Sql injection

SQL injection vulnerability in search.php in MyBulletinBoard MyBB 1.04 allows remote attackers to execute arbitrary SQL commands via the forums parameter...

phpBannerExchange 2.0 Directory Traversal Vulnerability

------------------------------------------------------ HYSA-2006-004 h4cky0u.org Advisory 013 ------------------------------------------------------ Date - Tue Mar 07 2006 TITLE: ====== phpBannerExchange 2.0 Directory Traversal Vulnerability SEVERITY: ========= High SOFTWARE: =========...

aztek40.txt

/==========================================/ // AZTEK forums 4.0 multiple vulnerabilities PoC // Product: AZTEK forums // URL: http://www.forum-aztek.com/ // RISK: high /==========================================/ PoC 1- XSS - Post a message including the following line: '"alertdocument.cookie -...

AZTEK forums 4.0 multiple vulnerabilities (PoC)

/==========================================/ // AZTEK forums 4.0 multiple vulnerabilities PoC // Product: AZTEK forums // URL: http://www.forum-aztek.com/ // RISK: high /==========================================/ PoC 1- XSS - Post a message including the following line:...

ArchAngelFlaw.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 KingOfSka - http://www.cpc.info.ms Contro Potere Crew Advisories 5 26/02/2006 http://www.archangelmgt.com/ Archangel Weblog 0.90.02 Admin Authentication Bypass & Remote File Inclusion 1:. Background : Archangel Weblog is a new, full featured weblog...

Aztek Forum 4.00 (XSS/SQL) Multiple Vulnerabilities (PoC)

Exploit for unknown platform in category web applications ========================================================= Aztek Forum 4.00 XSS/SQL Multiple Vulnerabilities PoC ========================================================= /==========================================/ // AZTEK forums 4.0...

Aztek Forum 4.00 (XSS/SQL) Multiple Vulnerabilities (PoC)

No description provided by source. /==========================================/ // AZTEK forums 4.0 multiple vulnerabilities PoC // Product: AZTEK forums // URL: http://www.forum-aztek.com/ // RISK: high /==========================================/ PoC 1- XSS - Post a message including the...

Aztek Forum 4.00 - Cross-Site Scripting SQL Injection

Aztek Forum 4.00 - Cross-Site Scripting SQL Injection /==========================================/ // AZTEK forums 4.0 multiple vulnerabilities PoC // Product: AZTEK forums // URL: http://www.forum-aztek.com/ // RISK: high /==========================================/ PoC 1- XSS - Post a message...

Aztek Forum 4.00 - Cross-Site Scripting / SQL Injection

/==========================================/ // AZTEK forums 4.0 multiple vulnerabilities PoC // Product: AZTEK forums // URL: http://www.forum-aztek.com/ // RISK: high /==========================================/ PoC 1- XSS - Post a message including the following line:...

Sql injection

Multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 $u2uselect array parameter to u2u.inc.php and 2 $val variable fidpw0 cookie value in today.php...

CVE-2006-0779

Cross-site scripting XSS vulnerability in u2u.php in XMB Forums 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter, as demonstrated using a URL-encoded iframe tag...

CVE-2006-0778

Multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 $u2uselect array parameter to u2u.inc.php and 2 $val variable fidpw0 cookie value in today.php...

Cross site scripting

Cross-site scripting XSS vulnerability in u2u.php in XMB Forums 1.9.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter, as demonstrated using a URL-encoded iframe tag...

CVE-2006-0778

CVE-2006-0778 concerns multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and earlier. The issues allow remote attackers to execute arbitrary SQL commands via (1) the $u2u_select array parameter to u2u.inc.php and (2) the $val variable (fidpw0 cookie value) in today.php. Affected product:...

CVE-2006-0779

CVE-2006-0779 concerns a cross-site scripting (XSS) vulnerability in XMB Forums (u2u.php) affecting 1.9.3 and earlier. The flaw allows remote attackers to inject arbitrary script/HTML via the username parameter, demonstrated with a URL-encoded iframe tag. Affected component: u2u.php; vulnerabilit...

CVE-2006-0778

Multiple SQL injection vulnerabilities in XMB Forums 1.9.3 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 $u2uselect array parameter to u2u.inc.php and 2 $val variable fidpw0 cookie value in today.php...

XMB Forums Multiple Vulnerabilities

GulfTech Security Research February 12, 2006 Vendor : XMB Software URL : http://www.xmbforum.com/ Version : XMB Forums = 1.9.3 Risk : Multiple Vulnerabilities Description: XMB Forums is a popular forum software written in php and mysql that allows you to open up your own online community or...

Invision Power Board Army System Mod 2.1 SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================== Invision Power Board Army System Mod 2.1 SQL Injection Exploit ============================================================== ?php / --------------------------- EXPLOIT...

[SA18821] XMB Forums today.php Cookie Data SQL Injection

TITLE: XMB Forums today.php Cookie Data SQL Injection SECUNIA ADVISORY ID: SA18821 VERIFY ADVISORY: http://secunia.com/advisories/18821/ CRITICAL: Moderately critical IMPACT: Manipulation of data WHERE: From remote SOFTWARE: XMB 1.x http://secunia.com/product/1491/ DESCRIPTION: James Bercegay has...

Sql injection

SQL injection vulnerability in login.asp in ASPThai.Net ASPThai Forums 8.0 and earlier allows remote attackers to execute arbitrary SQL commands and bypass login authentication via the password field...