EUVD-2010-0398

Malware in sbrugna...

CVE-2010-0367

Multiple PHP remote file inclusion vulnerabilities in BitScripts Bits Video Script 2.05 Gold Beta, and possibly 2.04, allow remote attackers to execute arbitrary PHP code via a URL in the rowptemtemplate parameter to 1 showcasesearch.php and 2 showcase2search.php...

CVE-2010-0366

Multiple unrestricted file upload vulnerabilities in 1 register.php and 2 addvideo.php in BitScripts Bits Video Script 2.04 and 2.05 Gold Beta allow remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in BitScripts Bits Video Script 2.05 Gold Beta, and possibly 2.04, allow remote attackers to execute arbitrary PHP code via a URL in the rowptemtemplate parameter to 1 showcasesearch.php and 2 showcase2search.php...

CVE-2010-0365

CVE-2010-0365 concerns a stored/reflected cross-site scripting (XSS) vulnerability in the BitScripts Bits Video Script, specifically affecting the search.php endpoint in versions 2.04 and 2.05 Gold Beta. The underlying issue is that user-supplied input in the order parameter can be interpreted as...

CVE-2010-0367

Multiple PHP remote file inclusion vulnerabilities in BitScripts Bits Video Script 2.05 Gold Beta, and possibly 2.04, allow remote attackers to execute arbitrary PHP code via a URL in the rowptemtemplate parameter to 1 showcasesearch.php and 2 showcase2search.php...

CVE-2010-0367

CVE-2010-0367 describes multiple PHP remote file inclusion vulnerabilities in BitScripts Bits Video Script 2.05 Gold Beta (and possibly 2.04). The issue is exploitable via a crafted URL that injects a value into the rowptem[template] parameter sent to showcasesearch.php and showcase2search.php, a...

CVE-2010-0365

Cross-site scripting XSS vulnerability in search.php in BitScripts Bits Video Script 2.04 and 2.05 Gold Beta allows remote attackers to inject arbitrary web script or HTML via the order parameter...

CVE-2010-0366

CVE-2010-0366 affects BitScripts Bits Video Script (versions 2.04 and 2.05 Gold Beta). The vulnerability lies in two upload components, namely register.php and addvideo.php , where an unrestricted file upload can let an attacker place an executable file in the server and access it via a direct re...

Bits Video Script 2.05 Gold Version XSS / RFI / Shell Upload

======================================================================================== | Title : Bits Video Script 2.05 Gold Version Beta Multti Vulnerability | Author : indoushka | email : [email protected] | Home : www.iq-ty.com/vb | Script Home :...

Bits Video Script 2.05 Gold Beta - showcasesearch.php?rowptem[template] Remote File Inclusion

Bits Video Script 2.05 Gold Beta - showcasesearch.php?rowptemtemplate Remote File Inclusion source: https://www.securityfocus.com/bid/40709/info Bits Video Script is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can...

Bits Video Script 2.042.05 - search.php Cross-Site Scripting

Bits Video Script 2.042.05 - search.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40716/info Bits Video Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Bits Video Script 2.04/2.05 - '/register.php' Arbitrary File Upload / Arbitrary PHP Code Execution

source: https://www.securityfocus.com/bid/40712/info Bits Video Script is prone to multiple arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to upload arbitrary code and run it in the context of the...

Bits Video Script 2.05 Gold Beta - 'showcase2search.php?rowptem[template]' Remote File Inclusion

source: https://www.securityfocus.com/bid/40709/info Bits Video Script is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute...

Bits Video Script 2.042.05 - register.php Arbitrary File Upload Arbitrary PHP Code Execution

Bits Video Script 2.042.05 - register.php Arbitrary File Upload Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/40712/info Bits Video Script is prone to multiple arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can...

Bits Video Script 2.05 Gold Beta - 'showcasesearch.php?rowptem[template]' Remote File Inclusion

source: https://www.securityfocus.com/bid/40709/info Bits Video Script is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute...

Bits Video Script 2.04/2.05 - 'search.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/40716/info Bits Video Script is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...