CORELAN-10-035 NolaPro Enterprise multiple vulnerabilities

Advisory : CORELAN-10-035 Disclosure date : May 1st, 2010 http://www.corelan.be:8800/advisories.php?id=CORELAN-10-035 00 : Vulnerability information Product : NolaPro Enterprise Version : 4.0.5538 Vendor : Noguska LLC URL : http://www.nolapro.com Platform : Windows PHP/MySQL Type of vulnerabiliti...

GaliX 2.0 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/24066/info GaliX is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials and to launch other...

NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities

NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities Vulnerable: NuclearBB Alpha 1 Google d0rk: "This forum is powered by NuclearBB" ============= String Inputs ============= ---------------------------- login.php - $POST'submit' ---------------------------- username=xyz...

nuclearbb-sql.txt

NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities Vulnerable: NuclearBB Alpha 1 Google d0rk: "This forum is powered by NuclearBB" ============= String Inputs ============= ---------------------------- login.php - $POST'submit' ---------------------------- username=xyz...

galix.txt

GaliX² v2.0 - Cross-Site Scripting Exploit GaliX² v2.0 - Cross-Site Scripting Exploitdiscovered by John MartinelliGoogle d0rk: "GaliX² v2.0" alert1;"...