PHPEasyData 1.5.4 - admin/login.php username Field SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/29659/info PHPEasyData is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage the cross-site scripting issues to...

Spaminator <= 1.7 (page) Remote File Include Vulnerability

No description provided by source. Spaminator 1.7. $page Remote File Include CreW: ToXiC BuG Found By Drago84 SourcE CodE: http://freshmeat.net/redir/spaminator/16281/urltgz/spaminator-1.7.tar.gz Page Affect is: /src/Login.php Problem is include $page.php; Path : Declare $page ExpL:...

KPPW Sql 最新版 注入#2

简要描述： 更新日期: 2014-05-19 12:17:29 详细说明： 在control/login.php中 if kekezu::submitcheckisset$formhash|| isset$logintype ==3 if$code $strCodeCheck = kekezu::checksecode $code ; if $strCodeCheck!=1 $tips'errors''code' = $strCodeCheck; kekezu::showmsg $tips, NULL, NULL, NULL, 'error' ; isset$hdnrefer and...

PHP168 6.0 and below the version login. php memory major security vulnerability-vulnerability warning-the black bar safety net

A big problem, it is best not to ignore。。。。 The use of the code will be php Trojan is inserted into the cache/directory to easily get webshell, you can bulk. Use a search engine to search Powered by php168 v6 or what version of v5, v4, v3, v2, v1 will search to many, many more related site Since...

OpenSupports 2.0 - Blind SQL Injection

Open Support Blind SQL Injection v2.0 Vulnerability =================================================== Author indoushka ================= vendor :http://www.opensupports.com/files/Opensupportsv2EN.rar ================= Dork : Power by OpenSupports © 2009 - 2014. All Rights reserved This...

FineCMS 2 /member/controllers/Login.php SQL注入漏洞

No description provided by source...

CVE-2013-7137

The "remember me" functionality in login.php in Burden before 1.8.1 allows remote attackers to bypass authentication and gain privileges by setting the burdenuserrememberme cookie to 1...

CVE-2013-7137

CVE-2013-7137 affects Burden prior to 1.8.1. The vulnerability arises from insufficient validation of the burden_user_rememberme cookie, allowing remote unauthenticated users to set the cookie to 1 and gain administrative privileges via the login mechanism. Impact is authentication bypass with po...

TheWebForum login.php username Parameter SQL Injection - Ver2 (CVE-2006-0135)

An SQL injection vulnerability has been reported in TheWebForum twf. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

RedAxScript 1.1 SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Mintboard 0.3 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 pass parameter in views/login.php or 3 name or 4 pass parameter in views/signup.php...

CVE-2013-4954

CVE-2013-4954 concerns the WordPress plugin Pie Register (Genetech Solutions) where the wp-login.php page is vulnerable to multiple parameter XSS (pass1 and pass2) when “Allow New Registrations to set their own Password” is enabled. The issue affects Pie-Register before 1.31; the root cause is im...

WordPress Plugin Pie Register - &#039;wp-login.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/61140/info Pie Register plugin for WordPress is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This...

Glossword 1.8.3 - SQL Injection

Glossword 1.8.3 - SQL Injection cs ============================================================== Vulnerable Software: Glossword 1.8.3 Official site: http://sourceforge.net/projects/glossword/ Download: http://sourceforge.net/projects/glossword/files/glossword/1.8.3/ Vuln: SQLi...

Glossword 1.8.3 - SQL Injection

cs ============================================================== Vulnerable Software: Glossword 1.8.3 Official site: http://sourceforge.net/projects/glossword/ Download: http://sourceforge.net/projects/glossword/files/glossword/1.8.3/ Vuln: SQLi ==================THIS IS A WHOLE...

CVE-2012-5874

Multiple SQL injection vulnerabilities in the 1 updatewhosonlinereg and 2 updatewhosonlineguest functions in Elite Bulletin Board before 2.1.22 allow remote attackers to execute arbitrary SQL commands via the PATHINFO to a checkuser.php, b groups.php, c index.php, d login.php, e quicklogin.php, f...

CVE-2012-5913

Cross-site scripting XSS vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter to wp-login.php...

Cross site scripting

Cross-site scripting XSS vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter to wp-login.php...

CVE-2012-5913

Cross-site scripting XSS vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter to wp-login.php...

P3 Technologie SQL Injection Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...