138 matches found
CVE-2009-2853
Wordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to 1 admin-footer.php, 2 edit-category-form.php, 3 edit-form-advanced.php, 4 edit-form-comment.php, 5 edit-link-category-form.php, 6 edit-link-form.php, 7 edit-page-form.php, and 8 edit-tag-form.php in wp-admin...
Cross site scripting
Cross-site scripting XSS vulnerability in the anonymous comments feature in lib-comment.php in glFusion 1.1.0, 1.1.1, and earlier versions allows remote attackers to inject arbitrary web script or HTML via the username parameter to comment.php...
CVE-2009-0455
The CVE concerns glFusion’s anonymous comments feature. Affected product/version: glFusion 1.1.0, 1.1.1, and earlier. Vulnerability: Cross-site scripting (XSS) in lib-comment.php allowing remote attackers to inject arbitrary web script or HTML via the username parameter to comment.php. Root cause...
Directory traversal
Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery ESPG 1.72 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter. NOTE: the vulnerability may be in my little homepage Comment script. If so, then this should not be treated as ...
ESPG 1.72 File Disclosure
.::ESPG 1.72 File Disclosure Vulnerability::. = Scriptname: ESPG Enhanced Simple PHP Gallery 1.72 = Vendor: http://quirm.net = Download: http://quirm.net/download/21/ = Bugfounder: bd0rk = Contact: bd0rkathackermail.com = Greetings: str0ke, TheJT, Maria, Alucard, x0r32 = Vulnerable Code in...
ESPG (Enhanced Simple PHP Gallery) 1.72 File Disclosure Vulnerability
No description provided by source. .::ESPG 1.72 File Disclosure Vulnerability::. = Scriptname: ESPG Enhanced Simple PHP Gallery 1.72 = Vendor: http://quirm.net = Download: http://quirm.net/download/21/ = Bugfounder: bd0rk = Contact: bd0rkathackermail.com = Greetings: str0ke, TheJT, Maria, Alucard...
ESPG (Enhanced Simple PHP Gallery) 1.72 - File Disclosure
ESPG Enhanced Simple PHP Gallery 1.72 - File Disclosure .::ESPG 1.72 File Disclosure Vulnerability::. = Scriptname: ESPG Enhanced Simple PHP Gallery 1.72 = Vendor: http://quirm.net = Download: http://quirm.net/download/21/ = Bugfounder: bd0rk = Contact: bd0rkathackermail.com = Greetings: str0ke,...
AJ HYIP ACME (comment.php artid) SQL Injection Vulnerability
No description provided by source. proud to be muslim rEm0te sql injction VulnErability ajhyip manager script AuTh0r : security fears team Home : WwW.alsonaa.com members: HeB4RieH , germay...
AJ HYIP ACME (comment.php artid) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================ AJ HYIP ACME comment.php artid SQL Injection Vulnerability ============================================================ proud to be muslim rEm0te sql injction VulnErability ajhyi...
Sql injection
SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows remote attackers to execute arbitrary SQL commands via the mid parameter...
CVE-2008-3378
SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows remote attackers to execute arbitrary SQL commands via the mid parameter...
CVE-2008-3378
SQL injection vulnerability in comment.php in Fizzmedia 1.51.2 allows remote attackers to execute arbitrary SQL commands via the mid parameter...
CVE-2008-3378
CVE-2008-3378 describes an SQL injection in the PHP file comment.php of Fizzmedia 1.51.2 , exploitable by remote attackers via the mid parameter to execute arbitrary SQL commands. The connected documents confirm the vulnerable component and the injection vector but do not provide details on explo...
FizzMedia 1.51.2 (comment.php mid) SQL Injection Vulnerability
No description provided by source. Viva IslaM Viva IslaM Remote SQL injection Vulnerability FizzMedia 1.51.2 comment.php mid AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM & WwW.AtsDp.CoM/f Email : [email protected] SYRIAN Arab HACkErS -: Exploite :-...
FizzMedia 1.51.2 - SQL Injection
FizzMedia 1.51.2 - SQL Injection Viva IslaM Viva IslaM Remote SQL injection Vulnerability FizzMedia 1.51.2 comment.php mid AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM & WwW.AtsDp.CoM/f Email : [email protected] SYRIAN Arab HACkErS -: Exploite :-...
FizzMedia 1.51.2 (comment.php mid) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================== FizzMedia 1.51.2 comment.php mid SQL Injection Vulnerability ============================================================== Viva IslaM Viva IslaM Remote SQL injection...
CVE-2008-2455
CVE-2008-2455: SQL injection in MacGuru BLOG Engine plugin 2.2 for e107, in comment.php via the rid parameter, allowing remote SQL execution. Affected: MacGuru BLOG Engine plugin 2.2 on e107. Base CVSS 7.5 (HIGH) with network attack, low complexity, no authentication. No remediation details provi...
CVE-2008-2455
SQL injection vulnerability in comment.php in the MacGuru BLOG Engine plugin 2.2 for e107 allows remote attackers to execute arbitrary SQL commands via the rid parameter...
e107 Plugin BLOG Engine 2.2 (rid) Blind SQL Injection Vulnerability
No description provided by source. + Author: Saime + Script: e107 Plugin BLOG Engine v2.2 rid Blind SQL Injection + URL: http://e107coders.org/download.php?view.1843 + Date: 13/05/2008 + Greetz: BaKo,DrWh4x,optiplex,xprog,cam-man-dan,Tulle,t0pP8uZz,Inspiratio,Novalok,illuz1oN,Untamed,GM,str0ke, a...
e107blog-blindsql.txt
Author: Saime + Script: e107 Plugin BLOG Engine v2.2 rid Blind SQL Injection + URL: http://e107coders.org/download.php?view.1843 + Date: 13/05/2008 + Greetz: BaKo,DrWh4x,optiplex,xprog,cam-man-dan,Tulle,t0pP8uZz,Inspiratio,Novalok,illuz1oN,Untamed,GM,str0ke, and everyone else I forgot! + Site:...