Dev Web Management System 1.5 - getfile.php?cat SQL Injection

Dev Web Management System 1.5 - getfile.php?cat SQL Injection source: https://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management System...

Dev Web Management System 1.5 - download_now.php?target SQL Injection

Dev Web Management System 1.5 - downloadnow.php?target SQL Injection source: https://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management Syst...

Dev Web Management System 1.5 - 'add.php' Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management System versions 1.5 and earlier are prone to these issues...

Dev Web Management System 1.5 - 'getfile.php?cat' SQL Injection

source: https://www.securityfocus.com/bid/16063/info Dev Web Management System is prone to multiple input validation vulnerabilities. These issues may allow SQL injection and cross-site scripting attacks. Dev Web Management System versions 1.5 and earlier are prone to these issues...

Dev Web Management System <= 1.5 (cat) Remote SQL Injection Exploit

No description provided by source. ?php ---Dev15sqlxpl.php 9.54 24/12/2005 Dev =1.5 'cat' SQL injection / admin MD5 password hash disclosure coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc setting usage: launch from Apache, fill in requested fields, then g...

Dev Web Management System <= 1.5 (cat) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================================== Dev Web Management System this works regardless of magicquotesgpc setting usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Prohibit the taking of...

CVE-2005-4508

Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to obtain the installation path via a URL containing a non-existent .dll file...

CVE-2005-4507

Multiple cross-site scripting XSS vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple unspecified user input fields...

CVE-2005-4506

Nexus Concepts Dev Hound 2.24 and earlier stores username and password information in cleartext in the devhound.tdbd file, which allows local users to gain privileges...

CVE-2005-4508

CVE-2005-4508 affects Nexus Concepts Dev Hound (versions 2.24 and earlier). The vulnerability allows remote attackers to discover the installation path by requesting a URL containing a non-existent .dll file, exposing partial confidentiality via a path disclosure. The available documents do not s...

CVE-2005-4507

CVE-2005-4507 documents multiple cross-site scripting (XSS) vulnerabilities in Nexus Concepts Dev Hound 2.24 and earlier. Affected component: the web application’s user input handling where unvalidated inputs can lead to script/HTML injection. Impact is partial integrity compromise of affected pa...

CVE-2005-4508

Nexus Concepts Dev Hound 2.24 and earlier allows remote attackers to obtain the installation path via a URL containing a non-existent .dll file...

CVE-2005-4506

Nexus Concepts Dev Hound 2.24 and earlier stores username and password information in cleartext in the devhound.tdbd file, which allows local users to gain privileges...

CVE-2005-4506

Nexus Concepts Dev Hound 2.24 and earlier stores usernames and passwords in cleartext in the devhound.tdbd file, enabling local users to gain privileges. Affected component: Dev Hound data store file devhound.tdbd. Root cause: credentials saved in cleartext. Impact: local privilege escalation if ...

CVE-2005-3631

udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords...

security flaw

udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords...

CVE-2005-4421

Dev-Editor 3.0 allows remote attackers to access any directory outside the web root whose name is a substring of the web root directory name...

CVE-2005-4421

Dev-Editor 3.0 is affected by a directory traversal vulnerability: remote attackers can access directories outside the web root whose names are substrings of the web root directory. This CVE (CVE-2005-4421) is rated CVSSv2 base score 7.5 (HIGH) with network attack vector, low attack complexity, n...

CVE-2005-4421

Dev-Editor 3.0 allows remote attackers to access any directory outside the web root whose name is a substring of the web root directory name...

CVE-2005-4256

Cross-site scripting XSS vulnerability in forum.asp in ASP-DEV XM Forum RC3 allows remote attackers to inject arbitrary web script or HTML via the forumtitle parameter. NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. In addition, its accuracy is in...