Super Simple Blog Script 2.5.4 - Local File Inclusion Vulnerability

No description provided by source. ----------exploit Debut Local File Inclusion Vulnerability ----------Script Info Moi : JIKO Site : No-exploit.Com Email : mm : Moghla9 Ferme Closed ----------Script Info Site:http : http://www.supersimple.org/ Download :...

IwebNegar 1.1 Comments.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19757/info IwebNegar is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to...

AllMyGuests <= 0.3.0 (AMG_serverpath) Remote Inclusion Vulnerabilities

No description provided by source. AllMyGuests 3.0 Remote File Inclusion Vulnerability Software: AllMyGuests Version: 3.0 Download: http://download.php-resource.net/AllMyGuests/AllMyGuests0.3.0.zip Found By: beks Bug In: /include/submit.inc.php /admin/index.php /include/cmsubmit.inc.php...

WordPress 1.2 edit-comments.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/11268/info It is reported that Wordpress is affected by various cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input. Wordpress 1.2 is...

PicsEngine 2 Beta Cross Site Scripting / SQL Injection

PicsEngine Application error message Vulnerability ================================================== Author indoushka ================================================== vendor : Powered by PicsEngine 2 Beta ================================================== Blind SQL Injection :...

CVE-2013-5099

Cross-site scripting XSS vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Name field. NOTE: some sources have reported that comments.php is vulnerable, but certain functions from comments.php are us...

GLPI 0.83.8 SQL Injection

GLPI v0.83.8 Multiple Error-based SQL Injection Vulnerabilities Vendor: INDEPNET Development Team Product web page: http://www.glpi-project.org Affected version: 0.83.7 and 0.83.8 Summary: GLPI, an initialism for Gestionnaire libre de parc informatique Free Management of Computer Equipment, was...

Chyrp 2.1.2 SQL Injection / Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

piwigo v.2.3.3 SQL Injector

Exploit for php platform in category web applications +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : piwigo SQL comments.php?displaymode=albums SQL 1 myerror...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Wuzly 2.0 allow remote attackers to inject arbitrary web script or HTML via the Referer header to 1 admin/login.php and 2 admin/404.php; the 3 q parameter to search.php; the 4 themename parameter to themesettings.php, 5 extensionname parameter ...

CVE-2011-3835

Multiple cross-site scripting XSS vulnerabilities in Wuzly 2.0 allow remote attackers to inject arbitrary web script or HTML via the Referer header to 1 admin/login.php and 2 admin/404.php; the 3 q parameter to search.php; the 4 themename parameter to themesettings.php, 5 extensionname parameter ...

Tugux CMS 1.2 Multiple vulnerability (BLIND sql & xss)

Exploit for php platform in category web applications =================================================================== Tugux CMS 1.2 Multiple vulnerability BLIND sql & xss =================================================================== Software: Tugux CMS Vendor: www.tugux.com Vuln Type:...

Tugux CMS 1.2 Cross Site Scripting / Blind SQL Injection

=================================================================== Tugux CMS 1.2 Multiple vulnerability BLIND sql & xss =================================================================== Software: Tugux CMS Vendor: www.tugux.com Vuln Type: BLind SQL Injection Download link:...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Post Revolution 0.8.0c-2 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests to 1 ajax-weblog-guardar.php, 2 verpost.php, 3 comments.php, or 4 perfil.php...

CVE-2011-1954

Post Revolution 0.8.0c and earlier is affected by CSRF in multiple endpoints (ajax-weblog-guardar.php, verpost.php, comments.php, perfil.php), enabling remote attackers to hijack user sessions. The vulnerability is described consistently across CVE-2011-1954 entries; the root cause is inadequate ...

SiteEngine 'module' SQL Injection Vulnerability

SiteEngine is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-4357

SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module parameter...

Sql injection

SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module parameter...

CVE-2010-4357

CVE-2010-4357: SiteEngine 7.1 contains a SQL injection in comments.php via the module parameter, enabling remote arbitrary SQL execution. Technical detail: vulnerable component is the comments.php handler in SiteEngine 7.1; exploit vector is passing crafted module parameters to trigger SQL comman...

CVE-2010-4357

SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module parameter...