3502 matches found
ZeeReviews - SQL Injection
ZeeReviews - SQL Injection Viva IslaM Viva IslaM Remote SQL Injection Vulnerability ZeeReviews comments.php ItemID http://www.zeescripts.com AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM & WwW.AtsDp.CoM Email : [email protected] SYRIAN Arab HACkErS -: Exploite :-...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the 1 article comments feature and the 2 search log feature...
CVE-2008-3353
Multiple cross-site scripting XSS vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the 1 article comments feature and the 2 search log feature...
CVE-2008-3353
Multiple cross-site scripting XSS vulnerabilities in Pure Software Lore before 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the 1 article comments feature and the 2 search log feature...
PT-2008-4758 · Pure · Pure Software Lore
Name of the Vulnerable Software and Affected Versions: Pure Software Lore versions prior to 1.7.0 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related ...
Diigo Toolbar crossite scripting
Crossite scripting with publiс comments...
Sql injection
SQL injection vulnerability in comments.php in DCFM Blog 0.9.4 allows remote attackers to execute arbitrary SQL commands via the id parameter...
DCFM Blog 0.9.4 (comments) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================= DCFM Blog 0.9.4 comments Remote SQL Injection Vulnerability ============================================================= Title =======:: DCFM Blog 0.9.4 comments Remote SQL...
Authentication flaw
BlogPHP 2.0 allows remote attackers to bypass authentication, and post 1 messages or 2 comments as an arbitrary user, via a modified blogphpusername field in a cookie...
CVE-2008-2524
BlogPHP 2.0 allows remote attackers to bypass authentication, and post 1 messages or 2 comments as an arbitrary user, via a modified blogphpusername field in a cookie...
Sql injection
SQL injection vulnerability in index.php in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to execute arbitrary SQL commands via the AMGid parameter in a comments action...
CVE-2008-1961
SQL injection vulnerability in index.php in Voice Of Web AllMyGuests 0.4.1 allows remote attackers to execute arbitrary SQL commands via the AMGid parameter in a comments action...
AllMyGuests 0.4.1 - 'AMG_id' SQL Injection
Found by : -=Player=- Contacts : 282-246-419 ICQ Greatz to: LidlosesAuge, Suicide, enco, Free-Hack Script : AllMyGuests Site : http://www.php-resource.net/ Dork : "powered by AllMyGuests" Valnu : index.php Parameter: AMGid Injection:...
gallarific-xss.txt
Hello, I was looking at the free version of gallarific, and I found some suspicious code in the scopbin directory. Attached is a file I found in the zip i downloaded, in case someone wants to decode it. the package can be downloaded from http://www.gallarific.com/download.php Also, the software...
CreateLive CMS Version 4.0 0day-vulnerability warning-the black bar safety net
CreateLive CMS Version 4.0 0day.doc by:xiaok q:391232032.771044833 time: 2008-2-4 0 2:1 0 XP SP2 ie7 iis5. 1...... A tribute to D. S. T you gay, cause Hell-Phantom, the actuator on thin ice, causing the old D, The actuator Doom, causing the group to get help with the culture of the rogue...
Watchers can see comments that they are not supposed to see via email notifications
We have email notifications switched on for our live version of JIRA. If you watch an issue then you receive an email each time somebody comments on that issue. This email contains information about the issue including the comment that was added. This is great as it allows people to keep up to da...
Watchers can see comments that they are not supposed to see via email notifications
We have email notifications switched on for our live version of JIRA. If you watch an issue then you receive an email each time somebody comments on that issue. This email contains information about the issue including the comment that was added. This is great as it allows people to keep up to da...
CVE-2008-0113
Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory...
Memory corruption
Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory...
CVE-2008-0113
Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory...