Lucene search
K

178 matches found

securityvulns
securityvulns
added 2006/08/29 12:0 a.m.52 views

interact <= 2.2 (CONFIG[BASE_PATH]) Remote File Include Vulnerability

/ + + - - - Romanian Electronic Network Security Lab Team ThE Best Romanian Hacking Team - - + + + - Cce-interact = 2.2.0 CONFIGBASEPATH Remote File Include Vulnerability + + + - Script name: Interact - Online Learning and Collaboration System v. 2.2.0 - Script site:...

Exploits0
Packet Storm
Packet Storm
added 2006/08/29 12:0 a.m.37 views

cce-interact220.txt

/ + + - - - Romanian Electronic Network Security Lab Team ThE Best Romanian Hacking Team - - + + + - Cce-interact admin/autoprompter.php line 33-38: .... requireonce$CONFIG'BASEPATH'.'/modules/forum/autoprompt/prompt.inc.php'; requireonce$CONFIG'LANGUAGECPATH'.'/forumstrings.inc.php'; $rs =...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2006/08/19 12:0 a.m.19 views

interact <= 2.2 (CONFIG[BASE_PATH]) Remote File Include Vulnerability

No description provided by source. / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - Cce-interact = 2.2.0 CONFIGBASEPATH Remote File Include Vulnerability + + + - Script name: Interact - Online Learning and Collaboration System v. 2.2.0 - Script site:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/08/19 12:0 a.m.9 views

Interact 2.2 - CONFIG[base_path] Remote File Inclusion

Interact 2.2 - CONFIGbasepath Remote File Inclusion / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - Cce-interact admin/autoprompter.php line 33-38: .... requireonce$CONFIG'BASEPATH'.'/modules/forum/autoprompt/prompt.inc.php'; requireonce$CONFIG'LANGUAGECPATH'.'/forumstrings.inc.php'; $rs ...

7.5AI score
Exploits0
0day.today
0day.today
added 2006/08/19 12:0 a.m.13 views

interact <= 2.2 (CONFIG[BASE_PATH]) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ===================================================================== interact admin/autoprompter.php line 33-38: .... requireonce$CONFIG'BASEPATH'.'/modules/forum/autoprompt/prompt.inc.php'; requireonce$CONFIG'LANGUAGECPATH'.'/f...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/08/19 12:0 a.m.36 views

Interact 2.2 - &#039;CONFIG[base_path]&#039; Remote File Inclusion

/ + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - Cce-interact admin/autoprompter.php line 33-38: .... requireonce$CONFIG'BASEPATH'.'/modules/forum/autoprompt/prompt.inc.php'; requireonce$CONFIG'LANGUAGECPATH'.'/forumstrings.inc.php'; $rs = $CONN-Execute"SELECT $CONFIG'DBPREFIX'posts.postke...

7.4AI score
Exploits0
Prion
Prion
added 2006/04/06 10:4 a.m.25 views

Cross site scripting

Cross-site scripting XSS vulnerability in Interact 2.1.1 allows remote attackers to inject arbitrary web script or HTML via 1 the searchterms parameter to a search.php, and 2 the firstname, 3 lastname, 4 email, 5 password, and 6 confirmpassword parameters to b userinput.php. NOTE: the provenance ...

2.6CVSS6AI score0.01174EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2006/04/06 10:4 a.m.16 views

Sql injection

SQL injection vulnerability in login.php in Interact 2.1.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party...

7.5CVSS8.8AI score0.01214EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2006/04/06 10:4 a.m.15 views

CVE-2006-1644

login.php in Interact 2.1.1 generates different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5CVSS6.4AI score0.01392EPSS
Exploits0References4
NVD
NVD
added 2006/04/06 10:4 a.m.18 views

CVE-2006-1642

Cross-site scripting XSS vulnerability in Interact 2.1.1 allows remote attackers to inject arbitrary web script or HTML via 1 the searchterms parameter to a search.php, and 2 the firstname, 3 lastname, 4 email, 5 password, and 6 confirmpassword parameters to b userinput.php. NOTE: the provenance ...

2.6CVSS5.5AI score0.01174EPSS
Exploits0References5
NVD
NVD
added 2006/04/06 10:4 a.m.15 views

CVE-2006-1643

SQL injection vulnerability in login.php in Interact 2.1.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party...

7.5CVSS8.1AI score0.01214EPSS
Exploits0References5
Prion
Prion
added 2006/04/06 10:4 a.m.18 views

Information disclosure

login.php in Interact 2.1.1 generates different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

5CVSS7AI score0.01392EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2006/04/06 10:0 a.m.19 views

CVE-2006-1643

SQL injection vulnerability in login.php in Interact 2.1.1 allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party...

8.1AI score0.01214EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/04/06 10:0 a.m.23 views

CVE-2006-1644

login.php in Interact 2.1.1 generates different responses depending on whether or not a username is valid, which allows remote attackers to determine valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

6.4AI score0.01392EPSS
Exploits0References4
CVE
CVE
added 2006/04/06 10:0 a.m.48 views

CVE-2006-1643

Interac t 2.1.1 is affected by an SQL injection in login.php, exploitable via the user_name parameter to allow remote execution of arbitrary SQL commands. The CVE record confirms this is a SQL injection vulnerability with a CVSS base score of 7.5 (HIGH) and network access with no authentication r...

7.5CVSS8.1AI score0.01214EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2006/04/06 10:0 a.m.48 views

CVE-2006-1642

The CVE-2006-1642 entry describes a Cross-site Scripting (XSS) vulnerability in Interact 2.1.1. The flaw allows remote attackers to inject arbitrary web script or HTML via multiple input vectors: search_terms in search.php and first_name, last_name, email, password, and confirm_password in userin...

2.6CVSS5.5AI score0.01174EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2006/04/06 10:0 a.m.39 views

CVE-2006-1644

InterAct 2.1.1’s login.php reveals an information-disclosure vulnerability: responses differ for valid vs invalid usernames, enabling remote enumeration of usernames. Affected component is login handling in Interact 2.1.1; root cause is input-based response variance. Impact is partial confidentia...

5CVSS6.4AI score0.01392EPSS
Exploits0References4Affected Software1
Metasploit
Metasploit
added 2005/12/26 2:34 p.m.33 views

Unix Command, Interact with Established Connection

Interacts with a shell on an established socket connection This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule CachedSize = 0 include Msf::Payload::Single include Msf::Sessions::CommandShellOptions...

7.1AI score
Exploits0
Rows per page
Query Builder