1341 matches found
exoops-sql.txt
E-xoops multiple variable/scripts SQL injection vendor url: http://www.e-xoops.com Advisore: http://lostmon.blogspot.com/2007/12/ e-xoops-multiple-variablescripts-sql.html vendor notify:NO exploits available: YES E-xoops is content-community management system written in PHP-MySQL. E-xoops contain...
E-Xoops 1.0.51.0.8 - modulesarcadeindex.php?gid SQL Injection
E-Xoops 1.0.51.0.8 - modulesarcadeindex.php?gid SQL Injection source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could...
E-Xoops 1.0.51.0.8 - adressesratefile.php?lid SQL Injection
E-Xoops 1.0.51.0.8 - adressesratefile.php?lid SQL Injection source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could...
E-Xoops 1.0.51.0.8 - myalbumratephoto.php?lid SQL Injection
E-Xoops 1.0.51.0.8 - myalbumratephoto.php?lid SQL Injection source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could...
E-Xoops 1.0.51.0.8 - mydownloadsratefile.php?lid SQL Injection
E-Xoops 1.0.51.0.8 - mydownloadsratefile.php?lid SQL Injection source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues coul...
E-Xoops 1.0.51.0.8 - mylinksratelink.php?lid SQL Injection
E-Xoops 1.0.51.0.8 - mylinksratelink.php?lid SQL Injection source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could...
E-Xoops 1.0.51.0.8 - modulesbannersclick.php?bid SQL Injection
E-Xoops 1.0.51.0.8 - modulesbannersclick.php?bid SQL Injection source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues coul...
E-Xoops 1.0.51.0.8 - mysectionsratefile.php?lid SQL Injection
E-Xoops 1.0.51.0.8 - mysectionsratefile.php?lid SQL Injection source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could...
E-Xoops 1.0.5/1.0.8 - '/myalbum/ratephoto.php?lid' SQL Injection
source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...
E-Xoops 1.0.5/1.0.8 - '/modules/banners/click.php?bid' SQL Injection
source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...
E-Xoops 1.0.5/1.0.8 - '/mydownloads/ratefile.php?lid' SQL Injection
source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...
E-Xoops 1.0.5/1.0.8 - '/mylinks/ratelink.php?lid' SQL Injection
source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...
E-Xoops 1.0.5/1.0.8 - '/modules/arcade/index.php?gid' SQL Injection
source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...
E-Xoops 1.0.5/1.0.8 - '/adresses/ratefile.php?lid' SQL Injection
source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...
E-Xoops 1.0.5/1.0.8 - '/mysections/ratefile.php?lid' SQL Injection
source: https://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or...
RunCMS <= 1.6 Local File Inclusion Vulnerability
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: RunCms Multiple Vulnerabilities Vendor: http://www.runcms.org/ Bugs: Local File Inclusion, Modules Authorization Weakness Vulnerable Version: RunCMS 1.6 Halloween, 1.5.x prior versio...
RunCMS <= 1.6 Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ================================================ RunCMS Local File Inclusion Remote Code Execution Code Snippet: /include/common.php line131-143 // :: Register Globals Compatibility :: $globalstest = @ini...
bcoos 1.0.10 (LFI / SQL Injection) Multiple Remote Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: Bcoos Multiple Vulnerabilities Vendor: http://www.bcoos.net/ Bugs: Local File Inclusion, Sql Injection Vulnerable Version: bcoos 1.0.10 prior versions also may be affected...
CVE-2004-2756
Cross-site scripting XSS vulnerability in viewtopic.php in Xoops 2.x, possibly 2 through 2.0.5, allows remote attackers to inject arbitrary web script or HTML via the 1 forum and 2 topicid parameters...
CVE-2004-2756
CVE-2004-2756 is a Cross-site Scripting (XSS) vulnerability in XOOPS. The flaw affects viewtopic.php in XOOPS 2.x (possibly up to 2.0.5) and allows remote attackers to inject arbitrary web script or HTML via the (1) forum and (2) topic_id parameters. Root cause identified in multiple sources as i...