141 matches found
CVE-2010-5047
SQL injection vulnerability in page.php in V-EVA Press Release Script allows remote attackers to execute arbitrary SQL commands via the id parameter...
V-EVA Classified Script 5.1 - classified_img.php SQL Injection
V-EVA Classified Script 5.1 - classifiedimg.php SQL Injection source: https://www.securityfocus.com/bid/41204/info V-EVA Classified Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...
V-EVA Classified Script 5.1 - 'classified_img.php' SQL Injection
source: https://www.securityfocus.com/bid/41204/info V-EVA Classified Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access...
HAVECMS 2.0 Beta <= SQL Injection Vulnerability
Exploit for php platform in category web applications =============================================== HAVECMS 2.0 Beta = SQL Injection Vulnerability =============================================== Author: Aurel 666 Exploit Title: SQL Injection Vendor url:http://havecms.jember.info/ Indonesia...
CVE-2010-2040
Cross-site scripting XSS vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter...
CVE-2010-2040
Cross-site scripting XSS vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allows remote attackers to inject arbitrary web script or HTML via the s parameter...
CVE-2010-2040
CVE-2010-2040 is an XSS in search.php of V-EVA Shopzilla Affiliate Script PHP, exploitable via the s parameter to inject arbitrary script/HTML. Connected sources confirm the vulnerability description but do not provide concrete patch/version details or exploitation specifics. No remediation, affe...
CVE-2008-7183
PHP remote file inclusion vulnerability in eva/index.php in EVA CMS 2.3.1, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the evacaminho parameter to index.php...
CVE-2008-7183
PHP remote file inclusion vulnerability in eva/index.php in EVA CMS 2.3.1, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the evacaminho parameter to index.php...
CVE-2008-7183
CVE-2008-7183 affects EVA CMS 2.3.1. A PHP remote file inclusion vulnerability in eva/index.php can allow remote code execution when register_globals is enabled, by passing a URL in the eva[caminho] parameter. The potential impact is arbitrary PHP code execution on the affected server, with typic...
evacms-rfi.txt
┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in index.php3 in EVA-Web 1.1 through 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 aide or 2 perso parameter...
CVE-2007-3460
Multiple PHP remote file inclusion vulnerabilities in index.php3 in EVA-Web 1.1 through 2.2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 aide or 2 perso parameter...
CVE-2007-3460
CVE-2007-3460 describes multiple PHP remote file inclusion vulnerabilities in EVA-Web 1.1–2.2. The flaw arises in index.php3 when processing the (1) aide or (2) perso parameter, allowing an attacker to supply a URL that leads to arbitrary PHP code execution on affected servers. The NVD entry list...
EVA-Web 1.1 2.2 - index.php3 Remote File Inclusion
EVA-Web 1.1 2.2 - index.php3 Remote File Inclusion / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ Program Title EVA-Web 1.1=2.2 Remote File Inclusion Note A patch was released some time ago..but there was never an...
EVA-Web 1.1<= 2.2 (index.php3) Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ==================================================================== EVA-Web 1.1= 2.2 index.php3 Remote File Inclusion Vulnerabilities ==================================================================== / \ / \ | | | | | | | | | | | / | |...
evaweb-rfi.txt
/ \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ Program Title EVA-Web 1.1=2.2 Remote File Inclusion Note A patch was released some time ago..but there was never an exploit released.. Script Download...
EVA-Web 1.1 < 2.2 - 'index.php3' Remote File Inclusion
/ \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ Program Title EVA-Web 1.1=2.2 Remote File Inclusion Note A patch was released some time ago..but there was never an exploit released.. Script Download...
CVE-2006-2690
An unspecified script in EVA-Web 2.1.2 and earlier, probably index.php, allows remote attackers to obtain the full path of the web server via invalid 1 perso or 2 aide parameters...