147 matches found
Pligg <= 9.9.0 (XSS/LFI/SQL) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ============================================================ Pligg alertdocument.cookie...
Pligg CMS 9.9.0 - Cross-Site Scripting / Local File Inclusion / SQL Injection
GulfTech Security Research July 30, 2008 Vendor : Pligg LLC URL : http://www.pligg.com/ Version : Pligg alertdocument.cookie; The above example link would display the end users cookie to them. Of course this can also be used to steal the cookie data as mentioned earlier in this advisory. Arbitrar...
viart-sql.txt
GulfTech Security Research July 28, 2008 Vendor : ViArt, Ltd URL : http://www.viart.com/ Version : ViArt Shop = 3.5 Risk : SQL Injection Description: ViArt Shop is a full featured online ecommerce solution written in php. There is a high risk SQL Injection in ViArt that allows for an attacker to...
Gregarius 0.5.4 - SQL Injection
Gregarius 0.5.4 - SQL Injection GulfTech Security Research July 29, 2008 Vendor : Marco Bonetti URL : http://www.gregarius.net/ Version : Gregarius populate" noti.unread & ". RSSMODEUNREADSTATE ." and i.cid= $cid", "", 0, 2, ITEMSORTHINTREAD; $readItems - setTitleLBLH2RECENTITEMS; $readItems -...
ViArt Shop <= 3.5 (category_id) Remote SQL Injection Vulnerability
No description provided by source. GulfTech Security Research July 28, 2008 Vendor : ViArt, Ltd URL : http://www.viart.com/ Version : ViArt Shop = 3.5 Risk : SQL Injection Description: ViArt Shop is a full featured online ecommerce solution written in php. There is a high risk SQL Injection in...
gregarius-sql.txt
GulfTech Security Research July 29, 2008 Vendor : Marco Bonetti URL : http://www.gregarius.net/ Version : Gregarius populate" noti.unread & ". RSSMODEUNREADSTATE ." and i.cid= $cid", "", 0, 2, ITEMSORTHINTREAD; $readItems - setTitleLBLH2RECENTITEMS; $readItems - setRenderOptionsILTITLENOESCAPE;...
Gregarius <= 0.5.4 rsargs[] Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================== Gregarius populate" noti.unread & ". RSSMODEUNREADSTATE ." and i.cid= $cid", "", 0, 2, ITEMSORTHINTR...
Gregarius 0.5.4 - SQL Injection
GulfTech Security Research July 29, 2008 Vendor : Marco Bonetti URL : http://www.gregarius.net/ Version : Gregarius populate" noti.unread & ". RSSMODEUNREADSTATE ." and i.cid= $cid", "", 0, 2, ITEMSORTHINTREAD; $readItems - setTitleLBLH2RECENTITEMS; $readItems - setRenderOptionsILTITLENOESCAPE;...
ViArt Shop 3.5 - category_id SQL Injection
ViArt Shop 3.5 - categoryid SQL Injection GulfTech Security Research July 28, 2008 Vendor : ViArt, Ltd URL : http://www.viart.com/ Version : ViArt Shop = 3.5 Risk : SQL Injection Description: ViArt Shop is a full featured online ecommerce solution written in php. There is a high risk SQL Injectio...
talldude-bypass.txt
GulfTech Security Research July 28, 2008 Vendor : Talldude Networks, LLC URL : http://www.jamroom.net/ Version : Jamroom = 3.3.8 Risk : Authentication Bypass Description: Jamroom is a popular online social media cms used to host artist sites and create music communities. It is vulnerable to a fla...
ViArt Shop 3.5 - 'category_id' SQL Injection
GulfTech Security Research July 28, 2008 Vendor : ViArt, Ltd URL : http://www.viart.com/ Version : ViArt Shop = 3.5 Risk : SQL Injection Description: ViArt Shop is a full featured online ecommerce solution written in php. There is a high risk SQL Injection in ViArt that allows for an attacker to...
ViArt Shop <= 3.5 (category_id) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================== ViArt Shop = 3.5 categoryid Remote SQL Injection Vulnerability ================================================================== GulfTech Security Research July 28, 2008...
Emulive Server4 7560 Remote Denial of Service Exploit
No description provided by source. !/usr/bin/perl EmuLive Server4 Commerce Edition Build 7560 Remote crash proof of conecpt code. When the machine running Server4 recieves a malformed request on TCP port 66 it crashes very hard! GulfTech Security http://www.gulftech.org use IO::Socket; unless...
[SA22242] HAMweather "do_parse_code" Command Injection Vulnerability
TITLE: HAMweather "doparsecode" Command Injection Vulnerability SECUNIA ADVISORY ID: SA22242 VERIFY ADVISORY: http://secunia.com/advisories/22242/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: HAMweather 3.x http://secunia.com/product/12178/ DESCRIPTION: Some...
[SA22040] CakePHP "file" Parameter Disclosure of Sensitive Information
TITLE: CakePHP "file" Parameter Disclosure of Sensitive Information SECUNIA ADVISORY ID: SA22040 VERIFY ADVISORY: http://secunia.com/advisories/22040/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: CakePHP 1.x http://secunia.com/product/11247/...
oscommerce22-php.txt
php poc exploit for osCommerce = 2.2 Milestone 2 060817 vuln found by gulftech it does not work with magicquotesgpc on so make it off to test this script. you're lucky if you can find server with this settings set to off. this is for education use only. topic: sql injection. kiddies use it at you...
DSA-1154 squirrelmail - variable overwriting
Bulletin has no description...
[SA21484] Zen Cart SQL Injection and File Inclusion Vulnerabilities
---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...
[SA16902] PHPLIB Unspecified Code Execution Vulnerability
TITLE: PHPLIB Unspecified Code Execution Vulnerability SECUNIA ADVISORY ID: SA16902 VERIFY ADVISORY: http://secunia.com/advisories/16902/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: PHPLIB 7.x http://secunia.com/product/8300/ DESCRIPTION: A vulnerability has been...
DBeSession102.txt
GulfTech Security Research February 11, 2006 Vendor : Lawrence Osiris URL : http://www.phpclasses.org/browse/package/1624.html Version : DBeSession 1.0.2 Risk : SQL Injection Description: DBeSession is a feature-packed PHP class that stores the session data in a MySQL database rather than files. ...