CVE-2009-4851

The activation resend function in the Profiles module in XOOPS before 2.4.1 sends activation codes in response to arbitrary activation requests, which allows remote attackers to bypass administrative approval via a request involving activate.php...

CVE-2024-9318

A vulnerability, which was classified as critical, has been found in SourceCodester Advocate Office Management System 1.0. Affected by this issue is some unknown functionality of the file /control/activate.php. The manipulation of the argument id leads to sql injection. The attack may be launched...

Online Class and Exam Scheduling System activate.php File SQL Injection Vulnerability

Online Class and Exam Scheduling System is an online class and exam scheduling system. The Online Class and Exam Scheduling System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter id of /pages/activate.php. An...

PT-2025-11549 · Unknown · Code-Projects Online Class/Exam Scheduling System

Name of the Vulnerable Software and Affected Versions: code-projects Online Class and Exam Scheduling System version 1.0 Description: A critical issue has been found in the system, affecting the processing of the file /pages/activate.php. The manipulation of the id argument leads to SQL injection...

CVE-2024-9318 SourceCodester Advocate Office Management System activate.php sql injection

A vulnerability, which was classified as critical, has been found in SourceCodester Advocate Office Management System 1.0. Affected by this issue is some unknown functionality of the file /control/activate.php. The manipulation of the argument id leads to sql injection. The attack may be launched...

PT-2024-39567 · Sourcecodester · Sourcecodester Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Advocate Office Management System version 1.0 Description: A critical issue has been found in the system, affecting some unknown functionality of the file /control/activate.php. The manipulation of the id argument leads to SQL...

PT-2022-26010 · WordPress · Contest Gallery Pro +1

Name of the Vulnerable Software and Affected Versions: Contest Gallery WordPress plugin versions prior to 19.1.5.1 Contest Gallery Pro WordPress plugin versions prior to 19.1.5.1 Description: The issue allows malicious users with at least author privilege to leak sensitive information from the...

powermovielist 0.14b (sql/xss) Multiple Vulnerabilities

No description provided by source. =============================================================================================== Found : brainpillow Dork : PowerMovieList 0.14 Beta Copyright Visit : brainpillow.cc, forum.antichat.ru, raz0r.name Mail : [email protected]...

Cyclope Employee Surveillance Solution Local File Inclusion Vulnerability

This host is running Cyclope Employee Surveillance Solution and is prone to local file inclusion vulnerability. OpenVAS Vulnerability Test $Id: gbcyclopeemployeesurveillancelfivuln.nasl 7577 2017-10-26 10:41:56Z cfischer $ Cyclope Employee Surveillance Solution Local File Inclusion Vulnerability...

CVE-2009-4851

The activation resend function in the Profiles module in XOOPS before 2.4.1 sends activation codes in response to arbitrary activation requests, which allows remote attackers to bypass administrative approval via a request involving activate.php...

CVE-2009-2164

Multiple SQL injection vulnerabilities in Kjtechforce mailman beta1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via 1 the code parameter to activate.php or 2 the dest parameter to index.php...

Kjtechforce mailman b1 - Delete Row code SQL Injection

Kjtechforce mailman b1 - Delete Row code SQL Injection || || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ ¡VIVA SPAIN!...¡GANAREMOS EL MUNDIAL!...o.O ¡PROUD TO BE SPANISH!...

Kjtechforce Mailman Beta-1 SQL Injection

|| || || -----------------------------------------\ == -- ----------- ---------------------------- ------------------/ WEB: http://sourceforge.net/projects/kjtechforce/ | |--DOWNLOAD: http://sourceforge.net/projects/kjtechforce/ | |--...

PowerMovieList 0.14b XSS / SQL Injection

=============================================================================================== Found : brainpillow Dork : "PowerMovieList 0.14 Beta Copyright" Visit : brainpillow.cc, forum.antichat.ru, raz0r.name Mail : [email protected]...

Sql injection

SQL injection vulnerability in activate.php in TutorialCMS aka Photoshop Tutorials 1.02, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter...

CVE-2008-0254

SQL injection vulnerability in activate.php in TutorialCMS aka Photoshop Tutorials 1.02, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the userName parameter...

TutorialCMS 1.02 (userName) Remote SQL Injection Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import re class TestPOCPOCBase: vulID = 'SSV-7841' vul ID version = '1' author = 'hh' vulDate = '2008-01-12' createDate =...

tutorialcms102-sql.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- TutorialCMS 1.02 Remote SQL Injection Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- bug found by ka0x contact: ka0x01atgmail.com D.O.M TEAM 2008 we are: ka0x, an0de, xarnuz from spain download...

TutorialCMS 1.02 - Username SQL Injection

TutorialCMS 1.02 - Username SQL Injection -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- TutorialCMS 1.02 Remote SQL Injection Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- bug found by ka0x contact: ka0x01atgmail.com D.O.M TEAM 2008 we are: ka0x, an0de, xarnuz from...

CVE-2006-6360

The CVE-2006-6360 vulnerability affects PHP Upload Center 2.0: activate.php accepts a footerpage parameter that can be controlled by an attacker to include a remote PHP file, enabling arbitrary code execution. It is a networked issue with low access complexity and no authentication, leading to po...