Basic-CMS - q Cross-Site Scripting

Basic-CMS - q Cross-Site Scripting source: https://www.securityfocus.com/bid/32531/info Basic CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

basiccms-xss.txt

--------------------------------------------------------- Portal Name: Basic Cms Vendor : http://basic-cms.de Author : PouyaServer , [email protected] Vulnerability : XSS --------------------------------------------------------- XSS: http://site.com/pages/index.php?q=alert1369...

Basic-CMS - 'q' Cross-Site Scripting

source: https://www.securityfocus.com/bid/32531/info Basic CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context ...

Basic-CMS - Remote Database Disclosure

Basic-CMS - Remote Database Disclosure --------------------------------------------------------- Portal Name: Basic-cms ASP D0wn : http://www.basic-cms.com/download-basiccms.zip Author : Mountassif Moad Evil Finger / v4 Team Vulnerability : Database Disclosure Vulnerability...

BaSiC-CMS (acm2000.mdb) Remote Database Disclosure Vulnerability

Exploit for unknown platform in category web applications ================================================================ BaSiC-CMS acm2000.mdb Remote Database Disclosure Vulnerability ================================================================...

Basic-CMS - Remote Database Disclosure

--------------------------------------------------------- Portal Name: Basic-cms ASP D0wn : http://www.basic-cms.com/download-basiccms.zip Author : Mountassif Moad Evil Finger / v4 Team Vulnerability : Database Disclosure Vulnerability ---------------------------------------------------------...

BaSiC-CMS index.php r Remote SQL Injection Vulnerability

BaSiC-CMS index.php r Remote SQL Injection Vulnerability. CVE-2008-2789. Webapps exploit for php platform Viva IslaM Viva IslaM Remote SQL Injection Vulnerability BaSiC-CMS index.php r AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM Email : [email protected] !! SYRIAN HaCkErS !! Script : BaSiC-CMS site :...

BaSiC-CMS (index.php r) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================== BaSiC-CMS index.php r Remote SQL Injection Vulnerability ========================================================== Remote SQL Injection Vulnerability BaSiC-CMS index.php r AuTh0r ...

Sql injection

Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via 1 the catsearch parameter to calsearch.php or 2 the catview parameter to calcat.php. NOTE: vector 1 might overlap CVE-2007-3183.3, and vector 2 might overlap...

CVE-2008-2429

Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via 1 the catsearch parameter to calsearch.php or 2 the catview parameter to calcat.php. NOTE: vector 1 might overlap CVE-2007-3183.3, and vector 2 might overlap...

CVE-2008-2429

Summary of CVE-2008-2429 (Calendarix Basic): Two SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 affect the catsearch and catview parameters (cal_search.php and cal_cat.php). The vulnerabilities arise because user input is not properly sanitized before being used in SQL queries, en...

CVE-2008-2429

Multiple SQL injection vulnerabilities in Calendarix Basic 0.8.20071118 allow remote attackers to execute arbitrary SQL commands via 1 the catsearch parameter to calsearch.php or 2 the catview parameter to calcat.php. NOTE: vector 1 might overlap CVE-2007-3183.3, and vector 2 might overlap...

Web Server Uses Basic Authentication Without HTTPS

The remote web server contains web pages that are protected by 'Basic' authentication over cleartext. An attacker eavesdropping the traffic might obtain logins and passwords of valid users. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid34850; scriptversion"$Revision...

Microsoft Visual Basic ActiveX Controls Remote Code Execution (MS08-070; CVE-2008-3704; CVE-2008-4252; CVE-2008-4253; CVE-2008-4254; CVE-2008-4255; CVE-2008-4256)

Visual Basic is an event-driven programming language that was created by Microsoft for building stand alone Windows-based programs. Developers can use it for quickly building GUI applications. Several remote code execution vulnerabilities have been reported in Microsoft Visual Basic: CVE-2008-425...

Openwsman HTTP Basic Authentication buffer overflow

Added: 10/17/2008 CVE: CVE-2008-2234 BID: 30694 OSVDB: 47534 Background Openwsman is an open-source implementation of the Web Services Management specification. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP Basic...

Openwsman HTTP Basic Authentication buffer overflow

Added: 10/17/2008 CVE: CVE-2008-2234 BID: 30694 OSVDB: 47534 Background Openwsman is an open-source implementation of the Web Services Management specification. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP Basic...

Openwsman HTTP Basic Authentication buffer overflow

Added: 10/17/2008 CVE: CVE-2008-2234 BID: 30694 OSVDB: 47534 Background Openwsman is an open-source implementation of the Web Services Management specification. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP Basic...

[SECURITY] Fedora 9 Update: neon-0.28.3-1.fc9

neon is an HTTP and WebDAV client library, with a C interface; providing a high-level interface to HTTP and WebDAV methods along with a low-level interface for HTTP request handling. neon supports persistent connections, proxy servers, basic, digest and Kerberos authentication, and has complete S...

Immunity Canvas: MS08_062

Name| ms08062 ---|--- CVE| CVE-2008-1446 Exploit Pack| CANVAS Description| Windows Internet Printing Service Overflow Notes| CVE Name: CVE-2008-1446 VENDOR: Microsoft Notes: This exploit will try and listen for connection on port 445/TCP. Thus it needs to be run as root under Linux, or as...

FreeBSD Ports: apache+ssl

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...