EUVD-2007-3526

Malware in sbrugna...

EUVD-2009-4663

Malware in sbrugna...

CVE-2018-5689

Cross-site scripting XSS vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the malicious user's email...

CVE-2018-5689

Cross-site scripting XSS vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the malicious user's email...

CVE-2009-4699

Multiple cross-site scripting XSS vulnerabilities in SkaDate Dating allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 admin/auth.php and 2 fileuploader.php...

CVE-2008-5880

CVE-2008-5880 affects Gobbl CMS 1.0. The issue is an authentication bypass in admin/auth.php, where setting the auth cookie to "ok" grants administrative access. This is a cookie‑level bypass that can let remote attackers obtain admin privileges without valid credentials. The provided documents i...

Gobbl CMS 1.0 Insecure Cookie Handling

--------------------------- Gobbl Cms 1.0 I.Cookie Hand. --------------------------- Autore: x0r Evolution Team Email: [email protected] Demo Site:http://www.gobbl.net/ --------------------------- Bug In: \admin\auth.php ? include '../config.php'; $user = $POST'user'; $pass = $POST'pass'; if...

Gobbl CMS 1.0 Insecure Cookie Handling Vulnerability

No description provided by source. --------------------------- Gobbl Cms 1.0 I.Cookie Hand. --------------------------- Autore: x0r Evolution Team Email: [email protected] Demo Site:http://www.gobbl.net/ --------------------------- Bug In: \admin\auth.php ? include '../config.php'; $user =...

Gobbl CMS 1.0 - Insecure Cookie Handling

--------------------------- Gobbl Cms 1.0 I.Cookie Hand. --------------------------- Autore: x0r Evolution Team Email: [email protected] Demo Site:http://www.gobbl.net/ --------------------------- Bug In: \admin\auth.php ? include '../config.php'; $user = $POST'user'; $pass = $POST'pass'; if...

Gobbl CMS 1.0 - Insecure Cookie Handling

Gobbl CMS 1.0 - Insecure Cookie Handling --------------------------- Gobbl Cms 1.0 I.Cookie Hand. --------------------------- Autore: x0r Evolution Team Email: [email protected] Demo Site:http://www.gobbl.net/ --------------------------- Bug In: \admin\auth.php ? include '../config.php'; $user...

CVE-2008-4162

Open redirect vulnerability in admin/auth.php in NooMS 1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the gsiteurl parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in admin/auth.php in Pluxml 0.3.1 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...

CVE-2007-3542

CVE-2007-3542 is a cross-site scripting (XSS) vulnerability in Pluxml 0.3.1, located in admin/auth.php, exploitable by supplying a crafted msg parameter. The NVD entry lists a MEDIUM risk (CVSSv2: AV:N/AC:M/Au:N/C:N/I:P/A:N, base score 4.3) with no authentication required and no impact on confide...

CVE-2007-3542

Removed by vendor...

EternalMart Guestbook 1.10 - adminauth.php Remote File Inclusion

EternalMart Guestbook 1.10 - adminauth.php Remote File Inclusion EternalMart Guestbook 1.1.0 emgbadminpath Remote File Include +class : Remote File Include Vulnerability +Author : mdx +Files : +admin/auth.php? +code : + + include"$emgbadminpath/authfunc.php"; + + download link :...