134 matches found
CVE-2010-0700
The CVE-2010-0700 entry describes a remote XSS in WampServer via the lang parameter in index.php (vulnerability in WampServer 2.0i). The root cause is improper sanitization of user-supplied input, allowing arbitrary script code to be executed in the victim’s browser. Exploitation details are not ...
WampServer 2.0i (index.php) Remote Cross Site Scripting Vulnerability
Exploit for unknown platform in category web applications ===================================================================== WampServer 2.0i index.php Remote Cross Site Scripting Vulnerability =====================================================================...
WampServer 2.0i Cross Site Scripting
---------------------------------------------------------------- Title: WampServer 2.0i index.php Remote Cross Site Scripting Vulnerability Summary: WampServer - Apache, PHP, MySQL on Windows Product web page: http://www.wampserver.com Current version: 2.0i Vulnerability discovered by Gjoko...
WampServer 2.0i - lang Cross-Site Scripting
WampServer 2.0i - lang Cross-Site Scripting source: https://www.securityfocus.com/bid/38357/info WampServer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
WampServer 2.0i (index.php) Remote Cross Site Scripting Vulnerability
Summary WampServer - Apache, PHP, MySQL on Windows. Description WampServer is susceptible to cross-site scripting vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input. An attacker may leverage any of the cross-site scripting issues to have arbitra...
WampServer 2.0i - 'lang' Cross-Site Scripting
source: https://www.securityfocus.com/bid/38357/info WampServer is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...
ProfitCode Shopping Cart Local File Inclusion / Remote File Inclusion
Exploit Title: ProfitCode Shopping Cart Multi Vulnerability LFI/RFI Date: 2010-01-09 Author: Zer0 Thunder Site : http://www.profitcode.net/ - http://profbiz-cart.sourceforge.net/ Software Link: http://sourceforge.net/project/platformdownload.php?groupid=258424 Tested on: Windows XP sp2 WampServer...
ProfitCode Shopping Cart - Multiple Local/Remote File Inclusion Vulnerabilities
Author: Zer0 Thunder Site : http://www.profitcode.net/ - http://profbiz-cart.sourceforge.net/ Tested on: Windows XP sp2 WampServer 2.0i - There are Cople of pages that has the LFI vuln Vuln c0de : dl-authcontent.php $returlvar = "dloads"; include "$docroot" . "tplates/usrauthlogin.php"; exit;...
ProfitCode Shopping Cart Multiple LFI/RFI Vulnerabilities
Exploit for unknown platform in category web applications ========================================================= ProfitCode Shopping Cart Multiple LFI/RFI Vulnerabilities ========================================================= Author: Zer0 Thunder Site : http://www.profitcode.net/ -...
ProfitCode Shopping Cart - Multiple LocalRemote File Inclusion Vulnerabilities
ProfitCode Shopping Cart - Multiple LocalRemote File Inclusion Vulnerabilities Author: Zer0 Thunder Site : http://www.profitcode.net/ - http://profbiz-cart.sourceforge.net/ Tested on: Windows XP sp2 WampServer 2.0i - There are Cople of pages that has the LFI vuln Vuln c0de : dl-authcontent.php...
PHPDirector Game Edition Cross Site Scripting / Local File Inclusion / SQL Injection
Exploit Title: PHPDirector Game Edition Multiple Vulnerabilities LFI/SQLi/Xss Date: 2010-01-05 Author: Zer0 Thunder Site : http://www.play-online.bzh.be/forum/ Software Link: http://www.play-online.bzh.be/forum/download/phpdirectorgameedition.zip Version: v0.1 Tested on: Windows XP sp2 WampServer...
Docebo 3.6.0.2 (stable) - Local File Inclusion
Exploit Title: Docebo 3.6.0.2 stable Local File Inclusion Date: 2010-01-06 Author: Zer0 Thunder Site : http://www.docebolms.org/ Software Link: http://www.docebolms.org/doceboCms/ Version: 3.6.0.2 Tested on: Windows XP sp2 WampServer 2.0i CVE : Code : Exploit :...
Docebo 3.6.0.2 (stable) - Local File Inclusion
Docebo 3.6.0.2 stable - Local File Inclusion Exploit Title: Docebo 3.6.0.2 stable Local File Inclusion Date: 2010-01-06 Author: Zer0 Thunder Site : http://www.docebolms.org/ Software Link: http://www.docebolms.org/doceboCms/ Version: 3.6.0.2 Tested on: Windows XP sp2 WampServer 2.0i CVE : Code :...
PHPDirector Game Edition 0.1 - Local File Inclusion SQL Injection Cross-Site Scripting
PHPDirector Game Edition 0.1 - Local File Inclusion SQL Injection Cross-Site Scripting Exploit Title: PHPDirector Game Edition Multiple Vulnerabilities LFI/SQLi/Xss Date: 2010-01-05 Author: Zer0 Thunder Site : http://www.play-online.bzh.be/forum/ Version: v0.1 Tested on: Windows XP sp2 WampServer...