Directory traversal

Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter...

myBusinessAdmin (content.php) Blind Sql Injection Vulnerability

Exploit for unknown platform in category web applications =============================================================== myBusinessAdmin content.php Blind Sql Injection Vulnerability =============================================================== .:. Script : myBusinessAdmin .:. Download Script:...

Shout! CMS SQL Injection

Shout! content.php Blind Sql Injection Vulnerability ======================================================= .:. Author : Zero Cold [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : Shout! Script .:. Donwload Script: http://www.mediashaker.com/index.php .:...

Aurora CMS - SQL Injection

Aurora CMS - SQL Injection Exploit Title: Aurora CMS Remote SQL Injection Exploit content.php Date: December 22nd, 2009 Author: Sora Software Link: http://www.auroracms.com.au/ Version: 1.0, 2.0, and 3.0 Tested on: Windows and Linux ------------------------------------------------ Aurora CMS Remo...

Aurora CMS Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================= Aurora CMS Remote SQL Injection Exploit ======================================= Exploit Title: Aurora CMS Remote SQL Injection Exploit content.php Date: December 22nd, 2009 Author: Sora Software Link...

Aurora CMS - SQL Injection

Exploit Title: Aurora CMS Remote SQL Injection Exploit content.php Date: December 22nd, 2009 Author: Sora Software Link: http://www.auroracms.com.au/ Version: 1.0, 2.0, and 3.0 Tested on: Windows and Linux ------------------------------------------------ Aurora CMS Remote SQL Injection Exploit...

Aurora CMS Remote SQL Injection Exploit

No description provided by source. Exploit Title: Aurora CMS Remote SQL Injection Exploit content.php Date: December 22nd, 2009 Author: Sora Software Link: http://www.auroracms.com.au/ Version: 1.0, 2.0, and 3.0 Tested on: Windows and Linux ------------------------------------------------ Aurora...

CVE-2008-6867

SQL injection vulnerability in content.php in Scripts For Sites SFS EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter...

Sql injection

SQL injection vulnerability in content.php in Scripts For Sites SFS EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter...

CVE-2008-6867

CVE-2008-6867 describes an SQL injection in content.php of Scripts For Sites (SFS) EZ Career, exploitable by remote attackers via the topic parameter to execute arbitrary SQL commands. The vulnerability is rated HIGH (CVSS v2: AV:N/AC:L/Au:N/C:P/I:P/A:P) with a base score of 7.5. Multiple sources...

CVE-2008-6867

SQL injection vulnerability in content.php in Scripts For Sites SFS EZ Career allows remote attackers to execute arbitrary SQL commands via the topic parameter...

Abarcar Florist Shop System SQL Injection

abarcar Florist Shop System Script content.php cat Blind/Remote Sql inj script: http://www.abarcar.com/content18.php ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Date: 31.12.2008 Home: www.z0rlu.blogspot.com / www.experl.com N0T:...

1024 CMS <= 1.4.4 Multiple Remote/Local File Inclusion Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-027 Application: 1024 CMS Versions Affected: 1.4.3, 1.4.4 RFC Vendor URL: http://www.1024cms.com/...

Unfixed XSS vulnerability at www.highyieldliving.com

Security researcher Narcoticxs, has submitted on 30/08/2007 a cross-site-scripting XSS vulnerability affecting www.highyieldliving.com, which at the time of submission ranked 3019558 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/08/2007. I...

Unfixed XSS vulnerability at www.pulp.co.nz

Security researcher Narcoticxs, has submitted on 30/08/2007 a cross-site-scripting XSS vulnerability affecting www.pulp.co.nz, which at the time of submission ranked 1564276 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/08/2007. It is...

Micro CMS 3.5 (revert-content.php) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ===================================================================== Micro CMS 3.5 revert-content.php Remote SQL Injection Vulnerability ===================================================================== not sec group Micro CMS 3.5...

Micro CMS 3.5 - &#039;revert-content.php&#039; SQL Injection

not sec group http://www.notsec.com [email protected] Micro CMS 3.5 Class: SQL Injection Found: 28/08/2007 Remote: Yes Site: http://www.impliedbydesign.com/ibd-micro-cms-static-content-manager.html Download: http://www.impliedbydesign.com/apps/microcms/microcms.zip Demo site:...

WSPortal Content.PHP SQL注入漏洞

WSPortal是一款基于PHP的WEB应用程序。 WSPortal不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行SQL注入攻击获得敏感信息。 问题是由于'Content.PHP'脚本对用户提交的WEB参数缺少过滤，提交恶意SQL查询作为参数数据，可导致应用程序处理时更改原来的SQL逻辑，攻击者可以获得敏感信息或者操作数据库。 WSPortal WSPortal 1.0 目前没有解决方案提供： http://www.wsportal.co.uk/ http://www.example.com/WSPORTAL-DIRECTORY/content.php?page=0' UNI...

Sql injection

SQL injection vulnerability in content.php in WSPortal 1.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter...

CVE-2007-3128

SQL injection vulnerability in content.php in WSPortal 1.0, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the page parameter...