1491 matches found
Apple Safari 2.0.4 Cross-Domain Browser Location Information Disclosure Vulnerability
source: http://www.securityfocus.com/bid/24121/info Apple Safari is prone to an information-disclosure vulnerability because it fails to properly enforce cross-domain JavaScript restrictions. Exploiting this issue may allow attackers to access locations that a user visits, even if it's in a...
Chipmunk Board 1.3 (index.php?forumID) SQL Injection
No description provided by source. Exploit Title: Chipmunk Board index.php?forumID Remote SQL Injection Vulnerability Date: October, 01 st 2010 Author: Shamus Software Link: http://www.chipmunk-scripts.com/board/board.zip Version: Chipmunk Forums Version 1.3 Tested on: windows CVE : -...
InstantASP 4.1 Members1.aspx Multiple Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22052/info InstantForum.NET is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to steal cookie-based...
PHP-Nuke <= 7.9 Final (phpbb_root_path) Remote File Inclusions
No description provided by source. Milli-Harekat Advisory www.milli-harekat.org PHP-Nuke = All version - Remote File Include Vulnerabilities Risk : High Class: Remote Script : PHP NUKE ALL VERSION Credits : ERNE Thanks : DjReMix,Eskobar,TRIP,ßy KorsaN,OsL3m7,Poizonbox,Dilejyoner and All MHG USERS...
Snitz Forums 2000 3.0/3.1/3.3 Image Tag Cross-Agent Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4192/info Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz Forums 2000 allows users to include images in forum messages using image tags, with the following syntax:...
Toast Forums 1.8 - Database Disclosure Vulnerability
No description provided by source...
PHP-Fusion 4.0 Viewthread.PHP Information Disclosure Vulnerbility
No description provided by source. source: http://www.securityfocus.com/bid/12482/info PHP-Fusion is reportedly affected by an information disclosure vulnerability. This issue is due to the application failing to properly sanitize user-supplied input. It is reported that an attacker could leverag...
Pearl Forums 2.4 - Multiple Remote File Include Vulnerabilities
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import re class TestPOCPOCBase: vulID = '64261' ssvid version = '1.0' author = 'kikay' vulDate = '2006-11-21' createDate ...
ASPThai Forums 8.0 Login.ASP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16404/info ASPThai Forums is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation cou...
BSM Store Dependent Forums 1.02 UserName Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25072/info BSM Store Dependent Forums is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker ...
nabopoll 1.2 - Remote Unprotected Admin Section Vulnerability
No description provided by source. nabopoll 1.1.2 sensitive file admin without password By : sn0oPy Risk : high site : http://nabocorp.com/ Dork : inurl:nabopoll/ exploit : acces without password to : http://target/nabopoll/admin/configedit.php http://target/nabopoll/admin/templateedit.php...
dotproject <= 2.1.6 - Remote File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ posdubatgmail.com 2012-11-13 dotProject = 2.1.6 Remote File Inclusion Vulnerability Script: PHP web-based project...
Web Wiz Forums 8.05 String Filtering SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23051/info Web Wiz Forums is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromis...
Easy-Content Forums 1.0 - Multiple SQL/XSS Vulnerabilities
No description provided by source...
Vanilla Forums 2.0.18.8 - Multiple Vulnerabilities
No description provided by source. Exploit Title: Vanilla Forums Insecure Permissions Vulnerability Date: 15/5/13 Exploit Author: Henry Hoggard Author Website: http://henryhoggard.co.uk Vendor Homepage: http://vanillaforums.org Software Link: http://vanillaforums.org Version: 2.0.18.8 Tested on:...
Parnian Opendata CMS SQL Injection Vulnerability
No description provided by source. Exploit Title : Parnian Opendata CMS SQL Injection Vulnerability Date : 2011-04-15 Author : Alexander Software Link : http://www.parniansoft.com/ Test On : php CVE : Web Applications Google Dork : inurl:mpfn=pdview Exploit : mpfn=pdview&id=-1+union+select...
Web Wiz Forums 9.68 SQLi Vulnerability
No description provided by source. ========================================= Web Wiz Forums 9.68 SQLi Vulnerability ========================================= Name : Web Wiz Forums 9.68 SQLi Vulnerability Date : june, 9 2010 Vendor url :http://www.webwiz.co.uk/webwizforums/ Platform: Windows...
BrightSuite Groupware SQL Injection Vulnerability
No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...
Snitz Forums 2000 3.4 .03 Search.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7922/info Snitz Forums is prone to cross-site scripting attacks. This is due to insufficient sanitization of data passed to the search facility via URI parameters. Exploitation may allow theft of cookie-based authenticati...
Vanilla Forums 2-0-18-4 - SQL-Injection Vulnerability
Exploit Title: Vanilla Forums - SQL-Injection - Insert arbitrary user & dump usertable Date: 04/05/2013 Exploit Author: bl4ckw0rm Vendor Homepage: http://vanillaforums.org/ Version: 2-0-18-4 Tested on: Windows Product Name: Vanilla Forums Vulnerable Version: Up to vanilla-core-2-0-18-4 Tested on:...