103 matches found
CVE-2007-0676
ExoPHPDesk vulnerability CVE-2007-0676 is a SQL injection in faq.php (id parameter) affecting ExoPHPDesk 1.2.1 and earlier. The underlying issue is improper input handling that allows remote attackers to craft SQL commands via id, leading to potential data disclosure or database manipulation. Pub...
ExoPHPDesk <= 1.2.1 (faq.php) Remote SQL Injection Vulnerability
No description provided by source. Title : ExoPHPDesk = 1.2.1 faq.php Remote SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.exoscripts.com $$ : Free Dork : Powered by ExoPHPDesk v1.2 Final. DorkEx :...
ExoPHPDesk faq.php id Parameter SQL Injection
The remote host is running Exo PHPDesk, a helpdesk application written in PHP. The version of Exo PHPDesk on the remote host fails to properly sanitize input to the 'id' parameter of the 'faq.php' script before using it in database queries. Provided PHP's 'magicquotesgpc' setting is disabled, an...
ExoPHPDesk <= 1.2.1 (faq.php) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================ ExoPHPDesk = 1.2.1 faq.php Remote SQL Injection Vulnerability ================================================================ Title : ExoPHPDesk = 1.2.1 faq.php Remote SQL...
ExoPHPDesk 1.2.1 - faq.php SQL Injection
ExoPHPDesk 1.2.1 - faq.php SQL Injection Title : ExoPHPDesk = 1.2.1 faq.php Remote SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.exoscripts.com $$ : Free Dork : Powered by ExoPHPDesk v1.2 Final. DorkEx :...
ExoPHPDesk 1.2.1 - 'faq.php' SQL Injection
Title : ExoPHPDesk = 1.2.1 faq.php Remote SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.exoscripts.com $$ : Free Dork : Powered by ExoPHPDesk v1.2 Final. DorkEx : http://www.google.com.tr/search?q=Powered+by+ExoPHPDesk+v1.2+Final.+&hl=tr&start=0&sa=N Info : \ Google...
freeqboard-rfi.txt
freeqboard = 1.1 qbpath Remote File Include Vulnerability Author: Mr.3FReeT Softname: freeqboard code in : about.php , contact.php , delete.php , faq.php , index.php include "config.php"; include $qbpath."incs/mysql.php"; Exploit : """""""" www.site.com/path/index.php?qbpath=shellcode.txt?...
PHPKit 1.6.1 RC2 (faq/faq.php) Remote SQL Injection Exploit
+-------------------------------------------------------------------- + + PHPKit 1.6.1 RC2 + + Original advisory: + http://www.bb-pcsecurity.de/ + +-------------------------------------------------------------------- + + Affected Software .: PHPKit 1.6.1 RC2 + Venedor ...........:...
Fully Modded phpBB <= 2021.4.40 Multiple File Include Vulnerabilities
Exploit for unknown platform in category web applications ===================================================================== Fully Modded phpBB = 2021.4.40 Multiple File Include Vulnerabilities ===================================================================== Fully Modded phpBB 2 Remote Fi...
free QBoard 1.1 - faq.php?qb_path Remote File Inclusion
free QBoard 1.1 - faq.php?qbpath Remote File Inclusion source: https://www.securityfocus.com/bid/18780/info Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the attacker to...
free QBoard 1.1 - 'faq.php?qb_path' Remote File Inclusion
source: https://www.securityfocus.com/bid/18780/info Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the attacker to execute arbitrary server-side script code on an affected...
CVE-2006-3060
Cross-site scripting XSS vulnerability in P.A.I.D 2.2 allows remote attackers to inject arbitrary web script or HTML via the 1 read parameter in index.php, 2 farea parameter in faq.php, and 3 unspecified input fields on the "My Account" login page...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Teake Nutma Foing 0.2.0 through 0.7.0, as used with phpBB, allow remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter in 1 index.php, 2 song.php, 3 faq.php, 4 list.php, 5 genm3u.php, and 6 playlist.php...
ODFaq 2.1 - faq.php SQL Injection
ODFaq 2.1 - faq.php SQL Injection source: https://www.securityfocus.com/bid/15958/info ODFaq is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result...
CVE-2005-3843
SQL injection vulnerability in faq.php in Nicecoder iDesk 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter...
CVE-2005-3843
CVE-2005-3843 describes an SQL injection in Nicecoder iDesk 1.0, specifically in faq.php via the cat_id parameter, allowing remote attackers to execute arbitrary SQL commands. The connected documents confirm the vulnerable component (faq.php, cat_id) and the impact (arbitrary SQL execution); no e...
CVE-2005-3843
SQL injection vulnerability in faq.php in Nicecoder iDesk 1.0 allows remote attackers to execute arbitrary SQL commands via the catid parameter...
CVE-2005-1803
CVE-2005-1803 affects Net Portal Dynamic System (NPDS) 5.0. The description lists multiple XSS vectors: via the language parameter to admin.php or powerpack_f.php; the sitename parameter to sdv_infos.php; the categories parameter to faq.php; the lettre parameter to the glossaire module; the title...
CVE-2005-1803
Multiple cross-site scripting XSS vulnerabilities in Net Portal Dynamic System NPDS 5.0 allow remote attackers to inject arbitrary web script or HTML via the language parameter to 1 admin.php, or 2 powerpackf.php, 3 the sitename parameter to sdvinfos.php, 4 the categories parameter to faq.php, 5...
CVE-2005-1075
Multiple cross-site scripting XSS vulnerabilities in RadScripts RadBids Gold 2 allow remote attackers to inject arbitrary web script or HTML via 1 the farea parameter to faq.php or the 2 cat, 3 order, or 4 area parameters to index.php...