210 matches found
Persistent XSS vulnerability in eBuddy Web Messenger
Persistent XSS vulnerability in eBuddy Web Messenger A team member from Virtual Luminous Security, Russian Federation, has discovered a persistent XSS vulnerability in eBuddy the biggest web IM solution in the world by transmitting messages with embedded encoded javascript code. In-depth detail...
Nodesforum - '_nodesforum_node' SQL Injection
source: https://www.securityfocus.com/bid/48451/info Nodesforum is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or...
EA Sports Cross Site Scripting
Information -------------------- Name : XSS Persistent in EA Sports Software : EA Sports Main site Vendor Homepage : http://www.ea.com Vulnerability Type : XSS Persistent Severity : Very High Researcher : Juan Sacco Description ------------------ EA Sports is prone to a XSS Stored vulnerability...
DORG 1.1 Cross Site Request Forgery
DORG 1.1 Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KnocKout member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 My Live...
PHP Link Directory Software - 'sbcat_id' SQL Injection
== |Author: BorN To K!LL - h4ck3r |Contact: [email protected] == |Script: PHP link Directory software |Version: n/a |Link: http://www.softbizsolutions.com/php-link-directory-software.php == |3xploit: path/showcats.php?sbcatid=SQL-Injection |3xample:...
Built2Go PHP Shopping - SQL Injection
Script Name: Built2Go PHP Shopping version = 1.7 Site: http://built2go.com/ Script Demo: http://demos.built2go.com/shopping/1/ Found: Br0ly Google Dork: "Powered by Built2Go PHP Shopping" p0c: http://server.com/product.php?cat=16'%20UNION%20ALL%20SELECT%201,@@version,3/ xPloit:...
Joomla Freestyle FAQ 1.5.6 SQL Injection
Exploit Title:Joomla Freestyle FAQ 1.5.6 faqid SQL Injection Date: 16/9/2010 Author: Nc-HaCker Version:1.5.6 Download :http://freestyle-joomla.com/fssdownloads/viewcategory/2 Emial : [email protected] Tested on: XP / Linux ExploiT Example :...
HYM (news_details.php) SQL Injection Vulnerability
Exploit for php platform in category web applications ================================================== HYM newsdetails.php SQL Injection Vulnerability ================================================== +Title: HYM newsdetails.php SQL Injection Vulnerability + About :...
Turbo FTP Server 1.20.745 Directory Traversal
Date of Discovery: 17-Jun-2010 Credits: leinakesiatgmail.com Vendor: Turbo FTP Server Affected: Turbo FTP Server 1.20.745. Earlier versions may also be affected. Overview: 1.vendor description of software ------------------------------------------------ TurboFTP Server is a high performance,...
Advneced Management For Services Sites - File Disclosure
Advneced Management For Services Sites - File Disclosure ======================================================================= Advneced Management For Services Sites File Disclosure Vulnerabilities ======================================================================= Vendor:...
MediaInSpot CMS - Local File Inclusion (1)
Title : MediaInSpot CMS LFI Vulnerability Author: Amoo Arash Date : 2010-04-10 InformatioN Title : MediaInSpot CMS LFI Vulnerability Author : Amoo Arash ExploiT Vulnerable File : http://127.0.0.1/view/lang/index.php?page=?page=LFI ExploiT : ../../../../../../../etc/passwd Example :...
Rostermain 1.1 - Authentication Bypass
Rostermain 1.1 - Authentication Bypass + Rostermain + Download : http://scripts.ringsworld.com/games-and-entertainment/rostermain/ + Vuln Code : index.php if $POST'userid' && $POST'password' // if the user has just tried to log in $logquery = "select from users " ."where username='$userid' " ." a...
RealAdmin suffers from a remote blind SQL injection vulnerability
No description provided by source. .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : RealAdmin .:. Download Script: http://www.redcow.ca/products/realadmin/ .:. Bug Type : Blind Sql Injection .:. Dork : "Powered by RealAdmin and Red...
RealAdmin Blind SQL Injection
RealAdmin detail.php Blind Sql Injection Vulnerability ======================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : RealAdmin .:. Download Script: http://www.redcow.ca/products/realadmin...
myBusinessAdmin - 'content.php' Blind SQL Injection
myBusinessAdmin content.php Blind Sql Injection Vulnerability ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : myBusinessAdmin .:. Download Script:...
Shout! CMS SQL Injection
Shout! content.php Blind Sql Injection Vulnerability ======================================================= .:. Author : Zero Cold [email protected] .:. Team : Sec Attack Team .:. Home : www.sec-attack.com/vb .:. Script : Shout! Script .:. Donwload Script: http://www.mediashaker.com/index.php .:...
Quiz - Cross-Site Scripting
======================================================================================== | Title : quiz Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | | EDB-ID : 10679 | |...
XM Easy Personal FTP Server 5.8.0 Remote DoS Vulnerability
No description provided by source. Date of Discovery: 24-Nov-2009 Credits:leinakesiatgmail.com Vendor: Dxmsoft Affected: XM Easy Personal FTP Server 5.8.0 Earlier versions may also be affected Overview: XM Easy Personal FTP Server failed to handle more than 2000 files or folders in the root...
Home FTP Server 'MKD' Command Directory Traversal Vulnerability
Date of Discovery: 17-Nov-2009 Credits:zhangmcatmail.ustc.edu.cn Vendor: Ari Pikivirta http://downstairs.dnsalias.net/homeftpserver.html Affected: Home FTP Server 1.10.1.139 Earlier versions may also be affected Overview: Home FTP Server is an easy use FTP server Application. Directory Traversal...
Home FTP Server 'SITE INDEX' Command Remote Denial of Service Vulnerability
Date of Discovery: 16-Nov-2009 Credits:zhangmcatmail.ustc.edu.cn Vendor: Ari Pikivirta http://downstairs.dnsalias.net/homeftpserver.html Affected: Home FTP Server 1.10.1.139 Earlier versions may also be affected Overview: Home FTP Server FTP Server is an easy use FTP server Application. Denial of...