Lucene search
+L

147 matches found

0day.today
0day.today
added 2008/07/30 12:0 a.m.42 views

Pligg <= 9.9.0 (XSS/LFI/SQL) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ Pligg alertdocument.cookie...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/07/30 12:0 a.m.310 views

Pligg CMS 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection

GulfTech Security Research July 30, 2008 Vendor : Pligg LLC URL : http://www.pligg.com/ Version : Pligg alertdocument.cookie; The above example link would display the end users cookie to them. Of course this can also be used to steal the cookie data as mentioned earlier in this advisory. Arbitrar...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/07/29 12:0 a.m.29 views

viart-sql.txt

GulfTech Security Research July 28, 2008 Vendor : ViArt, Ltd URL : http://www.viart.com/ Version : ViArt Shop = 3.5 Risk : SQL Injection Description: ViArt Shop is a full featured online ecommerce solution written in php. There is a high risk SQL Injection in ViArt that allows for an attacker to...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/07/29 12:0 a.m.21 views

Gregarius 0.5.4 - SQL Injection

Gregarius 0.5.4 - SQL Injection GulfTech Security Research July 29, 2008 Vendor : Marco Bonetti URL : http://www.gregarius.net/ Version : Gregarius populate" noti.unread & ". RSSMODEUNREADSTATE ." and i.cid= $cid", "", 0, 2, ITEMSORTHINTREAD; $readItems - setTitleLBLH2RECENTITEMS; $readItems -...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2008/07/29 12:0 a.m.22 views

ViArt Shop &lt;= 3.5 (category_id) Remote SQL Injection Vulnerability

No description provided by source. GulfTech Security Research July 28, 2008 Vendor : ViArt, Ltd URL : http://www.viart.com/ Version : ViArt Shop = 3.5 Risk : SQL Injection Description: ViArt Shop is a full featured online ecommerce solution written in php. There is a high risk SQL Injection in...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/07/29 12:0 a.m.26 views

gregarius-sql.txt

GulfTech Security Research July 29, 2008 Vendor : Marco Bonetti URL : http://www.gregarius.net/ Version : Gregarius populate" noti.unread & ". RSSMODEUNREADSTATE ." and i.cid= $cid", "", 0, 2, ITEMSORTHINTREAD; $readItems - setTitleLBLH2RECENTITEMS; $readItems - setRenderOptionsILTITLENOESCAPE;...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/07/29 12:0 a.m.22 views

Gregarius <= 0.5.4 rsargs[] Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================== Gregarius populate" noti.unread & ". RSSMODEUNREADSTATE ." and i.cid= $cid", "", 0, 2, ITEMSORTHINTR...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/07/29 12:0 a.m.35 views

Gregarius 0.5.4 - SQL Injection

GulfTech Security Research July 29, 2008 Vendor : Marco Bonetti URL : http://www.gregarius.net/ Version : Gregarius populate" noti.unread & ". RSSMODEUNREADSTATE ." and i.cid= $cid", "", 0, 2, ITEMSORTHINTREAD; $readItems - setTitleLBLH2RECENTITEMS; $readItems - setRenderOptionsILTITLENOESCAPE;...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/07/28 12:0 a.m.19 views

ViArt Shop 3.5 - category_id SQL Injection

ViArt Shop 3.5 - categoryid SQL Injection GulfTech Security Research July 28, 2008 Vendor : ViArt, Ltd URL : http://www.viart.com/ Version : ViArt Shop = 3.5 Risk : SQL Injection Description: ViArt Shop is a full featured online ecommerce solution written in php. There is a high risk SQL Injectio...

1.3AI score
Exploits0
Packet Storm
Packet Storm
added 2008/07/28 12:0 a.m.19 views

talldude-bypass.txt

GulfTech Security Research July 28, 2008 Vendor : Talldude Networks, LLC URL : http://www.jamroom.net/ Version : Jamroom = 3.3.8 Risk : Authentication Bypass Description: Jamroom is a popular online social media cms used to host artist sites and create music communities. It is vulnerable to a fla...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/07/28 12:0 a.m.36 views

ViArt Shop 3.5 - &#039;category_id&#039; SQL Injection

GulfTech Security Research July 28, 2008 Vendor : ViArt, Ltd URL : http://www.viart.com/ Version : ViArt Shop = 3.5 Risk : SQL Injection Description: ViArt Shop is a full featured online ecommerce solution written in php. There is a high risk SQL Injection in ViArt that allows for an attacker to...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/07/28 12:0 a.m.26 views

ViArt Shop <= 3.5 (category_id) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== ViArt Shop = 3.5 categoryid Remote SQL Injection Vulnerability ================================================================== GulfTech Security Research July 28, 2008...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/07/07 12:0 a.m.17 views

Emulive Server4 7560 Remote Denial of Service Exploit

No description provided by source. !/usr/bin/perl EmuLive Server4 Commerce Edition Build 7560 Remote crash proof of conecpt code. When the machine running Server4 recieves a malformed request on TCP port 66 it crashes very hard! GulfTech Security http://www.gulftech.org use IO::Socket; unless...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/10/05 12:0 a.m.52 views

[SA22242] HAMweather &quot;do_parse_code&quot; Command Injection Vulnerability

TITLE: HAMweather "doparsecode" Command Injection Vulnerability SECUNIA ADVISORY ID: SA22242 VERIFY ADVISORY: http://secunia.com/advisories/22242/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: HAMweather 3.x http://secunia.com/product/12178/ DESCRIPTION: Some...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2006/09/23 12:0 a.m.52 views

[SA22040] CakePHP &quot;file&quot; Parameter Disclosure of Sensitive Information

TITLE: CakePHP "file" Parameter Disclosure of Sensitive Information SECUNIA ADVISORY ID: SA22040 VERIFY ADVISORY: http://secunia.com/advisories/22040/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: CakePHP 1.x http://secunia.com/product/11247/...

1.1AI score
Exploits0
Packet Storm
Packet Storm
added 2006/09/07 12:0 a.m.31 views

oscommerce22-php.txt

php poc exploit for osCommerce = 2.2 Milestone 2 060817 vuln found by gulftech it does not work with magicquotesgpc on so make it off to test this script. you're lucky if you can find server with this settings set to off. this is for education use only. topic: sql injection. kiddies use it at you...

7.4AI score
Exploits0
OSV
OSV
added 2006/08/20 12:0 a.m.18 views

DSA-1154 squirrelmail - variable overwriting

Bulletin has no description...

6.4CVSS6.3AI score0.09798EPSS
Exploits4
securityvulns
securityvulns
added 2006/08/17 12:0 a.m.33 views

[SA21484] Zen Cart SQL Injection and File Inclusion Vulnerabilities

---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2006/02/24 12:0 a.m.39 views

[SA16902] PHPLIB Unspecified Code Execution Vulnerability

TITLE: PHPLIB Unspecified Code Execution Vulnerability SECUNIA ADVISORY ID: SA16902 VERIFY ADVISORY: http://secunia.com/advisories/16902/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: PHPLIB 7.x http://secunia.com/product/8300/ DESCRIPTION: A vulnerability has been...

1.7AI score
Exploits0
Packet Storm
Packet Storm
added 2006/02/14 12:0 a.m.24 views

DBeSession102.txt

GulfTech Security Research February 11, 2006 Vendor : Lawrence Osiris URL : http://www.phpclasses.org/browse/package/1624.html Version : DBeSession 1.0.2 Risk : SQL Injection Description: DBeSession is a feature-packed PHP class that stores the session data in a MySQL database rather than files. ...

7.4AI score
Exploits0
Rows per page
Query Builder