1622 matches found
Viennabux Beta! 'cat' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/39602/info Viennabux Beta! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromi...
iOS Serversman 3.1.5 - HTTP Remote DoS Exploit
No description provided by source. !/usr/bin/python Apple Iphone/Ipod - Serversman 3.1.5 HTTP Remote DoS exploit Found by: Steven Seeley mrme seeleymagic at hotmail dot com Homepage: http://serversman.com/indexen.jsp Download: From the app store Free - use your Itunes account Tested on: Iphone 3G...
Allomani News 1.0 - CSRF Vulnerability (Add Admin)
No description provided by source. News 1.0 XSRF Vulnerability Add Admin ==================================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://allomani.com/en/newsscript.html === Exploit === form method=POST name=form0...
AllMyGuests <= 0.4.1 (AMG_id) Remote SQL Injection Vulnerability
No description provided by source. Found by : -=Player=- Contacts : 282-246-419 ICQ Greatz to: LidlosesAuge, Suicide, enco, Free-Hack Script : AllMyGuests Site : http://www.php-resource.net/ Dork : powered by AllMyGuests Valnu : index.php Parameter: AMGid Injection:...
Ipswitch WhatsUp Professional 2006 Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16771/info Ipswitch WhatsUp Professional 2006 is susceptible to a remote denial-of-service vulnerability. This issue is due to the application's failure to properly handle certain HTTP GET requests. This issue allows remo...
I-Pos Internet Pay Online Store <= 1.3 Beta SQL Injection Vulnerability
No description provided by source. + Title : I-Pos Internet Pay Online Store v1.3 Beta = Remote SQL Injection Vulnerability ========================================================================================== + Author : KnocKout + Special ThanX : Dr.Kacak & Cr@zy-King and CW ALL USERS . . ....
PoPToP PPTP <= 1.1.4-b3 Remote Root Exploit (poptop-sane.c)
No description provided by source. / Fixed Exploit against PoPToP in Linux poptop-sane.c ./r4nc0rwh0r3 of blightninjas [email protected] blightninjas: bringing pain, suffering, and humiliation to the security world Expect more great release like helloworld-annotated.c and cd explained...
Joomla Component equotes 0.9.4 - Remote SQL injection Vulnerability
No description provided by source. /---------------------------------------------------------------\ \ / / Joomla Component equotes Remote SQL injection \ \ / ---------------------------------------------------------------/ Author : His0k4 ALGERIAN HaCkEr Dork : inurl:comeQuotes POC :...
Banshee 1.4.2 DAAP Extension 'apps/web/vs_diag.cgi' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34507/info Banshee DAAP Extension is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
V-webmail 1.6.2 - Multiple Cross-Site Scripting Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/16706/info V-webmail is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary script...
NoticeWare Email Server 4.6 NG LOGIN Messages Denial Of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30605/info NoticeWare Email Server NG is prone to a denial-of-service vulnerability because it fails to handle user-supplied input. Remote attackers can exploit this issue to deny service to legitimate users. NoticeWare...
BEA WebLogic 6/7/8 InteractiveQuery.jsp Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8938/info It has been reported that BEA WebLogic InteractiveQuery.jsp example application is prone to a cross-site scripting vulnerability. The issue is reported to exist due insufficient sanitization of user-supplied dat...
Yellow Swordfish Simple Forum 1.10/1.11'topic' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27823/info Simple Forum is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise...
Pidgin MSN <= 2.6.4 File Download Vulnerability
No description provided by source. !/usr/bin/env python Pidgin MSN = 2.6.4 file download vulnerability 19 January 2010 Mathieu GASPARD [email protected] Description: Pidgin is a multi-protocol Instant Messenger. This is an exploit for the vulnerability1 discovered in Pidgin by Fabian Yamaguchi. T...
OSSIM 2.1 - SQL Injection and xss
No description provided by source. OSSIM - Open Source Security Information Management is vulnerable to multiple security vulnerabilities. 1. SQL Injections 2. Linked XSS 3. Unauthorized access Digital Security Research Group DSecRG Advisory DSECRG-09-055 Application: OSSIM Versions Affected: 2.1...
Kartli Alisveris Sistemi 1.0 - Remote SQL Injection Vulnerability
No description provided by source. Discovered by: kerem125 & gsy Website: http://www.kerem125.com/ & http://www.by-gsy.org/ Script download: http://download.asprehberi.net/dosyalar/kategoriler/alisveris/freepaypalshoppingcarttr.zip Exploit:...
PHP/FI 1.0/FI 2.0/FI 2.0 b10 mylog/mlog Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/713/info The PHP/FI package which was originally written by Rasmus Lerdorf is an is an HTML-embedded scripting language. Much of its syntax is borrowed from C, Java and Perl with a couple of unique PHP-specific features...
Allomani Super Multimedia Library 2.5.0 - CSRF Vulnerability (Add Admin)
No description provided by source. Super Multimedia Library 2.5.0 XSRF Vulnerability Add Admin ==================================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://allomani.com/en/mediascript.html === Exploit === form method=POST...
p.mapper 3.2 beta3 plugins/export/mc_table.php _SESSION[PM_INCPHP] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/26614/info p.mapper is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and th...
TotalECommerce <= 1.0 (index.asp id) Remote SQL Injection Exploit
No description provided by source. Original advisory: http://www.nukedx.com/?viewdoc=18 Advisory by: nukedx Full PoC Explotation: GET - http://victim/dir/index.asp?secao=PageID&id=SQL EXAMPLE 1 -...