12 matches found
EUVD-2007-5649
Malware in sbrugna...
Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC
No description provided by source. !-- + Title: Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC + Version: 2.0 Beta 1.1 not tested with older versions + Note: No need administrator to be logged : + Tested on: Linux Ubuntu 11.04 Google Chrome but will work in any other OS + Download...
Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC
Exploit for php platform in category web applications Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC by outlaw.dll body, table, tr, td background-color: 00489C; font-family: Verdana; font-size: 16px; color: FFFFFF; .-""""-. .-""""-. / \ / \ / \ / \ // \ / \ // \ / \ |\ //| |\ //|...
Exponent CMS 2.0 Beta 1.1 Cross Site Request Forgery
Exponent CMS 2.0 Beta 1.1 CSRF Add Administrator Account PoC by outlaw.dll body, table, tr, td background-color: 00489C; font-family: Verdana; font-size: 16px; color: FFFFFF; .-""""-. .-""""-. / \ / \ / \ / \ // \ / \ // \ / \ |\ //| |\ //| \ || / \ || / \ / \ / \ / \ / .-""""-. '..'.-""""-...
Cross site scripting
Cross-site scripting XSS vulnerability in shoutbox/blocco.php in Hackish BETA 1.1 allows remote attackers to inject arbitrary web script or HTML via the goshout parameter...
CVE-2007-5677
Cross-site scripting XSS vulnerability in shoutbox/blocco.php in Hackish BETA 1.1 allows remote attackers to inject arbitrary web script or HTML via the goshout parameter...
CVE-2007-5677
Cross-site scripting XSS vulnerability in shoutbox/blocco.php in Hackish BETA 1.1 allows remote attackers to inject arbitrary web script or HTML via the goshout parameter...
CVE-2007-5677
CVE-2007-5677 describes a cross-site scripting (XSS) vulnerability in the Hackish BETA 1.1 software, specifically in the shoutbox/blocco.php component. The issue allows remote attackers to inject arbitrary web script or HTML by supplying a crafted value to the go_shout parameter. The vulnerabilit...
shoutbox-xss.txt
Hackish BETA 1.1 XSS Discovered by Matrix86 Vendor: http://hackish.eu POF http://site.com/hackish/shoutbox/blocco.php?goshout=Matrix86%3C/a%3E%3C/p%3E%3C/div%3E%3Chtml%3E%3Cscript%3Ealertdocument.cookie;%3C/script%3E%3C/html%3E...
CVE-2006-0079
CVE-2006-0079 describes an SQL injection vulnerability in ScozNet ScozBook BETA 1.1, specifically in auth.php via the adminname (username) field. The underlying issue is unsanitized input allowing a remote attacker to inject arbitrary SQL commands. Documents corroborate exploitation potential and...
ScozBook BETA 1.1 vulnerabilities
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: ScozBook BETA 1.1 vulnerabilities product: ScozBook BETA 1.1 vendor: http://www.scoznet.com risk: high date: 03/29/2k3 discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/018.en.txt http://f0kp.iplus.ru/bz/018.ru.txt...
ScozBook BETA 1.1 vulnerabilities
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::= topic: ScozBook BETA 1.1 vulnerabilities product: ScozBook BETA 1.1 vendor: http://www.scoznet.com risk: high date: 03/29/2k3 discovered by: euronymous /F0KP advisory urls: http://f0kp.iplus.ru/bz/018.en.txt http://f0kp.iplus.ru/bz/018.ru.txt...