G.CMS Generator - SQL Injection

G.CMS Generator - SQL Injection 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Gcms generator SQLi Vulnerability Date : june, 21 2010 Critical Level : HIGH Vendor Url : http://www.laubrotel.com/gcms/demo/ Auth...

cups: web interface memory disclosure

The cgiinitializestring function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, does not properly handle parameter values containing a % percent character without two subsequent hex characters, which...

CVE-2010-1985

Multiple cross-site scripting XSS vulnerabilities in the administrative user interface in Six Apart Movable Type 5.0 and 5.01 allow remote attackers to inject arbitrary web script or HTML via unknown vectors...

Litespeed Web Server 4.0.12 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: Litespeed Web Server - Add Admin CSRF and XSS Vulnerabilities Date: 2010-02-04 Author: d1dn0t didnotatmedotcom Software Link: http://www.litespeedtech.com/litespeed-web-server-downloads.html Version: 4.0.12 Greetz: Muts/Ryujin/KernelSaunders 0x00 Product Description LiteSpeed Web...

Litespeed Web Server 4.0.12 - Cross-Site Request Forgery (Add Admin) / Cross-Site Scripting

Author: d1dn0t didnotatmedotcom Software Link: http://www.litespeedtech.com/litespeed-web-server-downloads.html Version: 4.0.12 Greetz: Muts/Ryujin/KernelSaunders 0x00 Product Description LiteSpeed Web Server is the leading high-performance, high-scalability web server. It is completely Apache...

WD-CMS 3.0 - Multiple Vulnerabilities

WD-CMS 3.0 - Multiple Vulnerabilities Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link: http://www.webdiamond.net/cms.html Version: 3.0 Tested on: Windows Vista and Linux Backtrack 3...

WD-CMS 3.0 Multiple Vulnerabilities

Exploit for unknown platform in category web applications =================================== WD-CMS 3.0 Multiple Vulnerabilities =================================== Exploit Title: WD-CMS 3.0 Multiple Vulnerabilities Date: December 31st, 2009 Author: Sora Software Link:...

CVE-2009-4402

The default configuration of SQL-Ledger 2.8.24 allows remote attackers to perform unspecified administrative operations by providing an arbitrary password to the admin interface...

CVE-2009-4402

The default configuration of SQL-Ledger 2.8.24 allows remote attackers to perform unspecified administrative operations by providing an arbitrary password to the admin interface...

CVE-2009-4402

CVE-2009-4402 affects SQL-Ledger 2.8.24, where default configuration allows remote attackers to perform unspecified administrative operations by supplying an arbitrary password to the admin interface. This is supported by multiple sources in the connected set (NVD/NASL/OpenVAS), all describing th...

CVE-2009-4402

The default configuration of SQL-Ledger 2.8.24 allows remote attackers to perform unspecified administrative operations by providing an arbitrary password to the admin interface...

CVE-2009-4402

The default configuration of SQL-Ledger 2.8.24 allows remote attackers to perform unspecified administrative operations by providing an arbitrary password to the admin interface...

Sun Solaris AnswerBook2 Multiple Cross-Site Scripting Vulnerabilities

Sun Solaris AnswerBook2 is reported prone to multiple cross-site scripting vulnerabilities. These issues arise due to insufficient sanitization of user-supplied data facilitating execution of arbitrary HTML and script code in a user's browser. The following specific issues were identified: It is...

Websense Email Security multiple security vulnerabilities

Crossite scripting and DoS in Web administration interface...

Big Banyan network article management system of 0day-vulnerability warning-the black bar safety net

Big Banyan network article management system Ver 3.0 Build 0 9 0 6 0 2 user registry filter is not strict can be inserted into a word Use: Google for: inurl:ArtClaShow. asp? cid search inurl:ArtClaShow. asp? cid for about1,170 query results, the following is the1-1 0 article Open the page, find t...

CVE-2009-2851

Cross-site scripting XSS vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL...

DEBIAN-CVE-2009-2851

Cross-site scripting XSS vulnerability in the administrator interface in WordPress before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via a comment author URL...

CVE-2009-2851

CVE-2009-2851 is a cross-site scripting vulnerability in WordPress’s administrator interface that allows injection of arbitrary script/HTML via the comment author URL, reported for WordPress versions before 2.8.2. Connected documents corroborate WordPress vulnerabilities around 2009 and cite Debi...

Sql injection

SQL injection vulnerability in admin/index.php in Opial 1.0 allows remote attackers to execute arbitrary SQL commands via the txtPassword parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2009-2233

The admin interface in AWScripts.com Gallery Search Engine 1.5 allows remote attackers to bypass authentication and gain administrative access by setting the awselogged cookie to 1...