SiteBar 3.3.8 - '/translator.php?upd/cmd/Action/edit' Arbitrary PHP Code Execution

source: https://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple arbitrary-script-code-execution vulnerabilities -...

Asterisk asterisk-addons 1.2.71.4.3 - CDR_ADDON_MYSQL Module SQL Injection

Asterisk asterisk-addons 1.2.71.4.3 - CDRADDONMYSQL Module SQL Injection source: https://www.securityfocus.com/bid/26095/info Asterisk 'asterisk-addons' package is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query...

Linkliste 1.2 - 'index.php' Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/26045/info Linkliste is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attack...

Uebimiau Webmail 2.7.x - index.php Cross-Site Scripting

Uebimiau Webmail 2.7.x - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/25912/info UebiMiau is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-si...

kav/kis 6/7 vulnerabilities-vulnerability warning-the black bar safety net

Foreign famous Rootkit research site rootkit. com published an article: "Exploiting Kaspersky Antivirus 6.0-7.0" the author as EPXOFF/UG North,is famous for its anti-Rootkit tool Rootkit Unhooker,Process walker developers. The article said that Kaspersky Anti-virus software from 6. 0 to the curre...

LevelOne WBR3404TX Broadband Router - 'RC' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25738/info The LevelOne WBR3404TX Broadband Router is prone to multiple cross-site scripting vulnerabilities because the software fails to sufficiently sanitize user-supplied input. These issues occurs in the web management panel. Exploiting these...

ckgold-sql.txt

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV4 print "\n |-------------------------------------------------|"; print "\n | newhackdotorg |"; print "\n |-------------------------------------------------|"; print "\n | CKGold Shopping Cart v2.0 Blind SQL Injection |"; print "\n |...

Openads (PHPAdsNew) < 2.0.8 - 'lib-remotehost.inc.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/25277/info Openads formerly known as phpAdsNew is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying syste...

WebDirector - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25166/info WebDirector is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the...

Vikingboard 0.1.2 - post.php Cross-Site Scripting

Vikingboard 0.1.2 - post.php Cross-Site Scripting source: https://www.securityfocus.com/bid/25056/info Vikingboard is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to steal...

Vikingboard 0.1.2 - 'cp.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25056/info Vikingboard is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting this issue could allow an attacker to steal cookie-based authentication credentials and to launch oth...

Moodle 1.7.1 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/24748/info Moodle is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context ...

Fuzzylime 1.0 - 'Low.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/24522/info Fuzzylime is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the conte...

Apache MyFaces Tomahawk JSF Framework 1.1.5 - 'Autoscroll' Cross-Site Scripting

source: https://www.securityfocus.com/bid/24480/info Apache Tomahawk MyFaces JSF Framework is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to launch cross-site scripting attacks on...

DGNews 2.1 - 'footer.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/24200/info DGNews is prone to a cross-site scripting vulnerability. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be...

Digirez 3.4 - Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/24157/info Digirez is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials and to launch other...

TFTP Server TFTPDWin 0.4.2 - Directory Traversal

source: https://www.securityfocus.com/bid/23937/info TFTP Server TFTPDWIN is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to gain read/write access to privileged directories and files. TFT...

FipsCMS 2.1 - 'pid' SQL Injection

source: https://www.securityfocus.com/bid/23850/info fipsCMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data,...

Doruk100Net - Info.php Remote File Inclusion

Doruk100Net - Info.php Remote File Inclusion source: https://www.securityfocus.com/bid/23675/info Doruk100Net is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and...

DynaTracker 1.5.1 - includes_handler.php?base_path Remote File Inclusion

DynaTracker 1.5.1 - includeshandler.php?basepath Remote File Inclusion source: https://www.securityfocus.com/bid/23667/info DynaTracker is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an...