full-disclosure] Advisory 05/2005: Cacti Authentification/Addslashes Bypass Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened - PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Cacti Authentification/Addslashes Bypass Vulnerability Release Date: 2005/07/01 Last Modified: 2005/07/01 Author: Stefan Esser [email protected] Application: Cacti =...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.26 views

coldfusion.fixes.txt

Date: Mon, 24 May 1999 15:00:52 -0700 From: [email protected] To: [email protected] Subject: New Allaire Security Zone Bulletins and KB Articles Dear ColdFusion Customer- Several new security issues that may affect ColdFusion customers have come to our attention recently. Please visit the...

7.4AI score
Exploits0
Rows per page
Query Builder