143 matches found
Unfixed XSS vulnerability at www.e-personal.ru
Security researcher THEMILLER, has submitted on 22/06/2008 a cross-site-scripting XSS vulnerability affecting www.e-personal.ru, which at the time of submission ranked 381038 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/11/2008. It is...
CVE-2007-6134
SQL injection vulnerability in pkinc/public/article.php in PHPKIT 1.6.4pl1 allows remote attackers to execute arbitrary SQL commands via the contentid parameter in an article action to include.php, a different vector than CVE-2006-1773...
PHPKIT 1.6.4pl1 - article.php SQL Injection
PHPKIT 1.6.4pl1 - article.php SQL Injection !/usr/bin/perl Vulnerability found & exploit written by $h4d0wl33t shadowleet Contact: [email protected] Phpkit 1.6.4pl1 Non Public Exploit by $hadowleet, Description: Vulnerability in file pkinc/public/article.php On line 71:...
PHPKIT 1.6.4pl1 - 'article.php' SQL Injection
!/usr/bin/perl Vulnerability found & exploit written by $h4d0wl33t shadowleet Contact: [email protected] Phpkit 1.6.4pl1 Non Public Exploit by $hadowleet, Description: Vulnerability in file pkinc/public/article.php On line 71: $contentid=!$contentid && isset$REQUEST'contentid' &&...
PHPKIT 1.6.4pl1 article.php Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ======================================================== PHPKIT 1.6.4pl1 article.php Remote SQL Injection Exploit ======================================================== !/usr/bin/perl Vulnerability found & exploit written by $h4d0wl33t...
Cross site scripting
Cross-site scripting XSS vulnerability in LiveCMS 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via an article name, possibly involving the titulo parameter in article.php...
phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit
No description provided by source. !-- phpMySpace Gold v8.10 - Blind SQL/XPath Injection Exploit Vulnerable Variable: itemid Vulnerable File: modules/news/article.php Vulnerable: phpMySpace Gold v8.10 other versions should also be vulnerable Google d0rk: "Powered by phpMySpace Gold 8.10" John...
CVE-2007-1965
Multiple cross-site scripting XSS vulnerabilities in eXV2 CMS 2.0.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the setlang parameter to 1 archive.php, 2 article.php, 3 index.php, or 4 topics.php...
Newsscript <= 0.5 Remote and Local File Include Vulnerability
Exploit for unknown platform in category web applications ============================================================= Newsscript 2 3 27 include$filename; The second flaw is due to an input validation error in the "article.php" script that does not validate the "ide" parameter, which could be...
ACGV News <= v0.9.1 (PathNews) Remote File Inclusion Exploit
============================================================================================== ACGV News = v0.9.1 PathNews Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor site :...
ACGV News 0.9.1 - 'article.php' Remote File Inclusion
============================================================================================== ACGV News = v0.9.1 PathNews Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor site :...
ACGV News 0.9.1 - article.php Remote File Inclusion
ACGV News 0.9.1 - article.php Remote File Inclusion ============================================================================================== ACGV News = v0.9.1 PathNews Remote File Inclusion Exploit...
ACGV News <= 0.9.1 (PathNews) Remote File Inclusion Vulnerability
No description provided by source. ============================================================================================== ACGV News = v0.9.1 PathNews Remote File Inclusion Exploit =============================================================================================== Critical Leve...
Sql injection
Multiple SQL injection vulnerabilities in phpWebsite 0.83 and earlier allow remote attackers to execute arbitrary SQL commands via the sid parameter to 1 friend.php or 2 article.php...
phpWebsite <= SQL Injection (friend.php) & (article.php)
+phpWebsite +DaBDouB-MoSiKaR Moroccan Security Team +creetz to: Moroccan security TeamDr.E-vil,Dr.Erase,H0550N,ToM-le-Magicianfrance , ameeregypt, Esp!onLeRaVaGe, CiM TeaM, xMs3D0,|ucifer,B6,al-houda membersnabil,sn!per,Kasparovand all hackers musilm morocco and www.lezr.com +special 10x to: safa...
CVE-2005-4479
SQL injection vulnerability in article.php in phpSlash 0.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the storyid parameter...
CVE-2005-4479
CVE-2005-4479 describes a SQL injection vulnerability in the PHP-based CMS/phpSlash, affecting version 0.8.1 and earlier. The vulnerability exists in article.php where the story_id parameter can be manipulated to cause arbitrary SQL commands to be executed by a remote attacker. The consequence is...
Lore SQL inj. vuln.
Lore SQL inj. vuln. Vuln. dicovered by : r0t Date: 1 dec. 2005 Orginal advisory:http://pridels.blogspot.com/2005/12/lore-sql-inj-vuln.html Vendor:http://www.pineappletechnologies.com/products/lore/ affected version: Tested on 1.5.4 Product Description: Lore is a professional knowledge base...
Lore 1.5.41.5.6 - article.php SQL Injection
Lore 1.5.41.5.6 - article.php SQL Injection source: https://www.securityfocus.com/bid/15665/info Lore is prone to an SQL injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise th...
PostNuke News Module article.php sid Parameter XSS
The remote host is running a version of PostNuke which contains the 'News' module which itself is vulnerable to a cross-site scripting issue. An attacker may use these flaws to steal the cookies of the legitimate users of this website. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...