kawf <= 1.0 (main.php) Remote File Include Vulnerability

No description provided by source. kawf config Remote File Include --------------------------------------------------------------------------------------------- Kawf is a web forum written in PHP4 using MySQL v. 1.0 and all below...

Log1 CMS 2.0 - Multiple Vulnerabilities

No description provided by source. +---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Email :...

Double Choco Latte 0.9.3/0.9.4 main.php Arbitrary PHP Code Execution

No description provided by source. source: http://www.securityfocus.com/bid/12894/info Double Choco Latte is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting/HTML...

SolucionXpressPro 'main.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33111/info SolucionXpressPro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

PHP Web Explorer 0.99b main.php refer Parameter Traversal Local File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/31595/info PHP Web Explorer is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal string...

Webit Cms SQL Injection Vulnerability

No description provided by source. ------------------------------------------------------------------------------------------- Webit Cms SQL Injection Vulnerability ------------------------------------------------------------------------------------------- Author: CoBRa21 Script Home:...

SQLiteManager 1.2 Main.PHP Multiple HTML Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/22731/info SQLiteManager is prone to multiple HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied input data. Exploiting these issues may allow an attacker to execute HTML and script cod...

CVE-2013-6163

Multiple cross-site scripting XSS vulnerabilities in ProjeQtOr formerly Project'Or RIA before 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the 1 type parameter to view/parameter.php, 2 p1value parameter to view/main.php, or 3 objectClass parameter to view/objectDetail.p...

CVE-2012-5105

CVE-2012-5105 affects SQLiteManager 1.2.4 and involves multiple cross-site scripting (XSS) vulnerabilities. Vulnerability details from connected sources show that remote attackers can inject arbitrary web script or HTML via the dbsel parameter to main.php or index.php, or via the nsextt parameter...

MySQLDumper 1.24.4 - main.php Multiple Cross-Site Request Forgery Vulnerabilities

MySQLDumper 1.24.4 - main.php Multiple Cross-Site Request Forgery Vulnerabilities source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3...

CVE-2012-1297

CVE-2012-1297 affects Contao (formerly TYPOlight) 2.11.0 and earlier, via multiple CSRF vulnerabilities in main.php that can hijack administrator authentication for actions that delete users, news, or newsletters. Root cause and exact exploit details are not elaborated in the provided documents. ...

Cook Media Web Development Group SQL Injection

+Exploit Title: Cook Media Web Development Group Sensitive Database Disclosure Vulnerability +Author : ^Xecuti0n3r + Date : 27.04.2011 + Hour : 13:37 PM + E-mail : xecuti0n3ryahoo.com + dork : intext:"Cook Media Group, LLC." inurl:"php?script=" + Category : Web Apps SQli...

Log1 CMS 2.0 Multiple Vulnerabilities

Exploit for php platform in category web applications +---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Emai...

Log1 CMS File Modification / Download

+---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Email : [email protected] Google-Dork : "POWERED BY LOG...

Log1 CMS 2.0 - Multiple Vulnerabilities

Log1 CMS 2.0 - Multiple Vulnerabilities +---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Email :...

CVE-2011-0508

Cross-site scripting XSS vulnerability in system/modules/comments/Comments.php in Contao CMS 2.9.2, and possibly other versions before 2.9.3, allows remote attackers to inject arbitrary web script or HTML via the HTTP XFORWARDEDFOR header, which is stored by system/libraries/Environment.php but n...

CVE-2011-0508

Cross-site scripting XSS vulnerability in system/modules/comments/Comments.php in Contao CMS 2.9.2, and possibly other versions before 2.9.3, allows remote attackers to inject arbitrary web script or HTML via the HTTP XFORWARDEDFOR header, which is stored by system/libraries/Environment.php but n...

Entrans 0.3.2 Cross Site Scripting / SQL Injection

======================================= Vulnerability ID: HTB22606 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinentrans.html Product: Entrans Vendor: Khader Abbeb N http://sourceforge.net/projects/entrans/ Vulnerable Version: 0.3.2 and Probably Prior Versions Vendor Notification: ...

Unfixed XSS vulnerability at www.flashpageflip.com

Security researcher k3vin mitnick, has submitted on 08/09/2010 a cross-site-scripting XSS vulnerability affecting www.flashpageflip.com, which at the time of submission ranked 50835 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/09/2010. It...

Webit CMS Cross Site Scripting

========================================================= Webit Cms XSS/HTML Injection Vulnerabilities ========================================================= Name: Webit Cms XSS/HTML Injection Vulnerabilities Vendor: http://www.webitcms.gr Date: 2010-05-26 Author: XroGuE Thanks to: Inj3ct0r.co...