RadScripts RadBids Gold 2.0 - faq.php farea Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13080/info RadBids Gold is reported prone to multiple vulnerabilities. These issues include arbitrary file disclosure, cross-site scripting, and SQL injection. The following specific vulnerabilities were identified: A...

NPDS 4.8 /5.0 faq.php categories Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/13803/info NPDS is affected by multiple vulnerabilities resulting from input validation errors. These issues may allow remote attackers to carry out HTML injection, cross-site scripting and SQL injection attacks. This may...

free QBoard 1.1 faq.php qb_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18780/info Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the attacker to execute arbitrary...

vBulletin(R) 3.8.6 faq.php Information Disclosure Vulnerability

No description provided by source. 010101010101010101010101010101010101010101010101010101010 0 0 1 Iranian Datacoders Security Team 2010 0 0 010101010101010101010101010101010101010101010101010101010 Original Advisory:...

Cyber CMS 'faq.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/39698/info Cyber CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

vBulletin 3.x <= 4.2.0 FAQ (Echo config) trick

By using this codes, you can echo config.php information, such as host, username and password. Go to acp, Faq Manager and then edit a FAQ, add the following code: $vbulletin-config'MasterServer''servername' $vbulletin-config'MasterServer''username' $vbulletin-config'MasterServer''password'...

US Creations Web Services CMS Cross Site Scripting

Exploit Title: US Creations Web Services CMS Cross Site Scripting Google Dork: "Powered By: US Creations Web Services" Date: 9/7/2012 Author: Ajax Security Team Discovered By: Crim3R Home: WwW.AjaxTm.CoM Vendor Software: http://www.us-creations.com/ Version: All Version Category:: webapps Tested...

Websolutions SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

FAQMasterFlex 1.2 SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================= FAQMasterFlex 1.2 SQL Injection Vulnerability ============================================= Author: cyb3r.anbu Software Link: http://www.lethalpenguin.net/design/faqmasterflex.php Version: 1.2 Test...

FAQMasterFlex 1.2 - SQL Injection

FAQMasterFlex 1.2 - SQL Injection Hi guys, I just found a sqli bug on FAQMasterFlex. Since the software used as one of Fantastico auto-install software package in F.A.Q software section. Author: cyb3r.anbu Software Link: http://www.lethalpenguin.net/design/faqmasterflex.php Version: 1.2 Tested on...

Cross-site Request Forgery (CSRF) Vulnerabilities in Amiro.CMS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Amiro.CMS which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Amiro.CMS 1.1 The vulnerability exists due to insufficient validation of the request origin i...

MyPHP Forum SQL injection vulnerability-vulnerability warning-the black bar safety net

Affected system: MyPHP. ws MyPHP Forum v3. 0 Final Description: BUGTRAQ ID: 2 7 1 1 8 MyPHP Forum is an easy to erect and easy to use based on MySQL with PHP Forum. MyPHP Forum process user requests data when there is an input validation vulnerability, a remote attacker could exploit this...

vBulletin 3.8.6 faq.php Information Disclosure

010101010101010101010101010101010101010101010101010101010 0 0 1 Iranian Datacoders Security Team 2010 0 0 010101010101010101010101010101010101010101010101010101010 Original Advisory: http://forum.intern0t.net/exploits-vulnerabilities-pocs/2857-vbulletin-3-8-6-critical-information-disclosure.html...

vBulletin 3.8.6 - faq.php Information Disclosure

vBulletin 3.8.6 - faq.php Information Disclosure 010101010101010101010101010101010101010101010101010101010 0 0 1 Iranian Datacoders Security Team 2010 0 0 010101010101010101010101010101010101010101010101010101010 Original Advisory:...

vBulletin 3.8.6 - &#039;faq.php&#039; Information Disclosure

010101010101010101010101010101010101010101010101010101010 0 0 1 Iranian Datacoders Security Team 2010 0 0 010101010101010101010101010101010101010101010101010101010 Original Advisory: http://forum.intern0t.net/exploits-vulnerabilities-pocs/2857-vbulletin-3-8-6-critical-information-disclosure.html...

vBulletin 3.8.6 faq.php Information Disclosure Vulnerability

Exploit for php platform in category web applications =============================================================== vBulletinR 3.8.6 faq.php Information Disclosure Vulnerability ===============================================================...

vBulletin 'faq.php' Information Disclosure Vulnerability

vBulletin is prone to an information-disclosure vulnerability. Successful exploits can allow attackers to obtain potentially sensitive information which may aid in other attacks. vBulletin 3.8.6 is affected; prior versions may also be vulnerable. OpenVAS Vulnerability Test $Id:...

vBulletin 3.8.6 Credential Disclosure

Versions Affected: 3.8.6 Only! Info: Content publishing, search, security, and more—vBulletin has it all. Whether it’s available features, support, or ease-of-use, vBulletin offers the most for your money. Learn more about what makes vBulletin the choice for people who are serious about creating...

Infoware SQL Injection

=============================================== infoware SQL Injection Vulnerability =============================================== .----..--.--.| |--..-----..----.| |.-----..-----. | || | || || -|| || || || | ||| ||||||| ||||| | || || infoware SQL Injection Vulnerability...

infoware - SQL Injection

infoware - SQL Injection =============================================== infoware SQL Injection Vulnerability =============================================== .----..--.--.| |--..-----..----.| |.-----..-----. | || | || || -|| || || || | ||| ||||||| ||||| | || || infoware SQL Injection Vulnerabilit...