85 matches found
CVE-2008-6381
SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter...
CVE-2008-6381
SQL injection vulnerability in modules/adresses/viewcat.php in bcoos 1.0.13, and possibly earlier, allows remote authenticated users with Addresses module permissions to execute arbitrary SQL commands via the cid parameter...
CVE-2008-6381
The CVE-2008-6381 entry describes an SQL injection in bcoos 1.0.13 (and possibly earlier) affecting the module at modules/adresses/viewcat.php. The vulnerability can be triggered by the cid parameter by remote authenticated users who have Addresses module permissions, allowing arbitrary SQL comma...
bcoos 1.0.13 (viewcat.php cid) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w ============================================ bcoos 1.0.13 Remote SQL Injection Exploit ============================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
bcoos1013-sql.txt
!/usr/bin/perl -w ============================================ bcoos 1.0.13 Remote SQL Injection Exploit ============================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------|...
bcoos 1.0.13 (viewcat.php cid) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications =========================================================== bcoos 1.0.13 viewcat.php cid Remote SQL Injection Exploit =========================================================== !/usr/bin/perl -w ===========================================...
bcoos 1.0.13 - viewcat.php SQL Injection
bcoos 1.0.13 - viewcat.php SQL Injection !/usr/bin/perl -w ============================================ bcoos 1.0.13 Remote SQL Injection Exploit ============================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
bcoos 1.0.13 - 'viewcat.php' SQL Injection
!/usr/bin/perl -w ============================================ bcoos 1.0.13 Remote SQL Injection Exploit ============================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------|...
bcoos 1.0.13 Remote File Include Vulnerability
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + bcoos 1.0.13 Remote File Include Vulnerability + + + + Discovered by DeltahackingTEAM + + + + WwW.DeltaHacking.Net + + + + + + + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ AUTHOR :...
bcoos 1.0.13 - click.php SQL Injection
bcoos 1.0.13 - click.php SQL Injection source: https://www.securityfocus.com/bid/31941/info The 'bcoos' program is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
bcoos 1.0.13 - common.php Remote File Inclusion
bcoos 1.0.13 - common.php Remote File Inclusion source: https://www.securityfocus.com/bid/31929/info The 'bcoos' program is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote fil...
bcoos 1.0.13 - 'click.php' SQL Injection
source: https://www.securityfocus.com/bid/31941/info The 'bcoos' program is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or...
bcoos 1.0.13 - 'common.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/31929/info The 'bcoos' program is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it i...
bcoos-rfi.txt
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + bcoos 1.0.13 Remote File Include Vulnerability + + + + Discovered by DeltahackingTEAM + + + + WwW.DeltaHacking.Net + + + + + + + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ AUTHOR :...
popnupblog-xss.txt
PopnupBlog index.php multiple variables XSS Vendor url:http://www.bluemooninc.biz/ Advisore:http://lostmon.blogspot.com/2008/08/ popnupblog-indexphp-multiple-variables.html Vendor notify:no exploits availables:yes PopnupBlog contains a flaw that allows a remote cross site scripting attack.This fl...
rmsoft-xss.txt
RMSOFT Downloads Plus two scripts two variables XSS Vendor url:http://www.xoops-mexico.net/ Advisore:http://lostmon.blogspot.com/2008/08/ rmsoft-downloads-plus-two-scripts-two.html Vendor notify:no exploits availables:yes RMSOFT Downloads Plus is a download php/Mysql script module for multiple CM...
rmsoftminishop-xss.txt
RMSOFT MiniShop module multiple variable XSS Vendor url:http://redmexico.com.mx Advisore:http://lostmon.blogspot.com/2008/08 /rmsoft-minishop-module-multiple.html Vendor notify:no exploit available:yes RMSOFT MiniShop is a E-commerce php/Mysql script module for multiple CMS Systems like...
yogurt-xss.txt
Yogurt Social Network multiple scripts uid variable XSS Vendor url:http://sourceforge.net/project/ showfiles.php?groupid=204109 Advisore:http://lostmon.blogspot.com/2008/08/ yogurt-social-network-multiple-scripts.html Vendor notify:no exploits availables:yes Yogurt Social Network is a social...
Directory traversal
Directory traversal vulnerability in highlight.php in bcoos 1.0.9 through 1.0.13 allows remote attackers to read arbitrary files via 1 .. dot dot or 2 C: folder sequences in the file parameter...
CVE-2008-2350
CVE-2008-2350 (CWE-style directory traversal) : Affected software is bcoos, specifically highlight.php versions 1.0.9–1.0.13. The vulnerability arises from an improper handling of the file parameter, enabling directory traversal via ".." sequences or Windows-style C: paths to read arbitrary local...