CVE-2014-6389

backup.php in PHPCompta/NOALYSS before 6.7.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the d parameter...

CVE-2014-6389

backup.php in PHPCompta/NOALYSS before 6.7.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the d parameter...

Sql injection

Multiple SQL injection vulnerabilities in Postfix Admin aka postfixadmin before 2.3.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the pw parameter to the pacrypt function, when mysqlencrypt is configured, or 2 unspecified vectors that are used in backup files generate...

SOS Webpages 1.1.1 /backup.php 备份文件发现漏洞

No description provided by source...

CVE-2011-5264

The CVE-2011-5264 entry maps to a documented XSS in the WordPress Lazyest Backup plugin, specifically in lazyest-backup.php vulnerable via the xml_or_all parameter. Affected version is prior to 0.2.2. Exploitation would allow remote attackers to inject arbitrary script/HTML in the context of the ...

xt:Commerce 3.04 SP2.1 Blind SQL Injection

+---------------------------------+ | xt:Commerce = v3.04 SP2.1 | | commerce:SEO = v2.1 CE | | Gambio = v2.0.10 SP1.4 | | Time Based Blind SQL Injection | +---------------------------------+ Author.............: Ralf Zimmermann Mail...............: infoATstoffline.com Vendor Homepage....:...

xt:Commerce 3.04 SP2.1 - Blind SQL Injection

+---------------------------------+ | xt:Commerce = v3.04 SP2.1 | | commerce:SEO = v2.1 CE | | Gambio = v2.0.10 SP1.4 | | Time Based Blind SQL Injection | +---------------------------------+ Author.............: Ralf Zimmermann Mail...............: infoATstoffline.com Vendor Homepage....:...

gComm - Simple Guestbook 0.1 <= Database Backup Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: gComm - Simple Guestbook 0.1 = Database Backup Disclosure Vulnerability Date: 18/7/2012 Author: GoLdM Vendor or Software Link: http://sourceforge.net/projects/gcomm-sg/ Version: 0.1 Category:: Database Backup Disclosure...

postfixadmin -- Multiple Vulnerabilities

The Postfix Admin Team reports: Multiple XSS vulnerabilities exist: - XSS with $GETdomain in templates/menu.php and edit-vacation - XSS in some create-domain input fields - XSS in create-alias and edit-alias error message - XSS by values stored in the database in fetchmail list view, list-domain...

CVE-2008-7156

EkinBoard 1.1.0 and earlier, when registerglobals is enabled, allows remote attackers to bypass authorization and gain administrator privileges by setting the groups parameter to 2, as demonstrated via backup.php...

CVE-2008-7156

CVE-2008-7156 affects EkinBoard 1.1.0 and earlier. The vulnerability arises when register_globals is enabled and allows remote attackers to bypass authorization and gain administrator privileges by setting the _groups[] parameter to 2, demonstrated via backup.php. The NVD entry assigns a base sco...

Directory traversal

Multiple directory traversal vulnerabilities in Jonascms 1.2 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the taal parameter to 1 backup.php and 2 gbvoegtoe.php. NOTE: the provenance of this information is unknown; the details are obtained solely from...

CVE-2008-5207

Multiple directory traversal vulnerabilities in Jonascms 1.2 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the taal parameter to 1 backup.php and 2 gbvoegtoe.php. NOTE: the provenance of this information is unknown; the details are obtained solely from...

CVE-2008-5207

Multiple directory traversal vulnerabilities in Jonascms 1.2 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the taal parameter to 1 backup.php and 2 gbvoegtoe.php. NOTE: the provenance of this information is unknown; the details are obtained solely from...

2532/Gigs 1.2.2 - Arbitrary Database Backup/Download

--==+================================================================================+==-- --==+ 2532|Gigs = 1.2.2 Arbitrary Remote Database Backup/Download +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz Discovered On: 18...

CVE-2008-0193

Cross-site scripting XSS vulnerability in wp-db-backup.php in WordPress 2.0.11 and earlier, and possibly 2.1.x through 2.3.x, allows remote attackers to inject arbitrary web script or HTML via the backup parameter in a wp-db-backup.php action to wp-admin/edit.php...

CVE-2008-0193

Cross-site scripting XSS vulnerability in wp-db-backup.php in WordPress 2.0.11 and earlier, and possibly 2.1.x through 2.3.x, allows remote attackers to inject arbitrary web script or HTML via the backup parameter in a wp-db-backup.php action to wp-admin/edit.php...

CVE-2008-0193

Cross-site scripting XSS vulnerability in wp-db-backup.php in WordPress 2.0.11 and earlier, and possibly 2.1.x through 2.3.x, allows remote attackers to inject arbitrary web script or HTML via the backup parameter in a wp-db-backup.php action to wp-admin/edit.php...

CVE-2008-0193

CVE-2008-0193 describes a cross-site scripting (XSS) vulnerability in WordPress versions 2.0.11 and earlier, with possible reach into 2.1.x through 2.3.x. The issue arises in the file wp-db-backup.php where an attacker can inject arbitrary web script or HTML via the backup parameter when issuing ...

CVE-2008-0193

Cross-site scripting XSS vulnerability in wp-db-backup.php in WordPress 2.0.11 and earlier, and possibly 2.1.x through 2.3.x, allows remote attackers to inject arbitrary web script or HTML via the backup parameter in a wp-db-backup.php action to wp-admin/edit.php...