PT-2025-48106

Name of the Vulnerable Software and Affected Versions DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30 through 7000 Description An unauthenticated attacker can delete arbitrary files. The deleteupgrade parameter within the /var/www/upgrade contents.php file allows for the...

Eformics Systems Sql Injection Vulnerability

Exploit for php platform in category web applications Eformics Systems Multiple Sql Injection Vulnerability ======================================================================= .:. Author : AtT4CKxT3rR0r1ST email protected .:. Script : http://www.eformics.com/ .:. Dork : "Powered by: Eformics...

CVE-2004-2511

Multiple cross-site scripting XSS vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the year, 2 month, and 3 day parameters in calendar.php; 4 the cid and 5 url parameters in index.php; 6 the cid parameter in annoucement.php; 7 the...

CVE-2004-2511

Multiple cross-site scripting XSS vulnerabilities in DCP-Portal 5.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the year, 2 month, and 3 day parameters in calendar.php; 4 the cid and 5 url parameters in index.php; 6 the cid parameter in annoucement.php; 7 the...

CVE-2002-0282

DCP-Portal versions 3.7–4.5 contain an information disclosure vulnerability that allows remote attackers to obtain the server’s physical path. The issue occurs when an empty request to add_user.php is made, or via an invalid new_language parameter in contents.php, categories.php, or files.php, ca...