Esselbach Storyteller CMS System 1.8 - SQL Injection

Exploit Title: Esselbach Storyteller CMS System Version 1.8 page.php Remote SQL Injection Vulnerability Date: March, 9th 2011 GMT +7 Author: Shamus Software Link: http://www.esselbach.com/ Version : Esselbach Storyteller CMS System Version 1.8 Tested on: windows CVE : -...

openSUSE Security Update : gpg2 (openSUSE-SU-2010:0479-1)

GnuPG2 was vulnerable to arbitrary code execution by context-dependent attackers because of reusing a freed pointer when verifying a signature or importing a certificate with many 'Subject Alternate Names'. CVE-2010-2547 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

Anantasoft's Gazelle CMS 1.0 XSS

/ /ghostblup\ \ / / i love you Indonesia \ \ / / i love you ratih \ \ / / i love you full \ \ --------------------- -------------------------- ============================================ ----------------------------------------------------------------------------------------...

Attachmax Dolphin <= 2.1.0 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================== Attachmax Dolphin = 2.1.0 Multiple Remote Vulnerabilities ==========================================================...

Prozilla Hosting Index - cat_id SQL Injection

Prozilla Hosting Index - catid SQL Injection \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV88$2008 ----------------------------------------------------------------------------------------- ECHOADV88$2008 Prozilla Hosting Index directory.php catid Blind...

[SA22075] Web-News &quot;content_page&quot; File Inclusion Vulnerability

TITLE: Web-News "contentpage" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA22075 VERIFY ADVISORY: http://secunia.com/advisories/22075/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Web-News 1.x http://secunia.com/product/12104/ DESCRIPTION: Drago84 has...

[SA21955] aeDating &quot;dir[inc]&quot; File Inclusion Vulnerabilities

TITLE: aeDating "dirinc" File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA21955 VERIFY ADVISORY: http://secunia.com/advisories/21955/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: aeDating 4.x http://secunia.com/product/5709/ aeDating 3.x...

[SA21796] photokorn &quot;dir_path&quot; File Inclusion Vulnerabilities

TITLE: photokorn "dirpath" File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA21796 VERIFY ADVISORY: http://secunia.com/advisories/21796/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: photokorn 1.x http://secunia.com/product/9586/ DESCRIPTION: Some vulnerabilitie...

[SA21594] SportsPHool &quot;mainnav&quot; File Inclusion Vulnerability

TITLE: SportsPHool "mainnav" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA21594 VERIFY ADVISORY: http://secunia.com/advisories/21594/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: SportsPHool 1.x http://secunia.com/product/11629/ DESCRIPTION: Kacper has...

[SA20884] MKPortal &quot;ind&quot; Local File Inclusion Vulnerability

---------------------------------------------------------------------- Reverse Engineer Wanted Secunia offers a Security Specialist position with emphasis on reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports...

plumeCMS113.txt

The original article can be found at: http://www.hamid.ir/security/ http://www.IHSteam.com Vulnerable Systems: Plume CMS 1.1.3 Vulnerable Code : path/plume-1.1.3/plume/manager/tools/link/dbinstall.php //Vulnerable Code :line 39 requireonce $PXconfig'managerpath'.'/inc/class.checklist.php';...

StudIP1302.txt

/------------------------------------------------ IHS Public advisory -------------------------------------------------/ Stud.IP Remote File Inclusion Stud.IP is a learning and an information management system for universities, educational facilities and enterprises. http://www.studip.de...

Plume CMS 1.1.3 - dbinstall.php Remote File Inclusion

Plume CMS 1.1.3 - dbinstall.php Remote File Inclusion /------------------------------------------------ IHS Public advisory -------------------------------------------------/ Plume CMS Remote File Inclusion It uses PHP and MySql. With a single installation of Plume you can have multiple websites,...

Plume CMS 1.1.3 (dbinstall.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ================================================================= Plume CMS 1.1.3 dbinstall.php Remote File Include Vulnerability =================================================================...

Plume CMS 1.1.3 (dbinstall.php) Remote File Include Vulnerability

No description provided by source. /------------------------------------------------ IHS Public advisory -------------------------------------------------/ Plume CMS Remote File Inclusion It uses PHP and MySql. With a single installation of Plume you can have multiple websites, file management,...

Plume CMS 1.1.3 - &#039;dbinstall.php&#039; Remote File Inclusion

/------------------------------------------------ IHS Public advisory -------------------------------------------------/ Plume CMS Remote File Inclusion It uses PHP and MySql. With a single installation of Plume you can have multiple websites, file management, multiple authors with different righ...

Stud.IP 1.3.0-2 - Multiple Remote File Inclusions

/------------------------------------------------ IHS Public advisory -------------------------------------------------/ Stud.IP Remote File Inclusion Stud.IP is a learning and an information management system for universities, educational facilities and enterprises. http://www.studip.de...

[SA20115] Php Blue Dragon CMS &quot;vsDragonRootPath&quot; File Inclusion

TITLE: Php Blue Dragon CMS "vsDragonRootPath" File Inclusion SECUNIA ADVISORY ID: SA20115 VERIFY ADVISORY: http://secunia.com/advisories/20115/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Php Blue Dragon CMS 2.x http://secunia.com/product/9942/ DESCRIPTION: Kacper...

Sire2.0Nws.txt

by Moroccan Security Team Geetz To All Freind +File Inclusion: Input passed to the "rub" parameter in "lire.php" isn't properly verified, before it is used to include remote files Successful exploitation requires that "registerglobals" is enabled. lire.php code +Exploit: Exploit...

[SA16115] Hosting Controller Multiple Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...