12 matches found
EUVD-2012-2422
Malware in sbrugna...
EUVD-2012-2421
Malware in sbrugna...
CVE-2012-2435
Directory traversal vulnerability in the captcha module in Pligg CMS before 1.2.2 allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the captcha parameter to module.php, as demonstrated by cross-site request forgery CSRF attacks...
Drupal CAPTCHA Module Denial of Service Vulnerability
Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. A remote denial of service vulnerability exists in the CAPTCHA module of Drupal. An attacker can exploit this vulnerability to cause a denial of service...
Ovidentia Captcha (Version 0.7) Module Remote File Inclusion Vulnerability
Exploit for php platform in category web applications Title: Ovidentia Module Captcha Version 0.7 Remote File Inclusion Author: GoLdM Download: http://www.ovidentia.org/modules/babArticle731 PoC : \captcha-0-7\programs\captcha.class.php ------------------------------------------------------...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web script or HTML via 1 an arbitrary parameter in a move or 2 minimize action to admin/adminindex.php; 3 the karmausername parameter to module.php in the karma module; 4 q1low, ...
Directory traversal
Directory traversal vulnerability in the captcha module in Pligg CMS before 1.2.2 allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the captcha parameter to module.php, as demonstrated by cross-site request forgery CSRF attacks...
CVE-2012-2435
Directory traversal vulnerability in the captcha module in Pligg CMS before 1.2.2 allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the captcha parameter to module.php, as demonstrated by cross-site request forgery CSRF attacks...
CVE-2012-2435
Pligg CMS (prior to 1.2.2) has a directory traversal / Local File Inclusion vulnerability in the captcha module (module.php) that allows remote authenticated users to include and execute local files via the captcha parameter, demonstrated as a CSRF-exploitation vector. The CVE entry CVE-2012-2435...
CVE-2010-1865
Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the IP address to the csgetip function in generate.php in the Captcha module, or 2 the semail parameter to the cssqlselect function in the MySQL database driver...
Sql injection
Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the IP address to the csgetip function in generate.php in the Captcha module, or 2 the semail parameter to the cssqlselect function in the MySQL database driver...
CVE-2010-1865
Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the IP address to the csgetip function in generate.php in the Captcha module, or 2 the semail parameter to the cssqlselect function in the MySQL database driver...