WSPortal 1.0 - 'content.php' SQL Injection

source: https://www.securityfocus.com/bid/24513/info WSPortal is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or...

Pie Cart Pro => (Home_Path) Remote File Inclusion Exploit

==================================================================== Pie Cart Pro = HomePath Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By Saudi Hackrz http://www.doodlebabies.com/...

CVE-2006-4860

CVE-2006-4860 concerns Limbo (aka Lite Mambo) CMS 1.0.4.2 before 20060311, with multiple vulnerabilities in 12 PHP/HTML files (index.php, minixml.inc.php, doc.inc.php, element.inc.php, node.inc.php, treecomp.inc.php, forum.html.php, forum.php, antihack.php, content.php, initglobals.php, imanager....

Pie Cart Pro - 'Home_Path' Remote File Inclusion

==================================================================== Pie Cart Pro = HomePath Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By Saudi Hackrz http://www.doodlebabies.com/...

Pie Cart Pro - Home_Path Remote File Inclusion

Pie Cart Pro - HomePath Remote File Inclusion ==================================================================== Pie Cart Pro = HomePath Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By Saudi Hackrz...

Pie Cart Pro (Home_Path) Remote File Include Vulnerability

No description provided by source. ==================================================================== Pie Cart Pro = HomePath Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By Saudi Hackrz http://www.doodlebabies.com...

Pie Cart Pro (Home_Path) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ========================================================== Pie Cart Pro HomePath Remote File Include Vulnerability ==========================================================...

Sql injection

SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via 1 the $username variable in the mosGetParam function and 2 the $task parameter in the mosMenuCheck function in a includes/mambo.php; and 3 the $filter...

CVE-2006-1794

SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via 1 the $username variable in the mosGetParam function and 2 the $task parameter in the mosMenuCheck function in a includes/mambo.php; and 3 the $filter...

CVE-2005-3986

Multiple SQL injection vulnerabilities in Instant Photo Gallery 1 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 catid parameter in portfolio.php and 2 cid parameter in content.php...

CVE-2005-3986

This CVE (CVE-2005-3986) affects Instant Photo Gallery (version 1 and earlier). The vulnerability is SQL injection in two parameters: cat_id in portfolio.php and cid in content.php, allowing remote attackers to execute arbitrary SQL commands. The exploitation is described as remote and results in...

phpgreetz.txt

Language: PHP Script: phpgreetz Version: 0.1a Official website: http://sourceforge.net/projects/phpgreetz/ Problem: Remote file inclusion Discovered by: beford & GB Description: =========== Free greeting card website, being built and distributed as open source. Includes all functions and features...

CVE-2005-3586

content.php in Mambo 4.5.2 through 4.5.2.3 allows remote attackers to obtain the installation path of the application via a URL that causes the application to return an error...

CVE-2005-3586

The CVE-2005-3586 issue affects Mambo 4.5.2 through 4.5.2.3. The vulnerability allows remote attackers to discover the installation path by triggering an error-response URL, as described in multiple sources including PT-2005-4372. There is no publicly detailed exploit description beyond this beha...

CVE-2005-0879

CVE-2005-0879 affects Vortex Portal Content Management System. It is a PHP remote file inclusion flaw in content.php and index.php that lets an attacker execute arbitrary PHP code by passing a URL in the act parameter. Documented impact per NVD: partial confidentiality, integrity, and availabilit...

CVE-2005-0880

content.php in Vortex Portal allows remote attackers to obtain sensitive information via an invalid act parameter, which leaks the full pathname in a PHP error message...

CVE-2005-0879

PHP remote file include vulnerability in 1 content.php and 2 index.php for Vortex Portal allows remote attackers to execute arbitrary PHP code via a URL in the act parameter...