PHP Classifieds 6.20 - Multiple Cross-Site Scripting Authentication Bypass Vulnerabilities

PHP Classifieds 6.20 - Multiple Cross-Site Scripting Authentication Bypass Vulnerabilities source: https://www.securityfocus.com/bid/28521/info PHP Classifieds is prone to multiple cross-site scripting vulnerabilities and an authentication-bypass vulnerability. An attacker may leverage these issu...

CVE-2007-4862

Cross-site scripting XSS vulnerability in admin/menu.php in SAXON 5.4 allows remote attackers to inject arbitrary web script or HTML via the confignewsurl parameter...

duyuru-sql.txt

Fıstıq Duyuru Scripti Remote Sql İnjection File : goster.asp Sql : -1%20union+all+select+0,kullaniciadi,sifre,3+from+admin Admin Name + Admin Pass Admin Menu: yoneticiii/default.asp Thanks : Ajann , Xoron , ApAci , ErNE , Uyuss , Eno7 , Thehacker , Enjexion .pl Exploit Code : !/usr/bin/perl Scrip...

X_holes

Products : xstat v2.3 and less xnews v1.1 Website : http://www.xqus.com/ problems : xstat : - Recovery of numerous data about the computer phpinfo . - Cross Site Scripting - Path disclosure xnews : - Access to the admin menu More details in french : http://www.ifrance.com/kitetoua/tuto/xholes.txt...