Article Friendly Cross Site Request Forgery

======================================================================= Article friendly CSRF Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email [email protected] company aksitservices Credit by Pratu...

Article Friendly Local File Inclusion

======================================================================= Article friendly Insecure direct object Referece Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email [email protected] company...

Softbiz Jobs Cross Site Request Forgery

======================================================================= Softbiz Jobs CSRF Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email [email protected] company aksitservices Credit by Pratul...

Article Friendly - Cross-Site Request Forgery

======================================================================= Article friendly CSRF Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email [email protected] company aksitservices Credit by Pratu...

Article Friendly - Cross-Site Request Forgery

Article Friendly - Cross-Site Request Forgery ======================================================================= Article friendly CSRF Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email...

Softbiz Jobs - Cross-Site Request Forgery

Softbiz Jobs - Cross-Site Request Forgery ======================================================================= Softbiz Jobs CSRF Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email [email protected]...

Softbiz Jobs - Cross-Site Request Forgery

======================================================================= Softbiz Jobs CSRF Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email [email protected] company aksitservices Credit by Pratul...

Softbiz Jobs CSRF Vulnerability

Exploit for unknown platform in category web applications =============================== Softbiz Jobs CSRF Vulnerability =============================== ======================================================================= Softbiz Jobs CSRF Vulnerability...

WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass

Exploit for unknown platform in category web applications ================================================================================== WordPress 2.0 - 2.7.1 admin.php Module Configuration Security Bypass Vulnerability...

Directory traversal

Multiple directory traversal vulnerabilities in iWiccle 1.01, when magicquotesgpc is disabled, allow remote attackers to read arbitrary files via a .. dot dot in 1 the show parameter to the admin module, reachable through index.php; or 2 the module parameter to index.php...

CVE-2009-3217

SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the memberid parameter in an edituser action to index.php...

CVE-2009-3217

SQL injection vulnerability in the admin module in iWiccle 1.01 allows remote attackers to execute arbitrary SQL commands via the memberid parameter in an edituser action to index.php...

CVE-2009-3217

CVE-2009-3217 describes an SQL injection in the admin module of iWiccle 1.01. The vulnerability occurs in the edit_user action (index.php) via the member_id parameter, due to unsafe SQL handling in the admin code, enabling remote attackers to execute arbitrary SQL commands. The CVSSv2 base score ...

Zen Cart admin/sqlpatch.php模块SQL注入漏洞

BugCVE: CVE-2009-2254 BUGTRAQ: 35468 Zen Cart没有对admin/sqlpatch.php模块强制管理认证，这允许远程攻击者在请求中通过querystring和PATHINFO参数执行SQL注入攻击。 Zen Cart 1.3.8 厂商补丁： Zen Ventures ------------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.zen-cart.com/forum/showthread.php?t=130161 !/usr/bin/python ------- Zen Cart 1.3.8...

Sql injection

SQL injection vulnerability in MindDezign Photo Gallery 2.2 allows remote attackers to execute arbitrary SQL commands via the username parameter in a login action to the admin module in index.php, a different vector than CVE-2008-6788...

CVE-2008-6789

CVE-2008-6789 : A SQL injection vulnerability affects MindDezign Photo Gallery 2.2. The vulnerability is triggered by the username parameter in the login action to the admin module in index.php, allowing remote attackers to execute arbitrary SQL commands. This is a different vector from CVE-2008-...

CVE-2008-6790

CVE-2008-6790 affects MindDezign Photo Gallery 2.2, where the admin module allows remote attackers to add administrative users and obtain privileges by submitting a modified username parameter in an edit account action to index.php. The NVD entry cites a base score of 5.1 (MEDIUM) with network at...

CVE-2009-1458

Multiple cross-site scripting XSS vulnerabilities in admin/index.php in razorCMS before 0.4 allow remote attackers to inject arbitrary web script or HTML via 1 the slab parameter in an edit action, 2 the catname parameter in a showcats action, and 3 the cat parameter in a reordercat action...

CVE-2008-6596

SQL injection vulnerability in admin/index.php in PHCDownload 1.1 allows remote attackers to execute arbitrary SQL commands via the hash parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Nortel Networks SRG V16 - admin_modules.php?module Traversal Local File Inclusion

Nortel Networks SRG V16 - adminmodules.php?module Traversal Local File Inclusion source: https://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include...