54 matches found
Social Engine 2.0 Multiple Local File Inclusion Vulnerabilities
No description provided by source. --------------------------------------------------------------- / | |\ / | / |/ | | |/ | | / | | | | | |/ | | // | || | ||| /| / /\ | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg...
уязвимости Simple Photo Album - 1.2 и 2.5
Software: Simple Photo Album - 1.2 и 2.5 Vendor: www.gieson.com Vulnerability: получение удаленным пользователем файла с хешем администратора Simple Photo Album в 1.2 и 2.5, возможность редактирования фотоальбома в обход авторизации, загрузка произвольных файлов - версия 1.2. Risk: высокий Date:...
AFGB GUESTBOOK 2.2 (Htmls) Remote File Include Vulnerabilities
No description provided by source. afgb GUESTBOOK V2.2 Htmls Remote File Include Vulnerability Turkish Hacker's Discovered By : mdX ------------------------------------------------------ Cyber-Warrior TIM Ay ve YIldIzlar Geceye YakISIr... the moon and the stars suit the night Class : REmote File...
textads.txt
vendor : www.idevspot.com version : all version By : s3rv3rhack3r www : hackerz.ir & h4ckerz.com http://localhost/textads/clients/delete.php?id=xss http://victim/textads/clients/error.php?errorxss and more...
Bee-hive 1.2 - Multiple Remote File Inclusions
source: https://www.securityfocus.com/bid/18654/info Bee-hive is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to have an arbitrary remote file containing malicious script...
MaxTrade 1.0.1 - Multiple SQL Injections
MaxTrade 1.0.1 - Multiple SQL Injections source: https://www.securityfocus.com/bid/17765/info MaxTrade is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful...
Ublog Reload 1.0.5 - index.asp Multiple SQL Injections
Ublog Reload 1.0.5 - index.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/13991/info Ublog Reload is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...
PHP code injection in CuteNews
PHP source code injection in CuteNews Informations : =============================================== Script : CuteNews v0.88 Offical site : http://air.langame.net/ =============================================== PHP Scripts : =============================================== shownews.php :...
WAnewsletter (PHP)
Informations : °°°°°°°°°°°°°° Website : http://www.phpcodeur.net Versions : 2.0beta - 2.1.0 Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° newsletter.php 2.1beta - 2.1.0 : ---------------------------------------------------- if !empty$HTTPPOSTVARS'action' $action =...
new advisory
---=== UkR Security Team advisory ===--- Name : MRTG CGI script "show files" Vulnerability About : The Multi Router Traffic Grapher MRTG is a tool to monitor the traffic load on network-links. MRTG generates HTML pages containing GIF images which provide a LIVE visual representation of this traff...
PALS Library System "show files" Vulnerability and remote command execution
Name: PALS Library System "show files" Vulnerability and remote command executiom. Date: 02.02.2001 About: This script is derived from an idea originated at St.Olaf College to provide a www interface to the PALS Library System. This idea was then worked on at Georgia State University. This versio...
Pragma Systems InterAccess TelnetD Server 4.0 - Terminal Configuration
Pragma Systems InterAccess TelnetD Server 4.0 - Terminal Configuration source: https://www.securityfocus.com/bid/1001/info The Pragma Systems InterAccess TelnetID Server 4.0 can be crashed by sending invalid, unexpected characters in the client's terminal configuration settings. This causes...
Ipswitch IMail 5.0.86.06.1 - IMonitor status.cgi Denial of Service
Ipswitch IMail 5.0.86.06.1 - IMonitor status.cgi Denial of Service source: https://www.securityfocus.com/bid/914/info IMail includes a service called IMail Monitor which is used for local and remote performance measuring and diagnostics. It includes a small webserver operating on port 8181 to...
Dick Lin ZetaMail 2.1 - Login Denial of Service
Dick Lin ZetaMail 2.1 - Login Denial of Service source: https://www.securityfocus.com/bid/813/info The ZetaMail mail server will crash if a username/password pair longer than 3500 characters is supplied by the client. 19636-1.exe - binary for windows 19636-2.zip - source for windows 19636-3.tgz -...