Lucene search
+L

330 matches found

myhack58
myhack58
added 2011/06/28 12:0 a.m.19 views

Webcat multiple blind defect and repair-vulnerability warning-the black bar safety net

Exploit Title: Webcat - two blind defect Google Dork: allinurl: scwebcat/ecat/cmsview.php Date: 6/23/2011 Author: w0rd w0rdatNULL0x00.com Software Link: http://webcat.sourceforge.net/ Tested on: Linux/Windows 7 Vulnerable Parameters: webid=, id= PoC:...

7AI score
Exploits0
htbridge
htbridge
added 2011/06/07 12:0 a.m.21 views

Cross-site Scripting Vulnerabilities in Open-Realty

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Open-Realty, which can be exploited to perform cross-site scripting attacks. 1 Cross-site scripting vulnerabilities in Open-Realty 1.1 Input passed via the "name", "email", "friendemail", "subject", "message" POS...

4.3CVSS6.9AI score
Exploits0Affected Software1
packetstorm
packetstorm
added 2011/04/04 12:0 a.m.28 views

DoceboLMS 4.0.4 Cross Site Scripting

DoceboLMS 4.0.4 Multiple Stored XSS Vulnerabilities function xss1document.forms"xss1".submit; function xss2document.forms"xss2".submit; input type="hidden" name="authenticrequest" value="23dfee506a748201730ab2bb7...

7.4AI score
Exploits0
saint
saint
added 2011/01/04 12:0 a.m.25 views

SQL injection authentication bypass

Added: 01/04/2011 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to manipulate the authentication query via a...

1AI score
Exploits0
saint
saint
added 2011/01/04 12:0 a.m.17 views

SQL injection authentication bypass

Added: 01/04/2011 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to manipulate the authentication query via a...

1AI score
Exploits0
saint
saint
added 2011/01/04 12:0 a.m.10 views

SQL injection authentication bypass

Added: 01/04/2011 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to manipulate the authentication query via a...

8.5AI score
Exploits0
exploitpack
exploitpack
added 2010/09/05 12:0 a.m.27 views

ChillyCMS 1.1.3 - Multiple Vulnerabilities

ChillyCMS 1.1.3 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: chillyCMS Multiple Vulnerabilities Vendor: http://frozenpepper.de/ Vulnerable Version: 1.1.3 Latest version till now Exploitation: Remote with browser Fix: N/A - Description: chillyCMS is a Content...

0.4AI score
Exploits0
nessus
nessus
added 2010/07/14 12:0 a.m.40 views

CUPS Memory Information Disclosure

The remote CUPS install contains a memory information disclosure vulnerability due to an error in 'cgiinitializestring' in 'cgi-bin/var.c', which mishandles input parameters containing the '%' character. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid47716;...

4.3CVSS7.5AI score0.06468EPSS
Exploits1References2
redhat
redhat
added 2010/04/01 12:14 a.m.5 views

OpenJDK JAR "unpack200" must verify input parameters (6902299)

Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update 18, 5.0, Update, and 23 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

7.5CVSS5.8AI score0.03839EPSS
Exploits0References4
zdt
zdt
added 2009/12/03 12:0 a.m.25 views

Theeta CMS (Cross Site Scripting,SQL Injection) Multiple Vulnerabilities

Exploit for unknown platform in category web applications ======================================================================== Theeta CMS Cross Site Scripting,SQL Injection Multiple Vulnerabilities ======================================================================== 1-Cross Site Scripting...

7.1AI score
Exploits0
seebug
seebug
added 2009/12/03 12:0 a.m.16 views

Theeta CMS (Cross Site Scripting SQL Injection) Multiple Vulnerabilities

No description provided by source. / \ / | | | \ / | | | | | | | | | | || | | | | | | | | '| | | | | | | | | | |/ \ / |/ / / | | | | || | || | || || | / || | | | / | | || / / |/ || ,|\|,| +-+-+-+-+ |C|r|e|w| +-+-+-+-+ Theeta CMS Cross Site Scripting,SQL Injection Multiple Vulnerabilities...

7.1AI score
Exploits0
seebug
seebug
added 2009/12/02 12:0 a.m.15 views

Theeta CMS (Cross Site Scripting,SQL Injection) Multiple

No description provided by source. / \ / | | | \ / | | | | | | | | | | || | | | | | | | | '| | | | | | | | | | |/ \ / |/ / / | | | | || | || | || || | / || | | | / | | || / / |/ || ,|\|,| +-+-+-+-+ |C|r|e|w| +-+-+-+-+ Theeta CMS Cross Site Scripting,SQL Injection Multiple Vulnerabilities...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2009/12/01 12:0 a.m.39 views

Theeta CMS (Cross Site Scripting,SQL Injection) Multiple Vulnerabilities

/ / | | | / | | | | | | | | | | || | | | | | | | | '| | | | | | | | | | |/ / |/ / / | | | | || | || | || || | / || | | | / | | || / / |/ || ,||,| +-+-+-+-+ |C|r|e|w| +-+-+-+-+ Theeta CMS Cross Site Scripting,SQL Injection Multiple Vulnerabilities Discovered By c0dy http://r00tDefaced.net Greetz:...

0.1AI score
Exploits0
packetstorm
packetstorm
added 2009/08/15 12:0 a.m.23 views

TGS CMS 0.x SQL Injection / XSS / Disclosure

| | | / | | / | | | \ / | | | / / | |/ \ / / |/ | |/| | | ' \ / | / / | | alertdocument.cookie The Risk: By exploiting this vulnerability, an attacker can inject malicious code in the script and can stole cookies. Fix the vulnerability: Encode output...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2009/07/12 12:0 a.m.108 views

Atlantic SimpleCaddy Shopping Cart Price Manipulation

SENKED-2009-0001 - Atlantic SimpleCaddy Shopping Cart Price Manipulation senked security advisory http://www.senked.com/ Date Published: 2009-07-01 Last Update: 2009-07-01 Advisory ID: SENKED-2009-0001 Bugtraq ID: none CVE Name: none Title: Atlanticintelligence SimpleCaddy Shoopuing Cart Price...

0.1AI score
Exploits0
freebsd
freebsd
added 2009/04/21 12:0 a.m.31 views

moinmoin -- cross-site scripting vulnerabilities

Secunia reports: Input passed via multiple parameters to action/AttachFile.py is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site...

4.3CVSS7AI score0.02482EPSS
Exploits1References2
saint
saint
added 2009/04/10 12:0 a.m.26 views

SQL injection

Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...

0.2AI score
Exploits0
saint
saint
added 2009/04/10 12:0 a.m.7 views

SQL injection

Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...

7.8AI score
Exploits0
saint
saint
added 2009/04/10 12:0 a.m.33 views

SQL injection

Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...

7.8AI score
Exploits0
seebug
seebug
added 2007/10/11 12:0 a.m.21 views

Php-Stats 0.1.9.2 Multiple Vulnerabilities Exploit

No description provided by source. ?php / Php-Stats 0.1.9.2 Multiple Vulnerabilities Exploit Blind SQL Injection / Remote Code Execution P.o.C. author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://php-stats.com/downloads details..: works with magicquotesruntime = off 1 Blind SQL...

7.1AI score
Exploits0
Rows per page
Query Builder