CVE-2011-3835

Multiple cross-site scripting XSS vulnerabilities in Wuzly 2.0 allow remote attackers to inject arbitrary web script or HTML via the Referer header to 1 admin/login.php and 2 admin/404.php; the 3 q parameter to search.php; the 4 themename parameter to themesettings.php, 5 extensionname parameter ...

jPORTAL 2 (comment.php id) Remote SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: jPORTAL 2 SQL Injection Vulnerabilitiy Google Dork: "powered by jPORTAL 2" Date: 8/12/2011 Author: H4ckCity Security Team Discovered By: farbodmahini Home: WwW.H4ckCity.Org Software Link: http://jportal2.com/ Version: All Versio...

Sql injection

SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action...

CVE-2010-4897

CVE-2010-4897 is a SQL injection vulnerability affecting BlueCMS 1.6, specifically in comment.php. An attacker could send crafted requests via the X-Forwarded-For HTTP header in a send action to execute arbitrary SQL commands. This is supported by multiple sources (NVD, Red Hat, CVE records). The...

Ignition 'comment.php' Local File Include Vulnerability

Ignition is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow...

Ignition 'comment.php' Local File Include Vulnerability

Ignition is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2010-4257

SQL injection vulnerability in the dotrackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field...

CVE-2010-4257

CVE-2010-4257 is a SQL injection in WordPress up to version 3.0.2 affecting the do_trackbacks function in wp-includes/comment.php. The vulnerability allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field due to improper input sanitization. Related adviso...

Wordpress function do_trackbacks() SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================================== Wordpress function dotrackbacks SQL Injection Vulnerability ============================================================== Description: SQL injection vulnerability in dotrackbacks...

wordpress -- SQL injection vulnerability

Vendor reports: SQL injection vulnerability in the dotrackbacks function in wp-includes/comment.php in WordPress before 3.0.2 allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field...

CVE-2009-4936

Multiple SQL injection vulnerabilities in Small Pirate SPirate 2.1 allow remote attackers to execute arbitrary SQL commands via 1 the id parameter to the default URI in an rss .xml action, or the id parameter to 2 pag1.php, 3 pag1-guest.php, 4 rss-commentpost.php aka rss-comentpost.php, or 5...

Sql injection

Multiple SQL injection vulnerabilities in Small Pirate SPirate 2.1 allow remote attackers to execute arbitrary SQL commands via 1 the id parameter to the default URI in an rss .xml action, or the id parameter to 2 pag1.php, 3 pag1-guest.php, 4 rss-commentpost.php aka rss-comentpost.php, or 5...

phpbb-Photo-Album 2.0.53 album-comment.php 跨站脚本漏洞

No description provided by source...

Directory traversal

Multiple directory traversal vulnerabilities in Ignition 1.2, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via a .. dot dot in the blog parameter to 1 comment.php and 2 view.php...

Ignition 1.2 Multiple Local File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ========================================================== Ignition 1.2 Multiple Local File Inclusion Vulnerabilities ========================================================== Ignition 1.2 Multiple Local File Inclusion Vulnerabilities...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Loggix Project 9.4.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the pathToIndex parameter to 1 Calendar.php, 2 Comment.php, 3 Rss.php and 4 Trackback.php in lib/Loggix/Module/; and 5...

Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities

No description provided by source. In The Name Of Allah Loggix Project = 9.4.5 Multiple Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/loggix/files/ Author : cr4wl3r Contact : cr4wl3r4tlinuxmaildotorg Location : Gorontalo - INDONESIA Blog :...

Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ====================================================================== Loggix Project = 9.4.5 Multiple Remote File Inclusion Vulnerabilities ====================================================================== In The Name Of Allah Loggix...

Loggix Project 9.4.5 - Multiple Remote File Inclusions

In The Name Of Allah Loggix Project = 9.4.5 Multiple Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/loggix/files/ Author : cr4wl3r Contact : cr4wl3r4tlinuxmaildotorg Location : Gorontalo - INDONESIA Blog : http://sh3ll4u.blogspot.com Dork : No DoRk f0R ScRipT...

CVE-2009-3118

The CVE-2009-3118 entry concerns Danneo CMS