CVE-2007-1517

The vulnerability CVE-2007-1517 affects WSN Guest versions 1.02 and 1.21. A SQL injection flaw exists in comments.php that allows remote attackers to execute arbitrary SQL commands through the id parameter. The provided documents do not specify affected database, specific payloads, or concrete ex...

wsnguest-sql.txt

WSN Guest 1.21 Version Comments.PHP "ID" SQL Injection Exploit WSN Guest 1.21 Version Comments.PHP "ID" SQL Injection Exploit SQL Injection Code Search Board ALL UniquE-KeyUniquE-Cracker [email protected]...

WSN Guest 1.21 - 'id' SQL Injection

WSN Guest 1.21 Version Comments.PHP "ID" SQL Injection Exploit WSN Guest 1.21 Version Comments.PHP "ID" SQL Injection Exploit SQL Injection Code Search Board ALL UniquE-KeyUniquE-Cracker [email protected]/...

WSN Guest 1.21 (comments.php id) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================= WSN Guest 1.21 comments.php id Remote SQL Injection Exploit ============================================================= WSN Guest 1.21 Version Comments.PHP "ID" SQL Injection...

CVE-2007-0865

SQL injection vulnerability in comments.php in LushiNews 1.01 and earlier allows remote authenticated users to inject arbitrary SQL commands via the id parameter...

CVE-2007-0865

CVE-2007-0865 describes an SQL injection in the file comments.php of LushiNews 1.01 and earlier . The vulnerability allows remote authenticated users to inject arbitrary SQL commands through the id parameter. The entry scopes impact to partial confidentiality, integrity, and availability, with a ...

LushiNews <= 1.01 (comments.php) Remote SQL Injection Exploit

No description provided by source. % Response.Buffer = True % % On Error Resume Next % % Server.ScriptTimeout = 100 % % '=============================================================================================== 'Script Name: LushiNews = 1.01 comments.php Remote SQL Injection Exploit 'Coded ...

LushiNews <= 1.01 (comments.php) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================= LushiNews exploit2.asp 'Update: + Get Header 'Update: + Get Whois Info '=============================================================================================== % functio...

LushiNews 1.01 - &#039;comments.php&#039; SQL Injection

exploit2.asp 'Update: + Get Header 'Update: + Get Whois Info '=============================================================================================== % function functionControl1 setTimeout"functionControl2",2000; function functionControl2 ifdocument.form1.field1.value=="" alert"Exploit...

LushiNews 1.01 - comments.php SQL Injection

LushiNews 1.01 - comments.php SQL Injection exploit2.asp 'Update: + Get Header 'Update: + Get Whois Info '=============================================================================================== % function functionControl1 setTimeout"functionControl2",2000; function functionControl2...

CVE-2006-6211

Multiple cross-site scripting XSS vulnerabilities in BirdBlog 1.4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 msg parameter to a admin/admincore.php, the 2 month parameter to b admin/comments.php or c admin/entries.php, or the 3 page parameter to d admin/logs.php,...

Advanced Poll 2.0.7 Remote File Include Vulnerability

Advanced Poll Advanced Poll 2.0.7 Remote File Include Vulnerability Found by: beks Bug in booth.php captcha.php comments.php png.php www.site.com/path/booth.php?includepath=shell www.site.com/path/captcha.php?includepath=shell www.site.com/path/comments.php?includepath=shell...

CVE-2006-5398

SQL injection vulnerability in comments.php in Simplog 0.9.3.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter...

CVE-2006-5398

SQL injection vulnerability in comments.php in Simplog 0.9.3.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter...

CVE-2006-5398

The CVE-2006-5398 entry concerns Simplog 0.9.3.1, where a SQL injection vulnerability exists in comments.php. The flaw allows remote attackers to execute arbitrary SQL commands by supplying a crafted cid parameter. The vulnerability is documented across multiple sources (NVD/NIST) with the same d...

Simplog 0.9.3.1 - &#039;comments.php&#039; SQL Injection

!/usr/bin/php input t...

CVE-2006-5282

SH-News 3.1 and earlier is affected by multiple PHP remote file inclusion vulnerabilities. The flaw allows an attacker to trigger arbitrary PHP code execution by supplying a URL in the scriptpath parameter to one of five pages: report.php, archive.php, comments.php, init.php, or news.php. The iss...

advancedpoll202.txt

+-------------------------------------------------------------------- + + Advanced Poll v2.02 : = Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: Advanced Poll v2.02 + Venedor ...........: http://www.proxy2.de + Class...

iwebnegar11.txt

:: IwebNegar v1.1 Multiple vulnerabilities :: ------------------------------------------------ Software : IwebNegar v1.1 Website : ---- Bug Discover : Hessam-x / www.hessamx.net I. Cross Site Scripting Vulnerability ------------------------------------------------- Parameter "comment" are not...

CVE-2006-4497

SQL injection vulnerability in comments.php in IwebNegar 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...