EUVD-2007-1544

Malware in sbrugna...

PT-2025-21350 · Fluxbb · Fluxbb

Name of the Vulnerable Software and Affected Versions: FluxBB version 1.5.11 Description: The issue is related to Cross Site Scripting XSS via the Forum Description Field in admin forums.php. This allows for potential malicious script execution. No information is provided about the estimated numb...

DeluxeBB 1.0 forums.php fid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries. Successful exploitation could result in a...

BMForum 3.0 forums.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/14396/info BMForum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to...

PHPX 3.x admin/forums.php CSRF Arbitrary Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/10284/info It has been reported that PHPX is affected by multiple administrator command execution vulnerabilities. These issues are due to a failure of the application to properly validate access to administrative command...

onArcade v2.2 Blind SQL Vulnerability

Exploit for php platform in category web applications / @exploit onArcade v2.2 Blind SQL Vulnerability @version 2.2 tested & Also All versions infacted @author Cold Zero www.hackteach.org @copyright 27/10/2012 @script http://up.support-ar.com/upload/files/onArcade%20v2.2.zip @vendor...

Cotonti 0.9.2 forums.php Blind SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

CVE-2009-4547

Multiple cross-site scripting XSS vulnerabilities in ViArt CMS 3.x allow remote attackers to inject arbitrary web script or HTML via the 1 categoryid parameter to forums.php, or the forumid parameter to 2 forum.php or 3 forumtopicnew.php...

CVE-2008-4526

Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the skin parameter to 1 index.php, 2 forums.php, 3 admin.php, 4 header.php, 5 pages/story.php and 6 pages/poll.php...

Directory traversal

Multiple directory traversal vulnerabilities in CCMS 3.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the skin parameter to 1 index.php, 2 forums.php, 3 admin.php, 4 header.php, 5 pages/story.php and 6 pages/poll.php...

CCMS 3.1 - skin Local File Inclusion

CCMS 3.1 - skin Local File Inclusion + CCMS 3.1 skin Multiple Local File Inclusion Vulnerabilities + Discovered By SirGod + wWw.MorTal-TeaM.OrG + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Download Script :...

Sql injection

SQL injection vulnerability in forums.php in DeluxeBB 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sort parameter...

CVE-2008-2194

SQL injection vulnerability in forums.php in DeluxeBB 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the sort parameter...

CVE-2008-2194

CVE-2008-2194 describes an SQL injection vulnerability in forums.php of DeluxeBB 1.2 and earlier. The issue is exploitable via the sort parameter and allows remote attackers to execute arbitrary SQL commands. The vulnerable component is the forums.php handling within DeluxeBB, and the root cause ...

CVE-2007-3812

CVE-2007-3812 affects CMScout 1.23 and earlier. The vulnerability is a SQL injection in forums.php (via the f parameter in a forums action to index.php) that could allow remote attackers to execute arbitrary SQL commands. The CVE is documented in NVD/NVD-derived sources with a base score of 7.5 (...

Sql injection

Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote attackers to execute arbitrary SQL commands via the 1 imageid or 2 catid parameter to a gallery.php; the 3 newsid parameter to b news.php or c print.php; 4 the newscatid parameter to news.php; the 5 catid, 6 topicid, or 7 postid...

CVE-2007-1550

Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote attackers to execute arbitrary SQL commands via the 1 imageid or 2 catid parameter to a gallery.php; the 3 newsid parameter to b news.php or c print.php; 4 the newscatid parameter to news.php; the 5 catid, 6 topicid, or 7 postid...

PHPX 3.5.153.5.16 - forums.php SQL Injection

PHPX 3.5.153.5.16 - forums.php SQL Injection source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-base...

Sql injection

Multiple SQL injection vulnerabilities in Invision Power Board IPB 2.0.4 and 2.1.4 before 20060105 allow remote attackers to execute arbitrary SQL commands via cookies, related to 1 arrays of id/stamp pairs and 2 the keys in arrays of key/value pairs in ipsclass.php; 3 the topics variable in...

CVE-2006-1288

Multiple SQL injection vulnerabilities in Invision Power Board IPB 2.0.4 and 2.1.4 before 20060105 allow remote attackers to execute arbitrary SQL commands via cookies, related to 1 arrays of id/stamp pairs and 2 the keys in arrays of key/value pairs in ipsclass.php; 3 the topics variable in...