EUVD-2006-6212

Malware in sbrugna...

EUVD-2006-6211

Malware in sbrugna...

EUVD-2005-4006

Malware in sbrugna...

FlatFile Password Disclosure

============================================================================== » Note : Tribute to the martyrs of Gaza . ============================================================================== » FlatFile system Remote Password Disclouse Vulnerability...

FlatFile Login System - Remote Password Disclosure

FlatFile Login System - Remote Password Disclosure ============================================================================== » Note : Tribute to the martyrs of Gaza . ============================================================================== » FlatFile system Remote Password Disclouse...

PHPwebnews 0.2 MySQL Edition - 'det' SQL Injection

...:::::phpwebnews-mysql 0.2 SQL Injection Vulnerability ::::.... Virangar Security Team www.virangar.net www.virangar.ir ================================================================================= Discoverd By :virangar security team User In Virangar : d4v00dcr4ck3r...

CWB PRO 1.5 (INCLUDE_PATH) Remote File Inclusion Vulnerabilities

No description provided by source. CWB PRO Version 1.5INCLUDEPATHRemote File Include Vulnerabilites D.Script: http://codewalkers.com/codefiles/373cwbs1.5demo.zip Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Exploit:Path/include/clsheadlineprod.php?INCLUDEPATH=Shell...

CVE-2006-6229

Codewalkers ltwCalendar aka PHP Event Calendar before 4.2.1 logs failed passwords, which might allow attackers to infer correct passwords from the log file...

CVE-2006-6228

Cross-site scripting XSS vulnerability in Codewalkers ltwCalendar aka PHP Event Calendar before 4.2.1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors...

CVE-2006-6228

CVE-2006-6228 is an XSS vulnerability in Codewalkers ltwCalendar (also called PHP Event Calendar) prior to 4.2.1. Remote attackers can inject arbitrary HTML or web script via unknown vectors. The NVD record notes a CVSSv2 base score of 6.8 (MEDIUM) with network attack vector, no authentication, a...

CVE-2006-6229

The CVE-2006-6229 entry affects Codewalkers ltwCalendar (aka PHP Event Calendar) prior to 4.2.1. The underlying issue is that failed login attempts are logged, which could allow an attacker to infer correct passwords from the log file. The available records specify the affected software and the v...

CVE-2006-6228

Cross-site scripting XSS vulnerability in Codewalkers ltwCalendar aka PHP Event Calendar before 4.2.1 allows remote attackers to inject arbitrary HTML or web script via unknown vectors...

tagit2b -- Remote File Inclusion

tagit2b -- Remote File Inclusion Download Source : http://codewalkers.com/codefiles/453tagit2b.zip Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg file ; delTagUser.php bugs ; include"$configpath/errmsg.inc.php"; exmple and methode exploit ;...

calendarSQL.txt

Produit : Calendar Provided by Codewalkers Site officiel : http://Calendar.codewalkers.com Vulnérabilité : SQL Injection Exploitation : /calendar.php?display=event&id=SQL Crédit : Silitix - www.Silitix.com Avis de sécurité original : www.Silitix.com/calendar-cws.php Greetz : Simo64 / MSRT /...

Calendar ( Provided by Codewalkers ) - SQL Injection

Produit : Calendar Provided by Codewalkers Site officiel : http://Calendar.codewalkers.com Vulnйrabilitй : SQL Injection Exploitation : /calendar.php?display=event&id=SQL Crйdit : Silitix - www.Silitix.com Avis de sйcuritй original : www.Silitix.com/calendar-cws.php Greetz : Simo64 / MSRT /...

[Full-disclosure] Calendar ( Provided by Codewalkers ) - SQL Injection

Produit : Calendar Provided by Codewalkers Site officiel : http://Calendar.codewalkers.com Vulnrabilit : SQL Injection Exploitation : /calendar.php?display=event&id=SQL Crdit : Silitix - www.Silitix.com Avis de scurit original : www.Silitix.com/calendar-cws.php Greetz : Simo64 / MSRT / VeNoM630 /...

CVE-2006-3041

CVE-2006-3041 : Codewalkers Ltwcalendar 4.1.3 is described as vulnerable to a PHP remote file inclusion in calendar.php via the ltw_config[include_dir] parameter, potentially allowing remote code execution. The CVE notes that this claim is disputed because the $ltw_config[include_dir] variable is...

CVE-2006-3041

PHP remote file inclusion vulnerability in Ltwcalendar/calendar.php in Codewalkers Ltwcalendar 4.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the ltwconfigincludedir parameter. NOTE: CVE disputes this claim, since the $ltwconfigincludedir variable is defined as a static...

PT-2006-3946 · Codewalkers · Ltwcalendar

Name of the Vulnerable Software and Affected Versions: Codewalkers Ltwcalendar version 4.1.3 Description: The issue allows remote attackers to potentially execute arbitrary PHP code via a URL in the ltw configinclude dir parameter in the Ltwcalendar/calendar.php file. However, it is noted that th...

CVE-2005-4011

SQL injection vulnerability in calendar.php in Codewalkers ltwCalendar aka PHP Event Calendar 4.2, 4.1.3, and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...