12 matches found
CVE-2004-2725
Multiple cross-site scripting XSS vulnerabilities in Aztek Forum 4.0 allow remote attackers to inject arbitrary web script or HTML via 1 the search parameter in a search.php, 2 the email parameter in b subscribe.php, and 3 the return and 4 title parameters in c forum2.php...
CVE-2004-2725
CVE-2004-2725 affects Aztek Forum 4.0, with XSS vulnerabilities in multiple entry points: search.php (search parameter), subscribe.php (email parameter), and forum_2.php (return and title parameters). The underlying issue is improper handling/sanitization of user-supplied input, allowing remote a...
Aztek Forum 4.0 Multiple Vulnerabilities Exploit
Exploit for unknown platform in category web applications ================================================ Aztek Forum 4.0 Multiple Vulnerabilities Exploit ================================================ !/usr/bin/php Aztek Forum 4.1 Multiple Vulnerabilities Exploit header...
Aztek Forum 4.0 - myadmin.php User Privilege Escalation
Aztek Forum 4.0 - myadmin.php User Privilege Escalation !/usr/bin/perl use IO::Socket; Aztek Forum 4.00 Change User Rights Remote Exploit only if the magicquote are : OFF aztekgar.pl 127.0.0.1 /aztek/ Admin Attacker +------------------------------------------------------------+ - Aztek 4.0 Give...
Aztek Forum 4.0 - 'myadmin.php' User Privilege Escalation
!/usr/bin/perl use IO::Socket; Aztek Forum 4.00 Change User Rights Remote Exploit only if the magicquote are : OFF aztekgar.pl 127.0.0.1 /aztek/ Admin Attacker +------------------------------------------------------------+ - Aztek 4.0 Give Admin rights to a normal user - - - - coded by Sparah -...
CVE-2006-1110
Cross-site scripting XSS vulnerability in Aztek Forum 4.0 allows remote attackers to inject arbitrary web script or HTML via the message body in a new message...
Design/Logic Flaw
Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message...
CVE-2006-1112
Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message...
Cross site scripting
Cross-site scripting XSS vulnerability in Aztek Forum 4.0 allows remote attackers to inject arbitrary web script or HTML via the message body in a new message...
CVE-2006-1112
Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message...
CVE-2006-1110
CVE-2006-1110 affects Aztek Forum 4.0 with a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary script or HTML via the message body when creating a new message. The CVSS-derived impact indicates partial integrity loss and no confidentiality/availability impact, with ...
CVE-2006-1110
Cross-site scripting XSS vulnerability in Aztek Forum 4.0 allows remote attackers to inject arbitrary web script or HTML via the message body in a new message...