EUVD-2009-1450

Malware in sbrugna...

Vanilla: Stored XSS in vanilla

Summary: There is a stored XSS in the latest version 2.6.4 of vanilla. Attack with post privileges can trigger this. Description: This is a feature that user can post content in markdown format. And the content and format type is inserted into database without check the format param. So attack ca...

sma-db 0.3.12 (rfi/xss) Multiple Vulnerabilities

No description provided by source. -----------------:Remote File Include/cross site script:----------------- script:SMA-DB v0.3.12 ------------------------------------------------------------------ download from:http://bluevirus.ch/media/downloads/SMA-DBv0.3.12.zip...

limesurvey (phpsurveyor) 1.49rc2 - Remote File Inclusion Vulnerability

No description provided by source. Owner : Pr0T3cT10n Email : [email protected] Homepage : www.kamikaz-team.com Script site : www.limesurvey.org Script name : LimeSurvey PHPSurveyor Version : 1.49RC2 Type : RFIRemote File Include Source :...

CVE-2009-1450

CVE-2009-1450 affects SMA-DB 0.3.12, where a vulnerability in format.php allows remote attackers to execute arbitrary PHP code via a URL supplied in the _page_content parameter. The issue constitutes a PHP remote file inclusion vulnerability with network exposure and requires no authentication, a...

sma-db 0.3.12 - Remote File Inclusion / Cross-Site Scripting

-----------------:Remote File Include/cross site script:----------------- script:SMA-DB v0.3.12 ------------------------------------------------------------------ download from:http://bluevirus.ch/media/downloads/SMA-DBv0.3.12.zip ------------------------------------------------------------------...

SMA-DB 0.3.12 RFI / XSS

-----------------:Remote File Include/cross site script:----------------- script:SMA-DB v0.3.12 ------------------------------------------------------------------ download from:http://bluevirus.ch/media/downloads/SMA-DBv0.3.12.zip ------------------------------------------------------------------...

sma-db 0.3.12 - Remote File Inclusion Cross-Site Scripting

sma-db 0.3.12 - Remote File Inclusion Cross-Site Scripting -----------------:Remote File Include/cross site script:----------------- script:SMA-DB v0.3.12 ------------------------------------------------------------------ download from:http://bluevirus.ch/media/downloads/SMA-DBv0.3.12.zip...

Authentication flaw

Unspecified vulnerability in cron.php in FreeSeat before 1.1.5d, when format.php has certain modifications, allows remote attackers to bypass authentication and gain privileges via unspecified vectors related to the showfoot function...

LimeSurvey (PHPSurveyor) 1.49RC2 Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ==================================================================== LimeSurvey PHPSurveyor 1.49RC2 Remote File Inclusion Vulnerability ==================================================================== Owner : Pr0T3cT10n Script name :...