1445 matches found
myBloggie 2.1.5 login.php PATH_INFO Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22097/info MyBloggie is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...
IP Reg <= 0.4 - Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl ----------------------------------------------- IP Reg = 0.4 Blind SQL Injection Exploit Discovered By StAkeR - StAkeRathotmaildotit Discovered On 03/10/2008 ----------------------------------------------- Download...
Easy POS System - SQL Injection (login.php)
No description provided by source...
Nukeviet 2.0 'admin/login.php' Cookie Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/30681/info Nukeviet is prone to an authentication-bypass vulnerability because it fails to adequately verify user-supplied input used for cookie-based authentication. Attackers can exploit this vulnerability to gain...
4xcms 'login.php' Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/39840/info 4xcms is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromi...
Indexu 5.0/5.3 login.php error_msg Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22084/info Indexu is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...
IPN Development Handler 2.0 - Multiple Vulnerabilities
No description provided by source. IPN Development Handler v2.0 CSRF Change Admin Account ============================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://scripts.filehungry.com/product/php/e-commerce/paypal/ipndevelopmenthandler/ ===...
WebCalendar 0.9.x Multiple Module SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/8540/info It has been reported that WebCalendar may be prone to multiple SQL injection issues in the viewt.php, vieww.php, viewv.php, and login.php modules of the software. The problems arise from a lack of sufficient...
VBZoom 1.0/1.11 login.php UserID Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/14423/info VBZooM Forum is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issue...
acute control panel 1.0.0 (sql/rfi) Multiple Vulnerabilities
No description provided by source. + Acute Control Panel 1.0.0 RFI/SQL Injection Auth Bypass + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote File Inclusion Vulnerable code in container.php ----------------------------------------------------------- ?php...
psipuss 1.0 - Multiple Remote SQL Injection Vulnerabilities
No description provided by source. ...:::::psipuss version 1.0 SQL Injection Vulnerabilities ::::.... Virangar Security Team www.virangar.net www.virangar.ir -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all...
DeskPro 2.0.1 Login.PHP HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23381/info DeskPRO is prone to an HTML-injection scripting vulnerability because the application fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would execute in the context of the...
MercuryBoard <= 1.1.5 (login.php) Remote Blind SQL Injection Exploit
No description provided by source. ?php / -------------------------------------------------------------------- MercuryBoard = 1.1.5 login.php Remote Blind SQL Injection Exploit -------------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom...
Invision Power Board <= 1.3.1 Login.PHP SQL Injection (working)
No description provided by source. ?php / = 1.3.1 Final /str0ke / $server = SERVER; $port = 80; $file = PATH; $target = 81; / User id and password used to fake-logon are not important. '10' is a random number. / $id = 10; $pass = ; $hex = 0123456789abcdef; for$i = 1; $i = 32; $i++ $idx = 0; $foun...
Infront SQL Injection Vulnerability
No description provided by source. Exploit Title: Infront SQL Injection Vulnerability Date: 12-06-2010 Author: TheMaster [email protected] Software Link: http://www.infront.com/ Version: N/A Tested on: Windows XP SP3 Author : TheMaster [email protected] Dork : intext:Powered by Infront Type of attack :...
PunBB Mod PunPortal 0.1 - Local File Inclusion Exploit
No description provided by source. !/usr/bin/perl =about PunBB PunPortal 0.1 Local File Inclusion Exploit -------------------------------------------------- by athos - stakerathotmaildotit download mod http://www.punres.org/download.php?id=1108 download cms http://punbb.org register globals = 1...
AckerTodo 4.2 Login.PHP Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/20372/info ackerTodo is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker t...
MemHT Portal 4.0.1 - SQL Injection Code Execution Exploit
No description provided by source. !/usr/bin/perl =about MemHT 4.0.1 Perl exploit AUTHOR discovered & written by Ams ax330d doggy gmail dot com VULN. DESCRIPTION: Due to weak params filtering we are able to make SQL-Injection. So, 1. Look at 'inc/ajax/ajaxrating.php', line 29. It is not enough to...
ourvideo CMS 9.5 phpi/login.php XSS Vulnerabilities
No description provided by source...
ShopWeezle 2.0 login.php itemID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17441/info ShopWeezle is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...