phpAuction 3.2.1 - 'item.php' SQL Injection

phpauction-gpl Version3.2 Version SQL Injection Vulnerability ======================================================== Author: Hussin X = = Home : www.tryag.cc/cc = = email: darkangelg85atYahooDoTcom = hussin.xathotmailDoTcom = = ======================================================== HomE scrip...

CVE-2008-2756

Cross-site scripting XSS vulnerability in admin/users.asp in Xigla Absolute Control Panel XE 1.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter and other unspecified parameters. NOTE: some of these details are obtained from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in admin/users.asp in Xigla Absolute Control Panel XE 1.0 allows remote attackers to inject arbitrary web script or HTML via the name parameter and other unspecified parameters. NOTE: some of these details are obtained from third party information...

roomphplanning15-user.txt

RoomPHPlanning v1.5 remote Arbitrary Add Admin Users Vulnerability + Script download :http://www.beaussier.com/roomphplanning/telecharge.php + Founded by : Stack + Greetz : All friends & muslims HaCkeRs... DESCRIPTION: RoomPHPlanning is vulnerable to add user whit go to link see down in colon Nom...

Minigal 2 critical XSS

Title: Minigal 2 critical XSS Author: Jose Carlos Norte [email protected] Date: 4-3-2008 Severity: high Vendor URL: http://www.minigal.dk/ ------- Introduction Minigal 2a.k.a. MG2 is a picture album written in PHP, it have a simple administration panels, and makes non-ajax browsable albums. -------...

CVE-2008-1129

Cross-site scripting XSS vulnerability in admin/users/self.php in XRMS CRM allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: some of these details are obtained from third party information...

ProCheckUp Security Advisory 2006.12

PR06-12: XSS on BEA Plumtree Foundation and AquaLogic Interaction portals Description: BEA Plumtree Foundation portal 6.0 and BEA AquaLogic Interaction 6.1 are vulnerable to a XSS vulnerability affecting the 'name' parameter which is submitted to the '/portal/server.pt' server-side script. Date...

Debian: Security Advisory (DSA-1066-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2007-5829

The Disk Mount scanner in Symantec AntiVirus for Macintosh 9.x and 10.x, Norton AntiVirus for Macintosh 10.0 and 10.1, and Norton Internet Security for Macintosh 3.x, uses a directory with weak permissions group writable, which allows local admin users to gain root privileges by replacing...

Cross site scripting

Cross-site scripting XSS vulnerability in admin/adminusers.php in Claroline before 1.8.6 allows remote authenticated administrators to inject arbitrary web script or HTML via the sort parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

Yvora CMS 1.0 (error_view.php ID) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================================== Yvora CMS 1.0 errorview.php ID Remote SQL Injection Vulnerability ==================================================================== Yvora CMS v1.0 - Remote SQL Injecti...

CVE-2007-4390

The Command Line Interface CLI, aka Adonis Administration Console, on the BlueCat Networks Adonis DNS/DHCP appliance 5.0.2.8 allows local admin users to gain root privileges on the underlying operating system via shell metacharacters in a command...

Blog System 1.x - index.php?news_id SQL Injection

Blog System 1.x - index.php?newsid SQL Injection --==+================================================================================+==-- --==+ BlogSite Professional SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHO...

phpVID 0.9.9 (categories_type.php cat) SQL Injection Vulnerability

No description provided by source. --==+================================================================================+==-- --==+ phpVID SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE:...

phpvid-sql.txt

--==+================================================================================+==-- --==+ phpVID SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: http://www.vastal.com/ DORK:...

PHPVID 0.9.9 - categories_type.php SQL Injection

PHPVID 0.9.9 - categoriestype.php SQL Injection --==+================================================================================+==-- --==+ phpVID SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz &...

PHPVID 0.9.9 - 'categories_type.php' SQL Injection

--==+================================================================================+==-- --==+ phpVID SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: http://www.vastal.com/ DORK:...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Supasite 1.23b allow remote attackers to execute arbitrary PHP code via a URL in the supadbpath parameter to 1 commonfunctions.php, 2 adminauthcookies.php, 3 adminmods.php, 4 adminnews.php, 5 admintopics.php, 6 adminusers.php, 7...

CVE-2007-2082

Direct static code injection vulnerability in admin/settings.php in MyBlog 0.9.8 and earlier allows remote authenticated admin users to inject arbitrary PHP code via the content parameter, which can be executed by accessing index.php. NOTE: a separate vulnerability could be leveraged to make this...

CVE-2007-0345

The 1 Activity Monitor.app/Contents/Resources/pmTool, 2 Keychain Access.app/Contents/Resources/kcproxy, and 3 ODBC Administrator.app/Contents/Resources/iodbcadmintool programs in /Applications/Utilities/ in Mac OS X 10.4.8 have weak permissions writable by admin group, which allows local admin...