676 matches found
CVE-2006-6590
PHP remote file inclusion vulnerability in usercpmenu.php in AR Memberscript allows remote attackers to execute arbitrary PHP code via a URL in the scriptfolder parameter...
CVE-2006-6590
CVE-2006-6590: PHP remote file inclusion in AR Memberscript, specifically in usercp_menu.php, allows an attacker to supply a URL via the script_folder parameter to execute arbitrary PHP code. The NVD entry lists a CVSS v2 base score of 7.5 (HIGH) with network vector and low attack complexity, no ...
AR Memberscript (usercp_menu.php) Remote File Include Vulnerability
No description provided by source. Author: ex0 armemberscript - remote file include vulnerability all versions There is no vendo patch, and doubt there will be. I havnt been able to get in touch with the vendor for 2 months armemberscript is a script used by many anime sites to manage their...
AR Memberscript (usercp_menu.php) Remote File Include Vulnerability
Exploit for unknown platform in category web applications =================================================================== AR Memberscript usercpmenu.php Remote File Include Vulnerability =================================================================== Author: ex0 armemberscript - remote fi...
CVE-2006-2809
Multiple cross-site scripting XSS vulnerabilities in index.php in ar-blog 5.2 allow remote attackers to inject arbitrary web script or HTML via the 1 count parameter, and possibly the 2 next, 3 Yearthenews, and 4 mo parameters. NOTE: the year and month vectors are already covered by CVE-2006-0333...
CVE-2006-2809
CVE-2006-2809 corresponds to multiple XSS vulnerabilities in ar-blog 5.2, affecting index.php via parameters (count, and possibly next, Year_the_news, mo). Root cause is improper handling/validation of user-supplied input leading to script/HTML injection. Affected component is ar-blog 5.2, index....
CVE-2006-2809
Multiple cross-site scripting XSS vulnerabilities in index.php in ar-blog 5.2 allow remote attackers to inject arbitrary web script or HTML via the 1 count parameter, and possibly the 2 next, 3 Yearthenews, and 4 mo parameters. NOTE: the year and month vectors are already covered by CVE-2006-0333...
Multiple Xss exploits in ar-blog v 5.2
Multiple Xss exploits in ar-blog v 5.2 forum type : ar-blog v 5.2 bug found by : black-code team : site-down type : Xss black-code: http://www.xxx.com/path/index.php?page=gb&count=next='scriptalert10/script http://www.xxx.com/path/index.php?page=gb&count='scriptalert10/script...
AR-Blog 5.2 - Multiple Cross-Site Scripting Vulnerabilities
AR-Blog 5.2 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/18120/info AR-Blog is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may levera...
AR-Blog 5.2 - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/18120/info AR-Blog is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...
CVE-2006-1893
Cross-site scripting XSS vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2006-1893
Cross-site scripting XSS vulnerability in print.php in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2006-1893
CVE-2006-1893 describes a cross-site scripting (XSS) vulnerability in the print.php component of ar-blog 5.2, exploitable via the id parameter to inject arbitrary script/HTML. The vulnerability is documented across multiple sources (NVD, CVE List, PRION, etc.), with the impact described as enabli...
Xss In ar-blog v 5.2
Software: ar-blog Web Site: http://www.ar-blog.com Versions: ar-blog v 5.2 Type: Xss Exploit : http://www.XXX.com/ar-blogv5,2/print.php?id=scriptalert1/script Discovery by : ALMOKANN3 LEZR.COM GreeTz : special greet t0 Dr.Jr7 & Qptan & Mr.SNAKE and to my all frinds !n www.lezr.com/vb...
AR-Blog 5.2 - print.php Cross-Site Scripting
AR-Blog 5.2 - print.php Cross-Site Scripting source: https://www.securityfocus.com/bid/17522/info The ar-blog application is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code...
AR-Blog 5.2 - 'print.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/17522/info The ar-blog application is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser of an unsuspecting use...
ar-blogv5.2.txt
Software: ar-blog Web Site: http://www.ar-blog.com Versions: ar-blog v 5.2 Type: Cross Site Scripting Class: Remote Exploit : 1- http://www.target.com/index.php?page=showtopis&month=XSS&year=1426&all=9 2- http://www.target.com/index.php?page=showtopis&month=9&year=XSS&all=9 Example : 1-...
CVE-2006-0333
Cross-site scripting XSS vulnerability in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the 1 month or 2 year parameter to index.php...
Cross site scripting
Cross-site scripting XSS vulnerability in ar-blog 5.2 allows remote attackers to inject arbitrary web script or HTML via the 1 month or 2 year parameter to index.php...