CVE-2008-6100

Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.3, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 CatID parameter to a RSS1.php and b RSS2.php in misc/; and the 2 SubID parameter to c misc/RSS5.php...

CVE-2008-6100

Multiple SQL injection vulnerabilities in Discussion Forums 2k 3.3, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 CatID parameter to a RSS1.php and b RSS2.php in misc/; and the 2 SubID parameter to c misc/RSS5.php...

CVE-2008-6100

CVE-2008-6100 documents multiple SQL injection vulnerabilities in the older system Discussion Forums 2k 3.3 when magic_quotes_gpc is disabled. The faults allow remote attackers to craft input via (1) CatID parameters to RSS1.php and RSS2.php (in misc/) and (2) SubID to RSS5.php (in misc/) to exec...

Seo4SMF for SMF forums - Multiple Vulnerabilities

Seo4SMF for SMF forums - Multiple Vulnerabilities 1 Inyection SQL Linea 50 al 63 $query = dbquery" SELECT m.IDTOPIC, m.subject ,b.IDBOARD, b.name FROM $dbprefixmessages AS m, $dbprefixboards AS b WHERE m.IDTOPIC = $topic AND m.IDBOARD = b.IDBOARD IMIT 1", FILE, LINE;...

Seo4SMF for SMF forums - Multiple Vulnerabilities

1 Inyection SQL Linea 50 al 63 $query = dbquery" SELECT m.IDTOPIC, m.subject ,b.IDBOARD, b.name FROM $dbprefixmessages AS m, $dbprefixboards AS b WHERE m.IDTOPIC = $topic AND m.IDBOARD = b.IDBOARD IMIT 1", FILE, LINE; ------------------------------------------------------------------------ Linea...

toast-disclose.txt

--------------------------------------------------------- Portal Name: Toast Forums Vendor : http://toastforums.com/ Author : PouyaServer , [email protected] Vulnerability : DD --------------------------------------------------------- http://site.com/path/data/data.mdb...

Sql injection

SQL injection vulnerability in content/forums/reply.asp in ASPPortal allows remote attackers to execute arbitrary SQL commands via the TopicId parameter...

CVE-2008-5268

The vulnerability CVE-2008-5268 is an SQL injection in ASPPortal’s content/forums/reply.asp, exploitable via the Topic_Id parameter. It allows remote attackers to execute arbitrary SQL commands. Public exploits exist (e.g., Exploit-DB entry 5775). The NVD entry cites a base score of 7.5 (HIGH) wi...

quicksilverforums-rce.txt

Author: GiReX Homepage: girex.altervista.org Date: 24/11/2008 CMS: Quicksilver Forums get'lang' $lang = $this-get'lang'; if strstr$lang, '/' || !fileexists$path . 'languages/' . $lang . '.php' $lang = 'en'; include $path . 'languages/' . $lang . '.php'; As you can see, Quicksilver filter can be...

Quicksilver Forums <= 1.4.2 RCE Exploit (windows only)

Exploit for unknown platform in category web applications ====================================================== Quicksilver Forums get'lang' $lang = $this-get'lang'; if strstr$lang, '/' || !fileexists$path . 'languages/' . $lang . '.php' $lang = 'en'; include $path . 'languages/' . $lang . '.php...

Quicksilver Forums 1.4.2 (Windows) - Remote Code Execution

Quicksilver Forums 1.4.2 Windows - Remote Code Execution Author: GiReX Homepage: girex.altervista.org Date: 24/11/2008 CMS: Quicksilver Forums get'lang' $lang = $this-get'lang'; if strstr$lang, '/' || !fileexists$path . 'languages/' . $lang . '.php' $lang = 'en'; include $path . 'languages/'...

Quicksilver Forums 1.4.2 (Windows) - Remote Code Execution

Author: GiReX Homepage: girex.altervista.org Date: 24/11/2008 CMS: Quicksilver Forums get'lang' $lang = $this-get'lang'; if strstr$lang, '/' || !fileexists$path . 'languages/' . $lang . '.php' $lang = 'en'; include $path . 'languages/' . $lang . '.php'; As you can see, Quicksilver filter can be...

Discuz!4.x wap\index.php 变量覆盖漏洞

Discuz!4.x一直存在着一个变量覆盖漏洞n年了.代码如下: $chs = ''; if$POST && $charset != 'utf-8' $chs = new Chinese'UTF-8', $charset; foreach$POST as $key = $value $$key = $chs-Convert$value; //foreach处理$POST导致变量覆盖 unset$chs;...

Allaire Forums GetFile.cfm远程读取任意文件漏洞

BugCVE: CVE-1999-0800 BUGTRAQ: 229 Allaire Forums 是Allaire出品的一个论坛，运行在Coldfusion环境下。Allaire Forums 2.0.4版及其以前版本的一个文件存在安全问题。可以被远程入侵者用来获取服务器上的任意文件。 文件“GetFile.cfm”通常在Web应用程序的根目录下，由于这一行代码的问题： CFCONTENT TYPE= FT/FST FILE= FilePath 可以在指定绝对路径的情况下获取服务器上的任意文件，只要发出如下请求：...

CVE-2008-4720

Multiple PHP remote file inclusion vulnerabilities in The Gemini Portal 4.7 allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to 1 page/forums/bottom.php and 2 page/forums/category.php...

CVE-2008-4614

PortalApp 4.0 does not require authentication for 1 forums.asp and 2 content.asp, which allows remote attackers to create and delete forums, topics, and replies...

CVE-2008-4614

PortalApp 4.0 does not require authentication for 1 forums.asp and 2 content.asp, which allows remote attackers to create and delete forums, topics, and replies...

Cross site scripting

Cross-site scripting XSS vulnerability in PortalApp 4.0 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter to 1 forums.asp and 2 content.asp...

CVE-2008-4613

SQL injection vulnerability in forums.asp in PortalApp 4.0 allows remote attackers to execute arbitrary SQL commands via the sortby parameter...

Unfixed XSS vulnerability at www.mtldnb.com

Security researcher PaPPy, has submitted on 10/06/2008 a cross-site-scripting XSS vulnerability affecting www.mtldnb.com, which at the time of submission ranked 6218002 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2008. It is currently...