171 matches found
Cross-site Scripting (XSS) Vulnerabilities in CruxPA
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in CruxPA which could be exploited to perform cross-site scripting and script insertion attacks. 1 Cross-site scripting XSS vulnerability in CruxPA: CVE-2010-2718 The vulnerability exists due to input sanitation err...
724CMS Enterprise 4.59 SQL Injection
Exploit Title: 724CMS Enterprise Version 4.59 Multiple SQL Injections Date: 11-5-10 Author: t@nzo0n Version: 4.59 Enterprise Code : section.php x Variable : Lang x Exploit : http://target.com/section.php?Nav=Section&ID=5&Lang=sqlinjection index.php x Variable : autoslide x Exploit :...
CVE-2009-4794
Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote attackers to execute arbitrary SQL commands via the 1 articleid parameter to view.php and the 2 a parameter in an event action to calendar.php, reachable through index.php...
Sql injection
Multiple SQL injection vulnerabilities in Community CMS 0.5 allow remote attackers to execute arbitrary SQL commands via the 1 articleid parameter to view.php and the 2 a parameter in an event action to calendar.php, reachable through index.php...
vBulletin 2.3.x - SQL Injection
vBulletin 2.3.x - SQL Injection Title: vbulletin Vulnerability versions 2.3 . - SQL injection. Author: Discovered by ROOTEGY Version: vBulletin Version 2.3 =========================================================== www.sec-war.com ===========================================================...
vBulletin 2.3.x - SQL Injection
Title: vbulletin Vulnerability versions 2.3 . - SQL injection. Author: Discovered by ROOTEGY Version: vBulletin Version 2.3 =========================================================== www.sec-war.com =========================================================== Vulnerability versions 2.3 . - SQL...
vBulletin v 2.3 .* SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================== vBulletin v 2.3 . SQL Injection Vulnerability ============================================== Title: vbulletin Vulnerability versions 2.3 . - SQL injection. Author: Discovered by ROOTEGY Versio...
Bitrix Site Manager Remote File Inclusion
Author : Don Tukulesto [email protected] + Date : November 13, 2009 + Homepage : http://www.indonesiancoder.com + Vendor : http://www.bitrixsoft.com/ + Method : Remote File Inclusion + Location : INDONESIA Notes : I know this is an old bugs, but i just write this exploit under perl module...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Loggix Project 9.4.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the pathToIndex parameter to 1 Calendar.php, 2 Comment.php, 3 Rss.php and 4 Trackback.php in lib/Loggix/Module/; and 5...
Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities
No description provided by source. In The Name Of Allah Loggix Project = 9.4.5 Multiple Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/loggix/files/ Author : cr4wl3r Contact : cr4wl3r4tlinuxmaildotorg Location : Gorontalo - INDONESIA Blog :...
Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ====================================================================== Loggix Project = 9.4.5 Multiple Remote File Inclusion Vulnerabilities ====================================================================== In The Name Of Allah Loggix...
Loggix Project 9.4.5 - Multiple Remote File Inclusions
In The Name Of Allah Loggix Project = 9.4.5 Multiple Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/loggix/files/ Author : cr4wl3r Contact : cr4wl3r4tlinuxmaildotorg Location : Gorontalo - INDONESIA Blog : http://sh3ll4u.blogspot.com Dork : No DoRk f0R ScRipT...
CVE-2009-3148
PortalXP Teacher Edition 1.2 is affected by multiple SQL injection vulnerabilities. The issue allows remote attackers to inject arbitrary SQL via the id parameter to calendar.php, news.php, and links.php, and via the assignment_id parameter to assignments.php. These details are consistently descr...
CVE-2009-3148
Multiple SQL injection vulnerabilities in PortalXP Teacher Edition 1.2 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 calendar.php, 2 news.php, and 3 links.php; and the 4 assignmentid parameter to assignments.php...
Community CMS 0.5 Multiple SQL Injection Vulnerabilities
Salvatore "drosophila" Fresta + Application: Community CMS + Version: 0.5 + Website: http://sourceforge.net/projects/communitycms/ + Bugs: A Multiple SQL Injection + Exploitation: Remote + Dork: intext:"Powered by Community CMS" + Date: 30 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta +...
Community CMS 0.5 Multiple SQL Injection Vulnerabilities
No description provided by source. Salvatore "drosophila" Fresta + Application: Community CMS + Version: 0.5 + Website: http://sourceforge.net/projects/communitycms/ + Bugs: A Multiple SQL Injection + Exploitation: Remote + Dork: intext:"Powered by Community CMS" + Date: 30 Mar 2009 +...
Community CMS 0.5 SQL Injection
Salvatore "drosophila" Fresta + Application: Community CMS + Version: 0.5 + Website: http://sourceforge.net/projects/communitycms/ + Bugs: A Multiple SQL Injection + Exploitation: Remote + Dork: intext:"Powered by Community CMS" + Date: 30 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta +...
Community CMS 0.5 - Multiple SQL Injections
Salvatore "drosophila" Fresta + Application: Community CMS + Version: 0.5 + Website: http://sourceforge.net/projects/communitycms/ + Bugs: A Multiple SQL Injection + Exploitation: Remote + Dork: intext:"Powered by Community CMS" + Date: 30 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta +...
Unfixed XSS vulnerability at www.abqsoaring.org
Security researcher Gamoscu, has submitted on 03/11/2009 a cross-site-scripting XSS vulnerability affecting www.abqsoaring.org, which at the time of submission ranked 17643148 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/07/2010. It is...
WorkSimple 1.2.1 RFI / Sensitive Data Disclosure Vulnerabilities
No description provided by source. START 0x01 Informations: Script : WorkSimple 1.2.1 Download : http://www.hotscripts.com/jump.php?listingid=85112&jumptype=1 Vulnerability : Remote File Inclusion / Sensitive Data Disclosure Author : Osirys Contact : osirysatlivedotit Notes : Proud to be Italian...