Lucene search
K

320 matches found

0day.today
0day.today
added 2008/04/06 12:0 a.m.25 views

Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability

Exploit for unknown platform in category web applications =============================================================== Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability ===============================================================...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/04/05 12:0 a.m.25 views

Gaming Directory 1.0 (cat_id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ Gaming Directory 1.0 catid Remote SQL Injection Vulnerability ================================================================...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/02/09 12:0 a.m.30 views

PowerNews (Newsscript) 2.5.6 Local File Inclusion Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-014 Application: PowerNews Newsscript Versions Affected: 2.5.6 Vendor URL: http://www.powerscripts.org/ Bug: Multiple Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution:...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/12/19 12:0 a.m.15 views

MySpace Content Zone 3.x Remote File Upload Vulnerability

No description provided by source. ---------------------------------------------------- +-MySpace Content Zone RFi-+ ---------------------------------------------------- Found By Don & breakerunit ---------------------------------------------------- Vuln file: /admin/uploadgames.php Fix: secure...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/12/18 12:0 a.m.22 views

MySpace Content Zone 3.x - Arbitrary File Upload

MySpace Content Zone 3.x - Arbitrary File Upload ---------------------------------------------------- +-MySpace Content Zone RFi-+ ---------------------------------------------------- Found By Don & breakerunit ---------------------------------------------------- Vuln file: /admin/uploadgames.php...

0.4AI score
Exploits0
0day.today
0day.today
added 2007/12/18 12:0 a.m.41 views

MySpace Content Zone 3.x Remote File Upload Vulnerability

Exploit for unknown platform in category web applications ========================================================= MySpace Content Zone 3.x Remote File Upload Vulnerability ========================================================= ---------------------------------------------------- +-MySpace...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/12/18 12:0 a.m.36 views

MySpace Content Zone 3.x - Arbitrary File Upload

---------------------------------------------------- +-MySpace Content Zone RFi-+ ---------------------------------------------------- Found By Don & breakerunit ---------------------------------------------------- Vuln file: /admin/uploadgames.php Fix: secure admin area Dork: "Powered by MySpace...

7AI score
Exploits0
0day.today
0day.today
added 2007/11/13 12:0 a.m.33 views

Myspace Clone Script Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ======================================================= Myspace Clone Script Remote SQL Injection Vulnerability =======================================================...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/11/13 12:0 a.m.20 views

Myspace Clone Script - SQL Injection

Myspace Clone Script - SQL Injection --==+================================================================================+==-- --==+ Myspace Clone Script SQL Injection Vulnerabilitys +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2007/11/13 12:0 a.m.38 views

Myspace Clone Script - SQL Injection

--==+================================================================================+==-- --==+ Myspace Clone Script SQL Injection Vulnerabilitys +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: datecomm.com DORK...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/09/14 12:0 a.m.34 views

JBlog 1.0 (index.php id) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ===================================================== JBlog 1.0 index.php id Remote SQL Injection Exploit ===================================================== Script....................................: JBlog ver 1.0 Script...

7.1AI score
Exploits0
NVD
NVD
added 2007/08/18 9:17 p.m.10 views

CVE-2007-4419

Admin.php in Olate Download od 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area...

9.3CVSS6.9AI score0.04831EPSS
Exploits1References11
Prion
Prion
added 2007/08/18 9:17 p.m.12 views

Authentication flaw

Admin.php in Olate Download od 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area...

9.3CVSS7.4AI score0.04831EPSS
Exploits1References11Affected Software1
CVE
CVE
added 2007/08/18 9:0 p.m.52 views

CVE-2007-4419

CVE-2007-4419 affects Olate Download (od) 3.4.1. Admin.php uses an OD3_AutoLogin cookie created from an MD5 hash of the admin username, user id, and group id, which can be guessed, enabling remote attackers to access the Admin area. In the provided sources, the vulnerability details are limited t...

9.3CVSS6.9AI score0.04831EPSS
Exploits1References11Affected Software1
Exploit DB
Exploit DB
added 2007/07/12 12:0 a.m.18 views

Inmostore 4.0 - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/24884/info Inmostore is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2006/06/01 12:0 a.m.44 views

Techno Dreams GuestBook Remote XSS Exploit

------------------------------------------------------------------ - Techno Dreams GuestBook Remote XSS Exploit - -= http://colander.altervista.org/advisory/TDGuestBook.txt =- ------------------------------------------------------------------ -= Techno Dreams GuestBook Latetest Version =-...

Exploits0
securityvulns
securityvulns
added 2004/06/10 12:0 a.m.24 views

ADVISORY: ASPDOTNETSTOREFRONT Improper Upload Validation

ASPDOTNETSTOREFRONT Improper Upload Validation Release Date: June 9, 2004 Severity: HIGH Vendor: AspDotNetStorefront.com A Division of Discovery Productions, Inc. Software: Tested on AspDotNetStorefront 3.3 Previous versions may also be affected. Remote: Remotely executed from any web browser...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/01/08 12:0 a.m.32 views

DCP-Portal (PHP)

Informations : °°°°°°°°°°°°°° Version : 5.0.1 Website : http://www.dcp-portal.org Problems : - Include file - Access to users' accounts - Access to the administration PHP Code/ Location : °°°°°°°°°°°°°°°°°°°° The first & second hole will work if registerglobals is ON. /library/editor/editor.php :...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2002/03/12 12:0 a.m.35 views

CaupoShop: cross-site-scripting bug

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ppp-design found the following cross-site-scripting bug in CaupoShop and probably in CaupoShopPro: Details - ------- Product: CaupoShop and probably CaupoShopPro Version: 1.30a CaupoShop and maybe all versions before OS affected: all OS with php and...

6.7AI score
Exploits0
securityvulns
securityvulns
added 2001/03/26 12:0 a.m.33 views

Akopia Interchange E-commerce Package Demo Files Vulnerability

A serious security vulnerability has been found in the default installation of the Interchange demo stores 'barry', 'basic', and 'construct' distributed in Interchange versions 4.5.3 through 4.6.3. Using a group login that had no password set by default, it is possible to log in to the back-end...

0.2AI score
Exploits0
Rows per page
Query Builder