CVE-2008-5854

CVE-2008-5854 affects myPHPscripts Login Session 2.0: vulnerable is login.php in the User form (ls_user, ls_email) during an ls_register action, enabling stored/reflective XSS by remote attackers to inject arbitrary web script/HTML. The NVD entry confirms the vulnerability and its CVSS base metri...

Sql injection

SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the adminusername parameter aka admin field. NOTE: some of these details are obtained from third party information...

CVE-2008-5806

CVE-2008-5806 affects DeltaScripts PHP Classifieds 7.5 and earlier: a SQL injection flaw in login.php allows remote attackers to inject arbitrary SQL via the admin_username parameter (aka admin field). The vulnerability stems from unsafely constructed queries in the login handling code. Impact is...

CVE-2008-5806

SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the adminusername parameter aka admin field. NOTE: some of these details are obtained from third party information...

CVE-2008-5803

CVE-2008-5803 describes a SQL injection vulnerability in the admin/login.php of E-topbiz Online Store 1.0 . The issue allows remote attackers to execute arbitrary SQL commands through the user parameter (aka username field), potentially impacting data confidentiality and integrity. The NVD entry ...

Wordpress 2.7.0 admin remote code execution vulnerability-vulnerability warning-the black bar safety net

by Ryatpuretot mail: puretot at gmail dot com team: http://www.80vul.com date: 2008-12-18 Analysis: This vulnerability out in the background: wp-admin/post.php if currentusercan'editpost', $postID if $last = wpcheckpostlock $post-ID $lastuser = getuserdata $last ; $lastusername = $lastuser ?...

phpCollab: Multiple vulnerabilities

Background phpCollab is a web-enabled groupware and project management software written in PHP. It uses SQL-based database backends. Description Multiple vulnerabilities have been found in phpCollab: rgod reported that data sent to general/sendpassword.php via the loginForm parameter is not...

CVE-2008-5648

DeltaScripts PHP Shop 1.0 is vulnerable to SQL injection in admin/login.php via the admin_username parameter. The underlying issue is an unsafely handled input that allows remote attackers to modify the SQL executed by the application, enabling arbitrary SQL commands. This vulnerability is docume...

CVE-2008-5642

Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. dot dot in a cmslanguage cookie...

The Rat CMS Alpha 2 - Authentication Bypass

--------------------------------- The Rat Cms Auth By Pass --------------------------------- Autore: x0r Email: [email protected] -------------------------------- Bug In: \login.php $sql = "SELECT userid FROM tblauthuser WHERE userid = '$userId' AND userpassword = PASSWORD'$password'"; $result...

The Rat CMS Alpha 2 - Authentication Bypass

The Rat CMS Alpha 2 - Authentication Bypass --------------------------------- The Rat Cms Auth By Pass --------------------------------- Autore: x0r Email: [email protected] -------------------------------- Bug In: \login.php $sql = "SELECT userid FROM tblauthuser WHERE userid = '$userId' AND...

phpAddEdit 1.3 Login Bypass

------------------------------------- PhpAddEdit 1.3 Login By Pass ------------------------------------- Found By: x0r Evolution Team Email: [email protected] ------------------------------------- Bug In: Addedit-login.php if !$loginerror // --- Set admin cookie so favorite form field will sho...

CVE-2008-5433

Cross-site scripting XSS vulnerability in login.php in PunBB 1.3 and 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the password field...

PhpAddEdit 1.3 - cookie Authentication Bypass

PhpAddEdit 1.3 - cookie Authentication Bypass ------------------------------------- PhpAddEdit 1.3 Login By Pass ------------------------------------- Found By: x0r Evolution Team Email: [email protected] ------------------------------------- Bug In: Addedit-login.php if !$loginerror // --- Se...

PhpAddEdit 1.3 (Cookie) Login Bypass Vulnerability

Exploit for unknown platform in category web applications ================================================== PhpAddEdit 1.3 Cookie Login Bypass Vulnerability ================================================== ------------------------------------- PhpAddEdit 1.3 Login By Pass...

CVE-2008-5418

Directory traversal vulnerability in login.php in the PunPortal module before 2.0 for PunBB allows remote attackers to include and execute arbitrary local files via a .. dot dot in the punuserlanguage parameter...

CVE-2008-5418

CVE-2008-5418 affects PunPortal module for PunBB (before version 2.0). The vulnerability is a directory traversal in login.php that allows remote attackers to include and execute arbitrary local files by manipulating pun_user[language] with .. (dot dot). This is a root-cause issue in file inclusi...

CMS Made Simple admin/login.php cms_language Cookie Local File Inclusion

The remote host is running CMS Made Simple, a content management system written in PHP. The version of CMS Made Simple installed on the remote host fails to sanitize user-supplied input to the 'cmslanguage' cookie when passed to the 'admin/login.php' script before using it to include PHP code...

PunBB Mod PunPortal 0.1 - Local File Inclusion

PunBB Mod PunPortal 0.1 - Local File Inclusion !/usr/bin/perl =about PunBB PunPortal 0.1 Local File Inclusion Exploit -------------------------------------------------- by athos - stakerathotmaildotit download mod http://www.punres.org/download.php?id=1108 download cms http://punbb.org register...

PunBB Mod PunPortal 0.1 Local File Inclusion Exploit

No description provided by source. !/usr/bin/perl =about PunBB PunPortal 0.1 Local File Inclusion Exploit -------------------------------------------------- by athos - stakerathotmaildotit download mod http://www.punres.org/download.php?id=1108 download cms http://punbb.org register globals = 1...