63 matches found
EUVD-2005-0829
Malware in sbrugna...
EUVD-2007-6347
Malware in sbrugna...
EUVD-2005-0828
Malware in sbrugna...
EUVD-2003-0485
Malware in sbrugna...
CVE-2007-6380
Multiple SQL injection vulnerabilities in e-Xoops exoops 1.08, and 1.05 Rev 1 through 3, allow remote attackers to execute arbitrary SQL commands via the 1 lid parameter to a mylinks/ratelink.php, b adresses/ratefile.php, c mydownloads/ratefile.php, d mysections/ratefile.php, and e...
RunCMS 1.1 Database Configuration Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12848/info RunCMS is reportedly affected by an information disclosure vulnerability. This issue is due to a failure in the application to secure sensitive information. Exploitation of this vulnerability could lead to the...
E-Xoops 1.0.5/1.0.8 mylinks/ratelink.php lid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
E-Xoops 1.0.5/1.0.8 mysections/ratefile.php lid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
E-Xoops 1.0.5/1.0.8 modules/banners/click.php bid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
E-Xoops 1.0.5/1.0.8 adresses/ratefile.php lid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
E-Xoops 1.0.5/1.0.8 modules/arcade/index.php gid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
E-Xoops 1.0.5/1.0.8 mydownloads/ratefile.php lid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
E-Xoops 1.0.5/1.0.8 myalbum/ratephoto.php lid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/26796/info E-Xoops is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to...
bcoos 1.0.10 (lfi / SQL Injection) Multiple Vulnerabilities
No description provided by source. WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: Bcoos Multiple Vulnerabilities Vendor: http://www.bcoos.net/ Bugs: Local File Inclusion, Sql Injection Vulnerable Version: bcoos 1.0.10 prior versions also may be affected...
DevTracker Module For bcoos 1.1.11 and E-xoops 1.0.8 Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/27619/info DevTracker module for bcoos and E-xoops is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute...
E-Xoopport 3.1 SQL Injection
= 5 this may take some minutes.. / EXPLOIT / errorreporting0; iniset"defaultsockettimeout",30; settimelimit0; function httpsend$host, $packet $sock = fsockopen$host, 80; $c = 0; while !$sock if $c++ == 10 die; print "\n- No response from ".$host.":80 Trying again..."; $sock = fsockopen$host,80;...
CVE-2008-7036
Multiple cross-site scripting XSS vulnerabilities in index.php in DevTracker module 3.0 for bcoos 1.1.11 and earlier, and DevTracker module 0.20 for E-XooPS 1.0.8 and earlier, allow remote attackers to inject arbitrary web script or HTML via the 1 direction and 2 orderby parameters...
E-Xoops 1.08 SQL Injection
Author: Dante90, WaRWolFz Crew Title: 0-Day SQL Injection E-Xoops = 1.08 By Dante90 MSN: [email protected] Web: www.warwolfz.org 0-Day SQL Injection E-Xoops = 1.08 By Dante90 code http://www.victimesite.org/WaRWolFz/modules/mylinks/ratelink.php?lid=-1UNION SELECT CONCATname,CHAR32,58,32,pas...
popnupblog-xss.txt
PopnupBlog index.php multiple variables XSS Vendor url:http://www.bluemooninc.biz/ Advisore:http://lostmon.blogspot.com/2008/08/ popnupblog-indexphp-multiple-variables.html Vendor notify:no exploits availables:yes PopnupBlog contains a flaw that allows a remote cross site scripting attack.This fl...
rmsoftminishop-xss.txt
RMSOFT MiniShop module multiple variable XSS Vendor url:http://redmexico.com.mx Advisore:http://lostmon.blogspot.com/2008/08 /rmsoft-minishop-module-multiple.html Vendor notify:no exploit available:yes RMSOFT MiniShop is a E-commerce php/Mysql script module for multiple CMS Systems like...