21 matches found
EUVD-2007-3224
Malware in sbrugna...
EUVD-2007-3225
Malware in sbrugna...
fuzzylime-xss.txt
Application: fuzzylime Forum Web Site: http://forum.fuzzylime.co.uk/st/front/index/ Versions: 1.01b and below Platform: linux, windows, freebsd, sun Bug: Cross site Scripting XSS Fix Available: Yes Advisory File: http://www.secvsn.com/content/Advisories/sr-180607-fuzzy.html...
CVE-2007-3267
Cross-site scripting XSS vulnerability in low.php in Fuzzylime Forum 1.01b and earlier allows remote attackers to inject arbitrary web script or HTML via the fromaction parameter in a log action, a different vector than CVE-2007-3235...
Cross site scripting
Cross-site scripting XSS vulnerability in low.php in Fuzzylime Forum 1.01b and earlier allows remote attackers to inject arbitrary web script or HTML via the fromaction parameter in a log action, a different vector than CVE-2007-3235...
EUVD-2007-3257
Cross-site scripting XSS vulnerability in low.php in Fuzzylime Forum 1.01b and earlier allows remote attackers to inject arbitrary web script or HTML via the fromaction parameter in a log action, a different vector than CVE-2007-3235...
CVE-2007-3267
CVE-2007-3267 is a documented XSS in Fuzzylime Forum 1.01b and earlier, exploitable via the fromaction parameter in a log action (distinct vector from CVE-2007-3235). Affected component: low.php; vulnerability arises from improper handling of user-supplied data, permitting remote injection of arb...
CVE-2007-3267
Cross-site scripting XSS vulnerability in low.php in Fuzzylime Forum 1.01b and earlier allows remote attackers to inject arbitrary web script or HTML via the fromaction parameter in a log action, a different vector than CVE-2007-3235...
[email protected]
Application: fuzzylime Forum Web Site: http://forum.fuzzylime.co.uk/st/front/index/ Versions: 1.01b and below Platform: linux, windows, freebsd, sun Bug: Cross site Scripting XSS Fix Available: Yes Advisory File: http://www.secvsn.com/content/Advisories/sr-180607-fuzzy.html...
fuzzylime (forum) XSS
Application: fuzzylime Forum Web Site: http://forum.fuzzylime.co.uk/st/front/index/ Versions: 1.01b and below Platform: linux, windows, freebsd, sun Bug: Cross site Scripting XSS Fix Available: Yes Advisory File: http://www.secvsn.com/content/Advisories/sr-180607-fuzzy.html...
CVE-2007-3234
SQL injection vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the topic parameter...
CVE-2007-3235
Cross-site scripting XSS vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to inject arbitrary web script or HTML via the topic parameter. NOTE: this might be resultant from SQL injection...
Cross site scripting
Cross-site scripting XSS vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to inject arbitrary web script or HTML via the topic parameter. NOTE: this might be resultant from SQL injection...
Sql injection
SQL injection vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the topic parameter...
CVE-2007-3235
Cross-site scripting XSS vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to inject arbitrary web script or HTML via the topic parameter. NOTE: this might be resultant from SQL injection...
CVE-2007-3234
SQL injection vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to execute arbitrary SQL commands via the topic parameter...
CVE-2007-3234
CVE-2007-3234 describes a SQL injection vulnerability in the low.php script of Fuzzylime Forum 1.0 . The issue allows remote attackers to submit a crafted value for the topic parameter and execute arbitrary SQL commands. The CVSS metrics in the reference indicate a high base score (7.5) with netw...
CVE-2007-3235
CVE-2007-3235 is an XSS in Fuzzylime Forum 1.0, via the topic parameter in low.php. The vulnerability allows remote injection of arbitrary HTML/script. Root cause noted as possible linkage to SQL injection; no explicit exploit details or patch information are provided in the connected documents.
Fuzzylime Forum 1.0 (low.php topic) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w Fuzzylime Forum 1.0 SQL Injection Exploit Discovered by: Silentz Payload: Admin Username & Hash Retrieval Website: http://www.w4ck1ng.com Vulnerable Code low.php: $gettopicid = mysqlquery"SELECT FROM $tableprefixthreads WHERE...
Fuzzylime Forum 1.0 - 'low.php?topic' SQL Injection
!/usr/bin/perl -w Fuzzylime Forum 1.0 SQL Injection Exploit Discovered by: Silentz Payload: Admin Username & Hash Retrieval Website: http://www.w4ck1ng.com Vulnerable Code low.php: $gettopicid = mysqlquery"SELECT FROM $tableprefixthreads WHERE threadid='$GETtopic'"; PoC:...