Lucene search
K

97 matches found

Exploit DB
Exploit DB
added 2020/10/09 12:0 a.m.630 views

DynPG 4.9.1 - Persistent Cross-Site Scripting (Authenticated)

Exploit Title: DynPG 4.9.1 - Persistent Cross-Site Scripting Authenticated Date: 2020-10-09 Exploit Author: Enes Özeser Vendor Homepage: https://dynpg.org/ Version: 4.9.1 Tested on: Windows & XAMPP == Tutorial alert"XSS"; == HTTP Request alert"XSS";...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

DynPG CMS 4.1.0 - Multiple Vulnerability (popup.php and counter.php)

No description provided by source. DynPG CMS v4.1.0 Multiple Vulnerability fucking the Web Apps attack edition /\ \ /\ \ /\ /\ \ \ \ \L\ \ \ /'\ /\ \ \ ,\ \ \ \ \ /\ /\ \ /'\ \ , /\ \ /' \ /' \ \ \ /\ \ \ /'\ \ \ /\ \ \ /\ /\ \ \\ \ /\ /\ /\ \L\ \ \ \ \ \ \ \ /\ / \ \ \ /\ \...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

DynPG CMS 4.1.0 - Multiple Vulnerabilities

No description provided by source. DynPG CMS v4.1.0 Multiple Vulnerability fucking the Web Apps attack edition /\ \ /\ \ /\ /\ \ \ \ \L\ \ \ /'\ /\ \ \ ,\ \ \ \ \ /\ /\ \ /'\ \ , /\ \ /' \ /' \ \ \ /\ \ \ /'\ \ \ /\ \ \ /\ /\ \ \\ \ /\ /\ /\ \L\ \ \ \ \ \ \ \ /\ / \ \ \ /\ \...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.29 views

DynPG 4.2.0 - Multiple Vulnerabilities

No description provided by source. Vulnerability ID: HTB22703 Reference: http://www.htbridge.ch/advisory/lfiindynpg.html Product: DynPG Vendor: dynpg.org http://www.dynpg.org/ Vulnerable Version: 4.2.0 Vendor Notification: 16 November 2010 Vulnerability Type: Local File Inclusion Status: Fixed by...

7.1AI score
Exploits0
0day.today
0day.today
added 2011/05/04 12:0 a.m.40 views

DynPG <= 4.2.1 (FU/RFI/LFI.SQLi) Multiple Vulnerabilities

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/05/04 12:0 a.m.40 views

DynPG 4.2.1 LFI / RFI / SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

0.1AI score
Exploits0
NVD
NVD
added 2010/12/06 1:37 p.m.21 views

CVE-2010-4400

SQL injection vulnerability in rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands via the giveRightsUserId parameter...

7.5CVSS8.4AI score0.02156EPSS
Exploits1References6
NVD
NVD
added 2010/12/06 1:37 p.m.20 views

CVE-2010-4401

languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message...

5CVSS6.1AI score0.0561EPSS
Exploits1References5
NVD
NVD
added 2010/12/06 1:37 p.m.27 views

CVE-2010-4399

Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via a .. dot dot in the CHGDYNPGSETLANGUAGE parameter to index.php. NOTE: some of these details are obtained from third party...

4.3CVSS6.7AI score0.0556EPSS
Exploits1References7
Prion
Prion
added 2010/12/06 1:37 p.m.16 views

Sql injection

SQL injection vulnerability in rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands via the giveRightsUserId parameter...

7.5CVSS9AI score0.02156EPSS
Exploits1References6Affected Software1
Prion
Prion
added 2010/12/06 1:37 p.m.17 views

Information disclosure

languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message...

5CVSS6.6AI score0.0561EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2010/12/06 1:37 p.m.15 views

Directory traversal

Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via a .. dot dot in the CHGDYNPGSETLANGUAGE parameter to index.php. NOTE: some of these details are obtained from third party...

4.3CVSS7.2AI score0.0556EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2010/12/04 11:0 p.m.27 views

CVE-2010-4401

languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message...

6.1AI score0.0561EPSS
Exploits1References5
Cvelist
Cvelist
added 2010/12/04 11:0 p.m.23 views

CVE-2010-4400

SQL injection vulnerability in rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands via the giveRightsUserId parameter...

8.4AI score0.02156EPSS
Exploits1References6
CVE
CVE
added 2010/12/04 11:0 p.m.46 views

CVE-2010-4400

DynPG CMS 4.2.0 is vulnerable to SQL injection in _rights.php via the giveRights_UserId parameter due to insufficient input sanitization. This allows remote attackers to execute arbitrary SQL commands against the database, potentially reading, modifying, or deleting data. A fix is available: upgr...

7.5CVSS8.7AI score0.02156EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2010/12/04 11:0 p.m.41 views

CVE-2010-4401

DynPG CMS 4.2.0 is vulnerable via languages.inc.php, where direct requests disclose the installation path due to improper error handling. Exploitation details appear in public advisories; remediation is to apply the DynPG 4.2.1 security update. Other vulnerabilities in DynPG are noted in consolid...

5CVSS6.3AI score0.0561EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2010/12/04 11:0 p.m.32 views

CVE-2010-4399

Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via a .. dot dot in the CHGDYNPGSETLANGUAGE parameter to index.php. NOTE: some of these details are obtained from third party...

6.7AI score0.0556EPSS
Exploits1References7
CVE
CVE
added 2010/12/04 11:0 p.m.48 views

CVE-2010-4399

DynPG CMS versions 4.1.1 and 4.2.0 expose a local file inclusion (LFI) vulnerability in languages.inc.php via the CHG_DYNPG_SET_LANGUAGE parameter to index.php. The root cause is lack of input sanitization before including files, enabling a remote attacker to read arbitrary files through director...

4.3CVSS6.9AI score0.0556EPSS
Exploits1References7Affected Software1
0day.today
0day.today
added 2010/12/01 12:0 a.m.19 views

DynPG 4.2.0 Multiple Vulnerabilities

Exploit for php platform in category web applications ==================================== DynPG 4.2.0 Multiple Vulnerabilities ==================================== Product: DynPG Vendor: dynpg.org http://www.dynpg.org/ Vulnerable Version: 4.2.0 Vendor Notification: 16 November 2010 Vulnerability...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2010/12/01 12:0 a.m.57 views

LFI in DynPG

Vulnerability ID: HTB22703 Reference: http://www.htbridge.ch/advisory/lfiindynpg.html Product: DynPG Vendor: dynpg.org http://www.dynpg.org/ Vulnerable Version: 4.2.0 Vendor Notification: 16 November 2010 Vulnerability Type: Local File Inclusion Status: Fixed by Vendor Risk level: Medium Credit:...

6.9AI score
Exploits0
Rows per page
Query Builder