17 matches found
EUVD-2006-3187
Malware in sbrugna...
EUVD-2006-4759
Malware in sbrugna...
EUVD-2006-3186
Malware in sbrugna...
HotPlug CMS 1.0 Login1.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18454/info HotPlug CMS is prone to a cross-site scripting attack. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary HTML an...
CVE-2006-4772
HotPlug CMS stores sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password and database credentials via a direct request for includes/class/config.inc...
CVE-2006-4772
HotPlug CMS stores sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password and database credentials via a direct request for includes/class/config.inc...
CVE-2006-4772
CVE-2006-4772 affects HotPlug CMS. The issue stems from storing sensitive information under the web root with insufficient access control, allowing remote attackers to read the admin password and database credentials via a direct request to includes/class/config.inc . The impact described is part...
hotplugCMSconfig.txt
Hello HotPlug CMS Config File Include Vulnerability Discovered by : HACKERS PAL Copyrights : HACKERS PAL Website : WwW.SoQoR.NeT Email : [email protected] After Script Url Add includes/class/config.inc And you will download the config file ,, so that you will be able to connect by remote connect...
HotPlug CMS Config File Include Vulnerability
Hello HotPlug CMS Config File Include Vulnerability Discovered by : HACKERS PAL Copyrights : HACKERS PAL Website : WwW.SoQoR.NeT Email : [email protected] After Script Url Add includes/class/config.inc And you will download the config file ,, so that you will be able to connect by remote connect...
CVE-2006-3190
SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 username and 2 password parameters...
CVE-2006-3189
Cross-site scripting XSS vulnerability in administration/tblcontent/login1.php in HotPlug CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2006-3189
CVE-2006-3189 is an XSS vulnerability in HotPlug CMS 1.0, affecting the file administration/tblcontent/login1.php where an attacker can inject arbitrary script/HTML via the msg parameter. The available sources confirm the presence of a cross-site scripting flaw but do not provide exploit details,...
CVE-2006-3189
Cross-site scripting XSS vulnerability in administration/tblcontent/login1.php in HotPlug CMS 1.0 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2006-3190
SQL injection vulnerability in administration/includes/login/auth.php in HotPlug CMS 1.0 allows remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 username and 2 password parameters...
CVE-2006-3190
The vulnerability CVE-2006-3190 affects HotPlug CMS 1.0, specifically in administration/includes/login/auth.php. It is a SQL injection flaw that allows remote attackers to execute arbitrary SQL commands and bypass authentication via the username and password parameters. The available records conf...
HotPlug CMS 1.0 - Login1.php Cross-Site Scripting
HotPlug CMS 1.0 - Login1.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18454/info HotPlug CMS is prone to a cross-site scripting attack. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute...
HotPlug CMS 1.0 - 'Login1.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/18454/info HotPlug CMS is prone to a cross-site scripting attack. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary HTML and script code in the browser of a...