phpBugTracker <= 1.0.4 SQLi Vulnerability

phpBugTracker is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

ArcaVir 2009 &lt; 9.4.320X.9 - &#039;ps_drv.sys&#039; Local Privilege Escalation

//////////////////////////////////////////////////////////////////////////////////// // +----------------------------------------------------------------------------+ // // | | // // | ArcaBit Sp. z o.o. - http://www.arcabit.com/ | // // | | // // | Affected Software: | // // | ArcaVir 2009...

PHP 5.3.2 - &#039;xml_utf8_decode()&#039; UTF-8 Input Validation

source: https://www.securityfocus.com/bid/44605/info PHP is prone to a vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow attackers to provide unexpected input and possibly bypass input-validation protection mechanisms. This can aid in...

PuterJam&#039;s Blog PJBlog3 3.0.6 - &#039;action.asp&#039; SQL Injection

source: https://www.securityfocus.com/bid/34701/info PJBlog3 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data,...

Address Book 2.5 Shell Upload

Address Book 2.5 profile Remote Shell Upload Vulnerability bug found by Jose Luis Gongora Fernandez a.k.a JosS contact: sys-projectathotmail.com website: http://www.hack0wn.com/ - download: http://www.studiolounge.net/2007/08/17/address-book-25 - vuln file: upload-file.php The upload-file.php...

FreznoShop 'product_details.php' SQLi Vulnerability

FreznoShop is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

ASP Product Catalog 1.0 - Cross-Site Scripting File Disclosure

ASP Product Catalog 1.0 - Cross-Site Scripting File Disclosure !/usr/bin/perl By AlpHaNiX NullArea.Net alphaathacker.bz Made in Tunisia script : ASP Product Catalog Multiple Remote Exploits download : http://sourceforge.net/project/showfiles.php?groupid=136315 script homepage :...

w3bcms Gaestebuch 3.0.0 Blind SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================== w3bcms Gaestebuch 3.0.0 Blind SQL Injection Exploit =================================================== !/usr/bin/perl use LWP::UserAgent; use HTTP::Request::Common qwPOST; use...

How to break Web software

In this Google Tech Talk, Mike Andrews, a security consultant from Foundstone, discusses common techniques for exploiting weak spots in Web applications. Running time: 1:26...

Free PHP Petition Signing Script SQLi Vulnerability (Mar 2009) - Active Check

Free PHP Petition Signing Script is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

WEBJump! Multiple SQL Injection Vulnerabilities

WEBJump! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the...

Bugs Online <= 2.14 SQLi Vulnerability - Active Check

Bugs Online is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

ProQuiz 'Username' and 'Password' Parameters SQL Injection Vulnerability

ProQuiz is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective rig...

TinX CMS 'rss.php' SQL Injection Vulnerability

TinX CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying...

nForum Multiple SQLi Vulnerabilities (Mar 2009) - Active Check

nForum is prone to multiple SQL injection SQLi vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

TinX CMS < 3.5.1 SQLi Vulnerability - Active Check

TinX CMS is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...

mks_vir 9b < 1.2.0.0b297 (mksmonen.sys) Privilege Escalation Exploit

Exploit for unknown platform in category local exploits ==================================================================== mksvir 9b 1.2.0.0b297 mksmonen.sys Privilege Escalation Exploit ====================================================================...

A4Desk Event Calendar SQLi Vulnerability (Mar 2009) - Active Check

A4Desk Event Calendar is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

CentOS Update for firefox CESA-2008:0549 centos3 i386

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2008:0549 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

Trojan exploiting Excel zero-day flaw

Reports have been circulating in the last couple of days about an unpatched vulnerability in Microsoft Excel, and the software giant has now confirmed the problem. The flaw allows attackers to run code on remote machines if they can entice a user into opening a malicious Excel file. Some security...