CVE-2008-6465

Multiple cross-site scripting XSS vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the 1 err, 2 errorcode, and 3 login parameters...

CVE-2008-6465

CVE-2008-6465 affects Parallels H-Sphere 3.0.0 P9 and 3.1 P1. The NUCLEI template documents multiple cross-site scripting (XSS) flaws in login.php within webshell4, allowing an attacker to inject arbitrary script/HTML via the parameters (err, errorcode, login). Potential impact includes theft of ...

Kim Websites 1.0 (Auth Bypass) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================== Kim Websites 1.0 Auth Bypass SQL Injection Vulnerability ==========================================================...

Kim Websites 1.0 - Authentication Bypass

Kim Websites 1.0 SQL Injection Vulnerability Authentication bypass Virangar Security Team www.virangar.net -------- Discoverd By : Virangar Security Teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & Ariasecurity team & all hackerz greetz:to my best frien...

CVE-2009-0886

Directory traversal vulnerability in login.php in OneOrZero Helpdesk 1.6.5.7 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the defaultlanguage parameter...

OneOrZero Helpdesk 1.6.5.7 Local File Inclusion

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl OneOrZero Helpdesk = 1.6.5.7 Local File Inclusion Vulnerability Script: "OneOrZero Helpdesk and Task Management System is a powerfu...

OneOrZero Helpdesk 1.6.5.7 - Local File Inclusion

OneOrZero Helpdesk 1.6.5.7 - Local File Inclusion :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl OneOrZero Helpdesk = 1.6.5.7 Local File Inclusion Vulnerability Script: "OneOrZer...

OneOrZero Helpdesk <= 1.6.5.7 Local File Inclusion Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl OneOrZero Helpdesk = 1.6.5.7 Local File Inclusion Vulnerability Script: "OneOrZero Helpdesk and...

celerbb 0.0.2 - Multiple Vulnerabilities

Salvatore "drosophila" Fresta + Application: CelerBB + Version: 0.0.2 + Website: http://celerbb.sourceforge.net/ + Bugs: A Multiple SQL Injection B Information Disclosure C Authenticaion Bypass + Exploitation: Remote + Date: 05 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author:...

Sql injection

SQL injection vulnerability in login.php in xGuestbook 2.0 allows remote attackers to execute arbitrary SQL commands via the user parameter...

CVE-2009-0810

The vulnerability CVE-2009-0810 affects xGuestbook 2.0, specifically the login.php component where the user parameter is used in a way that permits SQL injection. The advisory states that remote attackers can cause arbitrary SQL commands to execute, indicating a classic injection in authenticatio...

CVE-2009-0750

SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote attackers to execute arbitrary SQL commands via the username parameter...

Sql injection

SQL injection vulnerability in login.php in the smNews example script for txtSQL 2.2 Final allows remote attackers to execute arbitrary SQL commands via the username parameter...

CVE-2009-0750

The CVE affects the txtSQL 2.2 Final suite, specifically the smNews example script’s login.php. The vulnerability is a SQL injection in the username parameter, enabling remote attackers to execute arbitrary SQL commands. Documents confirm the issue is due to improper input handling in login.php, ...

CVE-2008-6332

CVE-2008-6332 describes an SQL injection in login.php of Simple Customer 1.2. The vulnerability allows remote attackers to submit a crafted password parameter and execute arbitrary SQL commands, impacting authentication processes and data integrity. The entry notes a high overall severity (CVSS v...

CVE-2008-6326

Summary (CVE-2008-6326): A SQL injection flaw exists in login.php of the Simple Customer software, allowing remote attackers to inject arbitrary SQL via the email parameter. This is the root cause: unsanitized user input in a login routine leading to command execution against the database. Impact...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Camera Life 2.6.2b8 allow remote attackers to inject arbitrary web script or HTML via the q parameter to 1 search.php and 2 rss.php; the query string after the image name in 3 photos/photo; the path parameter to 4 folder.php; page parameter and...

Sql injection

SQL injection vulnerability in login.php in Auth Php 1.0 allows remote attackers to execute arbitrary SQL commands via the 1 username and 2 passwd parameters...

CVE-2009-0740

SQL injection vulnerability in login.php of BlueBird Prelease can be exploited via (1) username and (2) passwd parameters to execute arbitrary SQL commands. Root cause is improper input handling in the login routine, enabling remote attackers to manipulate queries. Impact per the record indicates...

CVE-2009-0739

CVE-2009-0739 affects the MyNews 0.10 web application, specifically the login.php component. The vulnerability is a SQL injection in the authentication path, exploitable through the parameters (1) username and (2) passwd, enabling remote attackers to execute arbitrary SQL commands. The CVSS metri...