CVE-2008-1918

SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magicquotesgpc is disabled and the database table prefix is known, allows remote authenticated users to execute arbitrary SQL commands via the submitinfo parameter in a link submission action. NOTE: it was later...

BBPortalS 2.0 - Blind SQL Injection

BBPortalS 2.0 - Blind SQL Injection BBPortalS BBsProcesS Remote Blind SQL Injection Exploit Bug Found And Write By Max007 Exploit Tested On V.1.5.10 And V.1.6.2 And 1.5.11 info:For The Version BBPortalS 2.0 name of field is user and password but you have to find name of table !/usr/bin/perl use...

CVE-2007-4153

Multiple cross-site scripting XSS vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via 1 the Options Database Table in the Admin Panel, accessed through options.php; or 2 the opmlurl parameter to link-import.php. NOTE: this might...

CVE-2007-4153

Multiple cross-site scripting XSS vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via 1 the Options Database Table in the Admin Panel, accessed through options.php; or 2 the opmlurl parameter to link-import.php. NOTE: this might...

CVE-2007-4153

Multiple cross-site scripting XSS vulnerabilities in WordPress 2.2.1 allow remote authenticated administrators to inject arbitrary web script or HTML via 1 the Options Database Table in the Admin Panel, accessed through options.php; or 2 the opmlurl parameter to link-import.php. NOTE: this might...

FreeBSD : wordpress -- XMLRPC SQL Injection (0838733d-1698-11dc-a197-0011098b2f36)

Secunia reports : Slappter has discovered a vulnerability in WordPress, which can be exploited by malicious users to conduct SQL injection attacks. Input passed to the 'wp.suggestCategories' method in xmlrpc.php is not properly sanitised before being used in SQL queries. This can be exploited to...

wordpress -- XMLRPC SQL Injection

Secunia reports: Slappter has discovered a vulnerability in WordPress, which can be exploited by malicious users to conduct SQL injection attacks. Input passed to the "wp.suggestCategories" method in xmlrpc.php is not properly sanitised before being used in SQL queries. This can be exploited to...

phpfootball16-disclose.txt

Title : PHPFootball 1.6 show.php Remote Database Disclosure Vulnerability Author : ajann Contact : : S.Page : http://phpfootball.sourceforge.net $$ : Free Dork : inurl:/phpfootball/ DBREAD--------------------------------------------------------- http://target/path//show.php VARIABLES Example:...

PHPFootball 1.6 (show.php) Remote Database Disclosure Vulnerability

Title : PHPFootball 1.6 show.php Remote Database Disclosure Vulnerability Author : ajann Contact : : S.Page : http://phpfootball.sourceforge.net $$ : Free Dork : inurl:/phpfootball/ DBREAD--------------------------------------------------------- http://target/path//show.php VARIABLES Example:...

MyBB 1.0.2 Sniffing table perfix bug in search.php

--------------------Summary---------------- Software: mybb Sowtware's Web Site: http://mybboard.com Versions: 1.0.2 Class: Remote Status: Unpatched Exploit: Available Solution: Not Available Discovered by: imei Risk: low -----------------Description--------------- mybb has a security bug that...

Dynamic Network access version of the storm log library ultimate law-vulnerability and early warning-the black bar safety net

| Dynamic Network access version of the storm log Library The Ultimate Law of the --- | Note:need to obtain a front Desk administrator permissions after use Articles specified in the recycle. asp?...

DEBIAN-CVE-2005-0544

phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to 1 sqlvalidator.lib.php, 2 sqlparser.lib.php, 3 selecttheme.lib.php, 4 selectlang.lib.php, 5 relationcleanup.lib.php, 6 headermetastyle.inc.php, 7 getforeign.lib.php, 8 displaytbllinks.lib.php, 9...