CVE-2007-10002

A vulnerability, which was classified as critical, has been found in web-cyradm. Affected by this issue is some unknown functionality of the file auth.inc.php. The manipulation of the argument login/loginpassword/LANG leads to sql injection. The attack may be launched remotely. The name of the...

CVE-2015-10129

A vulnerability was found in planet-freo up to 20150116 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/inc/auth.inc.php. The manipulation of the argument auth leads to incorrect comparison. The attack may be launched remotely. The complexity ...

CVE-2015-10129 planet-freo auth.inc.php comparison

A vulnerability was found in planet-freo up to 20150116 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/inc/auth.inc.php. The manipulation of the argument auth leads to incorrect comparison. The attack may be launched remotely. The complexity ...

CVE-2015-10129 planet-freo auth.inc.php comparison

A vulnerability was found in planet-freo up to 20150116 and classified as problematic. Affected by this issue is some unknown functionality of the file admin/inc/auth.inc.php. The manipulation of the argument auth leads to incorrect comparison. The attack may be launched remotely. The complexity ...

CVE-2015-10129

CVE-2015-10129 affects planet-freo up to 20150116. A vulnerability exists in admin/inc/auth.inc.php where manipulation of the auth argument leads to an incorrect comparison. The attack could be launched remotely; exploit has been disclosed to the public. The patch is identified as 6ad38c58a45642e...

CVE-2007-10002 web-cyradm auth.inc.php sql injection

A vulnerability, which was classified as critical, has been found in web-cyradm. Affected by this issue is some unknown functionality of the file auth.inc.php. The manipulation of the argument login/loginpassword/LANG leads to sql injection. The attack may be launched remotely. The name of the...

WordPress WPtouch Plugin <= 1.9.20 - XSS

Because of this vulnerability in lib/includes/auth.inc.php, the attackers can inject arbitrary web script or HTML via the "wptouchsettings" parameter to include/adsense-new.php. Solution Update the plugin...

CompactCMS 1.4.1 Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: CompactCMS 1.4.1 Multiple Vulnerabilities Google Dork: intext:"Maintained with CompactCMS.nl" intitle:"Print: " Date: 17-12-2010 Author: NLSecurity Software Link: http://files.compactcms.nl/stable/ Version: CompactCMS 1.4.1...

CompactCMS 1.4.1 - Multiple Vulnerabilities

CompactCMS 1.4.1 - Multiple Vulnerabilities Exploit Title: CompactCMS 1.4.1 Multiple Vulnerabilities Google Dork: intext:"Maintained with CompactCMS.nl" intitle:"Print: " Date: 17-12-2010 Author: NLSecurity Software Link: http://files.compactcms.nl/stable/ Version: CompactCMS 1.4.1 Credits:...

CompactCMS 1.4.1 Cross Site Scripting / File Disclosure

Exploit Title: CompactCMS 1.4.1 Multiple Vulnerabilities Google Dork: intext:"Maintained with CompactCMS.nl" intitle:"Print: " Date: 17-12-2010 Author: NLSecurity Software Link: http://files.compactcms.nl/stable/ Version: CompactCMS 1.4.1 Credits: http://www.nlsecurity.org/ Extra: irc.6667.eu mai...

jbcexplorer-exec.txt

!/usr/bin/php agent'Mozilla Firefox'; $xpl-allowredirection1; $xpl-cookiejar1; if$prx $xpl-proxy$prx; if$pra $xpl-proxyauth$pra; print "0x01Deleting the file auth.inc.php"; $xpl-post$url.'dirsys/modules/auth.php', 'suppr=1'; print "\n0x02Creating the file auth.inc.php";...

CVE-2002-2252

The CVE-2002-2252 entry affects Thatware versions up to and including 0.5.0, with the vulnerability located in auth.inc.php. The root cause is a SQL injection flaw that allows remote attackers to execute arbitrary SQL commands via a base64-encoded user parameter. Impact is remote data manipulatio...

CVE-2006-2700

SQL injection vulnerability in admin/auth.inc.php in Geeklog 1.4.0sr2 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the loginname parameter...

CVE-2004-2038

Cross-site scripting XSS vulnerability in Land Down Under LDU before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in 1 functions.php, 2 header.php or 3 auth.inc.php...

CVE-2004-2038

CVE-2004-2038 concerns a cross-site scripting (XSS) vulnerability in Land Down Under (LDU) prior to version 700. The issue allows remote attackers to inject arbitrary web script or HTML via a BBCode img tag in one of three PHP files: functions.php , header.php , or auth.inc.php . The provided doc...

CVE-2004-2038

Cross-site scripting XSS vulnerability in Land Down Under LDU before LDU 700 allows remote attackers to inject arbitrary web script or HTML via a BBcode img tag in 1 functions.php, 2 header.php or 3 auth.inc.php...

myPHPNuke 1.8.8 - auth.inc.php SQL Injection

myPHPNuke 1.8.8 - auth.inc.php SQL Injection source: https://www.securityfocus.com/bid/8663/info It has been reported that myPHPNuke is prone to a SQL injection vulnerability that may allow a remote attacker to inject malicious SQL syntax into database queries. The issue may exist in the...

myPHPNuke 1.8.8 - &#039;auth.inc.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/8663/info It has been reported that myPHPNuke is prone to a SQL injection vulnerability that may allow a remote attacker to inject malicious SQL syntax into database queries. The issue may exist in the auth.in.php module of the software. The cause of this...

Thatware &#40;PHP&#41;

Informations : °°°°°°°°°°°°°° Versions : ? - 0.3 - 0.5.3 Website : http://www.thatware.org Problems : - Include file - SQL Injection PHP Code/Location : °°°°°°°°°°°°°°°°°°° artlist.php v0.5.2, 0.5.3 : ------------------------------------- include $rootpath.'thatfile.php';...