WordPress <= 2.0.11 - XSS

Because of this vulnerability in wp-db-backup.php, the attackers can inject arbitrary web script or HTML via the "backup" parameter in a wp-db-backup.php action to wp-admin/edit.php. Solution Update the WordPress...

phpbg-rfi.txt

phpBG 0.9.1 rootdir Remote File Inclusion Vulnerability D.Script: http://phpbg.sourceforge.net/ POC: /intern/admin/other/backup.php?admin=1&rootdir=Shell /intern/admin/?rootdir=Shell /intern/clan/memberadd.php?rootdir=Shell /intern/config/key2.php?rootdir=Shell...

phpBG 0.9.1 (rootdir) Remote File Inclusion Vulnerabilities

No description provided by source. phpBG 0.9.1 rootdir Remote File Inclusion Vulnerability D.Script: http://phpbg.sourceforge.net/ POC: /intern/admin/other/backup.php?admin=1&rootdir=Shell /intern/admin/?rootdir=Shell /intern/clan/memberadd.php?rootdir=Shell /intern/config/key2.php?rootdir=Shell...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in InterWorx Hosting Control Panel InterWorx-CP Webmaster Level SiteWorx 3.0.2 1 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php; and allow remote authenticated users to inject arbitrary web script or HT...

CVE-2005-2013

The CVE-2005-2013 entry concerns paFAQ 1.0 Beta 4, a PHP/MySQL web application. The described vulnerability allows remote attackers to access admin/backup.php directly, which contains a backup of the database including usernames and passwords. This exposure could reveal administrator credentials ...