38 matches found
CMSUsina 2.2.3 Cross Site Request Forgery
==================================================================================================================================== | Title : CMSUsina V2.2.3 CSRF Add Admin Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.332-bit | |...
PhpHostBot <= 1.06 (svr_rootscript) Remote File Inclusion Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote File Inclusion...
BSI Hotel Booking System Admin 1.42.0 - Authentication Bypass
BSI Hotel Booking System Admin 1.42.0 - Authentication Bypass ----------------------------------------------------------------------------------------- ECHOADV113$2010 BSI Hotel Booking System Admin Login Bypass Vulnerability...
29o3 CMS (LibDir) Multiple Remote File Inclusion Vulnerability
Description: Some vulnerabilities have been discovered in 2903 CMS, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "CONFIGLibDir" parameter in multiple files is not properly verified before being used to include files. This can be exploited to...
Madirish Webmail 2.01 (basedir) RFI/LFI Vulnerability
Madirish Webmail is prone to Multiple vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow th...
BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV102$2009 ----------------------------------------------------------------------------------------- ECHOADV102$2009 BusinessSpace = 1.2 id Remote SQL Injection Vulnerability...
social-sql.txt
HACKATTACK Advisory 2008-11-20Social Engine 2.7 CRLF Injection + SQL injection Details Product: Social Engine Security-Risk: moderate Remote-Exploit: yes Vendor-URL: http://www.socialengine.net/ Vendor-Status: informed Advisory-Status: published Credits Discovered by: David Vieira-Kurz of...
Attachmax Dolphin <= 2.1.0 Multiple Remote Vulnerabilities
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV101$2008 ----------------------------------------------------------------------------------------- ECHOADV101$2008 Attachmax Dolphin = 2.1.0 Multiple Vulnerability...
Attachmax Dolphin 2.1.0 - Multiple Vulnerabilities
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV101$2008 ----------------------------------------------------------------------------------------- ECHOADV101$2008 Attachmax Dolphin = 2.1.0 Multiple Vulnerability...
maranphp-xss.txt
---------------------------------------------------------------- Script : Maran PHP Blog Type : XSS Pasive Method : GET Alert : Medium ---------------------------------------------------------------- Discovered by : Khashayar Fereidani a.k.a. Dr.Crash My Offical Website : HTTP://FEREIDANI.IR...
[ECHO_ADV_94$2008] Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability
ECHOADV94$2008 ----------------------------------------------------------------------------------------- ECHOADV94$2008 Kmita Mail = 3.0 file Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran Addahroni...
PostNuke Module pnEncyclopedia <= 0.2.0 SQL Injection Vulnerability
Exploit for unknown platform in category web applications =================================================================== PostNuke Module pnEncyclopedia = 0.2.0 SQL Injection Vulnerability =================================================================== \ /\ \ / | \ \ | / \ // / | \ | \...
BackLinkSpider 1.1 - cat_id SQL Injection
BackLinkSpider 1.1 - catid SQL Injection \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV95$2008 ----------------------------------------------------------------------------------------- ECHOADV95$2008 BackLinkSpider catid Blind Sql Injection Vulnerability...
Maian Weblog v4.0 XSS Vulnerabilities
---------------------------------------------------------------- Script : Maian Weblog v4.0 Type : XSS Vulnerabilities ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Or Dr.Crash Our Team : IRCRASH...
Lifetype 1.2.7 XSS Vulnerability
---------------------------------------------------------------- Script : Lifetype 1.2.7 Type : XSS Vulnerabilities ---------------------------------------------------------------- Discovered by : Dr.Crash Or Khashayar Fereidani Our Team : IRCRASH...
bcooslid-sql.txt
bcoos /mysections/ratefile.php lid variable SQL injection vendor url: http://www.bcoops.net Advisore: http://lostmon.blogspot.com/2008/02/ bcoos-mysectionsratefilephp-lid.html vendor notify:NO exploits available: YES bcoos is content-community management system written in PHP-MySQL. bcoops contai...
bcoosexoops-xss.txt
bcoos & E-xoops DevTracker module two variables XSS vendor url: http://www.bcoos.net Vendor url: http://www.e-xoops.com Advisore: http://lostmon.blogspot.com/2008/02/ bcoos-and-e-xoops-devtracker-module-two.html vendor notify:yes exploits available: YES bcoos and E-xoops are two content-community...
dbList XSS vuln.
dbList XSS vuln. Vuln. discovered by : r0t Date: 7 October 2007 Vendor:http://www.livio.net/main/scripts.asp?fileid=24 affected versions:dbList v8.1 other versions also can be affected. dbList contains a flaw that allows a remote Cross-Site Scripting attacks.Input passed to the...
Interact multiple XSS vuln.
Interact multiple XSS vuln. Vuln. discovered by : r0t Date: 21 June 2007 vendor:www.interactole.org orginal advisory: http://pridels-team.blogspot.com/2007/06/interact-multiple-xss-vuln.html affected versions: tested on "Interact 2.4 beta 1" other versions also can be affected. Interact contains ...
WordPress Plugin wp-Table 1.43 - inc_dir Remote File Inclusion
WordPress Plugin wp-Table 1.43 - incdir Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV82$2007 ----------------------------------------------------------------------------------------- ECHOADV82$2007 wordpress plugins wp-Table = 1.43...