aflog-sqlxss.txt

Name: aflog 1.01 and possibly earlier Webiste: http://aflog.org/ Vulnerability type: SQL Injection comments.php and XSS Author: shinmai, 2008-01-22 Description: SQL INJECTION: SQL injection is possible in comments.php for the GET variable 'id', like this:...

Sql injection

Multiple SQL injection vulnerabilities in aflog 1.01, and possibly earlier versions, allow remote attackers to execute arbitrary SQL commands via 1 the id parameter to comments.php and 2 an unspecified parameter to view.php...

aflog 1.01 comments.php XSS / SQL Injection Vulnerability

No description provided by source. Name: aflog 1.01 and possibly earlier Webiste: http://aflog.org/ Vulnerability type: SQL Injection comments.php and XSS Author: shinmai, 2008-01-22 Description: SQL INJECTION: SQL injection is possible in comments.php for the GET variable 'id', like this:...

aflog 1.01 - Cross-Site Scripting SQL Injection

aflog 1.01 - Cross-Site Scripting SQL Injection Name: aflog 1.01 and possibly earlier Webiste: http://aflog.org/ Vulnerability type: SQL Injection comments.php and XSS Author: shinmai, 2008-01-22 Description: SQL INJECTION: SQL injection is possible in comments.php for the GET variable 'id', like...

aflog 1.01 comments.php XSS / SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================= aflog 1.01 comments.php XSS / SQL Injection Vulnerability ========================================================= Name: aflog 1.01 and possibly earlier Webiste: http://aflog.org/...

Arbitrary file edit, Local file include, Directory traversal and Full path disclosure in WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Arbitrary file edit, Local file include, Directory traversal и Full path disclosure уязвимостях в WordPress. Дыры в файле templates.php в параметрах file и page и файлах edit-pages.php, categories.php, edit-comments.php, moderation.php, post.php и...

Sql injection

Multiple SQL injection vulnerabilities in MeGaCheatZ 1.1 allow remote attackers to execute arbitrary SQL commands via the ItemID parameter to 1 comments.php, 2 view.php, 3 siteadmin/ViewItem.php, and unspecified other vectors...

Sql injection

SQL injection vulnerability in patch/comments.php in SH-News 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2007-6391

The CVE-2007-6391 entry concerns an SQL injection in SH-News 3.0, specifically in patch/comments.php where the id parameter is vulnerable. Multiple connected documents confirm this: remote attackers can inject arbitrary SQL commands via id, indicating a server-side query construction flaw in SH-N...

SH-News 3.0 - 'comments.php' SQL Injection

...:::::SH-News 3.0 SQL Injection Vulnerbility ::::.... Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all iranian hackerz greetz:to my best friend in the world hadiaryaie200...

SH-News 3.0 (comments.php id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ SH-News 3.0 comments.php id Remote SQL Injection Vulnerability ================================================================ ...:::::SH-News 3.0 SQL Injection Vulnerbility...

Sql injection

Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 viewimage.php and 2 comments.php...

wpquiz-sql.txt

Tytul: wpQuiz 2.7 Remote SQL Injection Vulnerability http://wireplastik.com/projects.php Autor: Kacper E-Mail: [email protected] Strona: devilteam.eu Irc: irc.myg0t.com devilteam Blad:...

wpQuiz 2.7 Multiple Remote SQL Injection Vulnerabilities

No description provided by source. Tytul: wpQuiz 2.7 Remote SQL Injection Vulnerability http://wireplastik.com/projects.php Autor: Kacper E-Mail: [email protected] Strona: devilteam.eu Irc: irc.myg0t.com devilteam Blad:...

wpQuiz 2.7 - Multiple SQL Injections

wpQuiz 2.7 - Multiple SQL Injections Tytul: wpQuiz 2.7 Remote SQL Injection Vulnerability http://wireplastik.com/projects.php Autor: Kacper E-Mail: [email protected] Strona: devilteam.eu Irc: irc.myg0t.com devilteam Blad:...

wpQuiz 2.7 - Multiple SQL Injections

Tytul: wpQuiz 2.7 Remote SQL Injection Vulnerability http://wireplastik.com/projects.php Autor: Kacper E-Mail: [email protected] Strona: devilteam.eu Irc: irc.myg0t.com devilteam Blad:...

shnew31-rfi.txt

Found By : Hasadya Raed Contact : [email protected] --------------------------- Script : SH-News 3.1 Dork : "Powered by SH-News 3.1" Greetz : Guardian Information Systems --------------------------- B.Files : report.php archive.php comments.php init.php news.php Exploits :...

CVE-2007-3198

CVE-2007-3198 is an XSS vulnerability in Maran PHP Blog (comments.php) where the id parameter can be exploited to inject arbitrary script/HTML. Affected versions are possibly before 2007-06-10. The issue allows remote attackers to execute script in the context of the victim’s browser; impact per ...

Sql injection

SQL injection vulnerability in comments.php in WSN Guest 1.02 and 1.21 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2007-1517

SQL injection vulnerability in comments.php in WSN Guest 1.02 and 1.21 allows remote attackers to execute arbitrary SQL commands via the id parameter...