antiwar.com XSS vulnerability

Vulnerable URL: http://www.antiwar.com///archives.php?author=" Details: Description| Value ---|--- Patched:| No Latest check for patch:| 19.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 64654 VIP website status:| No Check antiwar.com SSL connection:| Grade...

Chronosite 5.12 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Chronosite 5.12 SQL Injection Google Dork: filetype:php inurl:"/archives.php" intext:"ARCHIVES Chrono-site" Date: 13/05/15 Exploit Author: Wad Deek Vendor Homepage: http://www.chronosite.org/ Software Link:...

Chronosite 5.12 - SQL Injection

Chronosite 5.12 - SQL Injection Exploit Title: Chronosite 5.12 SQL Injection Google Dork: filetype:php inurl:"/archives.php" intext:"ARCHIVES Chrono-site" Date: 13/05/15 Exploit Author: Wad Deek Vendor Homepage: http://www.chronosite.org/ Software Link:...

Chronosite 5.12 - SQL Injection

Exploit Title: Chronosite 5.12 SQL Injection Google Dork: filetype:php inurl:"/archives.php" intext:"ARCHIVES Chrono-site" Date: 13/05/15 Exploit Author: Wad Deek Vendor Homepage: http://www.chronosite.org/ Software Link: http://www.chronosite.org/chronoupload/chronosite512.zip Version: 5.12 Test...

CVE-2008-1295

CVE-2008-1295 impacts phpMyNewsletter 0.8 beta 5 and earlier, where archives.php is vulnerable to SQL injection via the msg_id parameter. This allows remote attackers to potentially execute arbitrary SQL commands. The connected documents confirm the vulnerability description and existence of expl...

CVE-2008-1295

SQL injection vulnerability in archives.php in Gregory Kokanosky aka Greg's Place phpMyNewsletter 0.8 beta 5 and earlier allows remote attackers to execute arbitrary SQL commands via the msgid parameter...

CVE-2007-3179

Multiple SQL injection vulnerabilities in archives.php in Particle Blogger 1.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the month parameter and other unspecified vectors...

Sql injection

Multiple SQL injection vulnerabilities in archives.php in Particle Blogger 1.2.1 and earlier allow remote attackers to execute arbitrary SQL commands via the month parameter and other unspecified vectors...

Particle Blogger Archives.PHP SQL注入漏洞

Particle Blogger是一款基于PHP的WEB应用程序。 Particle Blogger不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息。 问题是'Archives.PHP'脚本对用户提交的'month'参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息。 Particle Soft Particle Blogger 1.2.1 Particle Soft Particle Blogger 1.2 Particle Soft Particle Blogger 1.1.2 Particle Soft Particl...

Directory traversal

Multiple directory traversal vulnerabilities in iXon CMS 0.30 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the themeurl parameter to 1 index.php, 2 page.php, 3 search.php, 4 single.php, and 5 archives.php...

CVE-2007-2104

CVE-2007-2104 affects iXon CMS 0.30. The vulnerability is a directory traversal in the theme_url parameter that allows remote attackers to include and execute arbitrary local files via a .. traversal in (1) index.php, (2) page.php, (3) search.php, (4) single.php, and (5) archives.php. Impact is d...

CVE-2007-2104

Multiple directory traversal vulnerabilities in iXon CMS 0.30 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the themeurl parameter to 1 index.php, 2 page.php, 3 search.php, 4 single.php, and 5 archives.php...

Particle Blogger 1.2.1 - Archives.php SQL Injection

Particle Blogger 1.2.1 - Archives.php SQL Injection source: https://www.securityfocus.com/bid/24232/info Particle Blogger is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

CVE-2007-1040

Xpression News (X-News) 1.0.1 is affected by a directory traversal in archives.php. The xnews-template parameter accepts a .. path traversal, enabling remote attackers to include arbitrary files or view sensitive information. The vulnerability is confirmed in CVE-2007-1040 and is documented with...

Xpression News 1.0.1 (archives.php) Remote File Disclosure Exploit

No description provided by source. r0ut3r Presents... Another r0ut3r discovery! writ3r at gmail.com XNews Remote File Disclosure Exploit Software: Xnews 1.0.1 Vendor: http://xpression.hogsmeade-village.com/ Released: 2007/01/28 Discovered & Exploit By: r0ut3r writ3...