85 matches found
DIY-CMS blog mod SQL Injection Vulnerability
No description provided by source. Exploit Title: DIY-CMS blog mod SQL Injection Author: snup Contact: [email protected] Site: http://e-o-u.org SQL Injection: DORK: inurl:mod.php?mod=blog intext:powered by DIY-CMS inurl:mod.php?mod=blog BUG:...
CVE-2012-6518
CVE-2012-6518 is a CSRF vulnerability affecting DiY-CMS 1.0, where mod.php allows attackers to hijack administrator authentication by crafting requests to the poll module’s add action. The issue arises from insufficient CSRF protections in the poll creation workflow, enabling unauthorized actions...
eNdonesia 8.5 katalog Module Cross Site Scripting
Exploit for php platform in category web applications Exploit Title: eNdonesia 8.5 katalog Module Cross Site Scripting Google Dork: inurl:mod.php?mod=katalog&op=search Date: 07/28/2012 Author: Crim3R download Link :...
eNdonesia - 'cid' SQL Injection
source: https://www.securityfocus.com/bid/54741/info eNdonesia is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, ...
eNdonesia Katalog 8.5 Cross Site Scripting
Exploit Title: eNdonesia katalog Module Cross Site Scripting Google Dork: inurl:mod.php?mod=katalog&op= Date: 07/28/2012 Author: Crim3R download Link : http://nchc.dl.sourceforge.net/project/endonesia/eNdonesia/eNdonesia.8.5/endonesia.8.5.zip Version: 8.5 Tested on: all ===============Vuln...
Unfixed XSS vulnerability at www.larismanis.web.id
Security researcher xwungu, has submitted on 15/02/2012 a cross-site-scripting XSS vulnerability affecting www.larismanis.web.id, which at the time of submission ranked 1420724 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/02/2012. It is...
eNdonesia 8.4 SQL injection vulnerability-vulnerability warning-the black bar safety net
Dork : mod. php? mod=publisher&op=printarticle&artid= http://localhost/mod.php?mod=publisher&op=printarticle&artid=valid idsql-i Injection test http://www.myhack58.com/mod.php?mod=publisher&op=printarticle&artid=-47+union+select+1,concatws%280x3a,aid,name,pwd%29,3,4,5,6,7+from+authors--...
phpCOIN 'mod' Parameter Local File Include Vulnerability
phpCOIN is prone to local file include vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpcoin:phpcoin";...
Directory traversal
Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitrary files via a .. dot dot in the mod parameter...
CVE-2010-0953
CVE-2010-0953 affects phpCOIN 1.2.1. The vulnerability is a directory traversal in mod.php via the mod parameter, enabling remote reading of arbitrary files. Documented CVSS base score is 6.8 (medium) with network exposure and no authentication. OpenVAS also describes phpCOIN as prone to local fi...
CVE-2010-0953
Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitrary files via a .. dot dot in the mod parameter...
phpCOIN 1.2.1 (mod.php) Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ========================================================== phpCOIN 1.2.1 mod.php Local File Inclusion Vulnerability ========================================================== Exploit Title: phpCOIN 1.2.1 mod.php LFI vulnerability Author: m...
phpCOIN 1.2.1 SQL Injection
phpCOIN 1.2.1 mod.php SQL Injection Vulnerability Author : Baybora Homepage : http://www.1923turk.com Blog : http://baybora.wordpress.com/ Script : phpCOIN 1.2.1 Download : http://www.phpcoin.com/ Vulnerable File mod.php?mod=faq&mode=show&faqid= SQL XpL...
PHPCOIN 1.2.1 - mod.php SQL Injection
PHPCOIN 1.2.1 - mod.php SQL Injection phpCOIN 1.2.1 mod.php SQL Injection Vulnerability Author : Baybora Homepage : http://www.1923turk.com Blog : http://baybora.wordpress.com/ Script : phpCOIN 1.2.1 Download : http://www.phpcoin.com/ Vulnerable File mod.php?mod=faq&mode=show&faqid= SQL XpL...
PHPCOIN 1.2.1 - 'mod.php' SQL Injection
phpCOIN 1.2.1 mod.php SQL Injection Vulnerability Author : Baybora Homepage : http://www.1923turk.com Blog : http://baybora.wordpress.com/ Script : phpCOIN 1.2.1 Download : http://www.phpcoin.com/ Vulnerable File mod.php?mod=faq&mode=show&faqid= SQL XpL...
phpCOIN v1.2.1 (mod.php) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ==================================================== phpCOIN v1.2.1 mod.php SQL Injection Vulnerability ==================================================== phpCOIN 1.2.1 mod.php SQL Injection Vulnerability Author : Baybora Homepage :...
Endonesia 8.4 CMS Local File Inclusion
Endonesia 8.4 CMS Site: http://www.endonesia.org/ Download: http://sourceforge.net/projects/endonesia Bug: Local File Inclusion in mod.php file ! Author: s4r4d0 Mail: [email protected] Team: Fatal Error Poc:http://www.site.com/mod.php?mod=/../../../../../../proc/self/environ%00...
eNdonesia CMS 8.4 - Local File Inclusion
Endonesia 8.4 CMS Site: http://www.endonesia.org/ Download: http://sourceforge.net/projects/endonesia Bug: Local File Inclusion in mod.php file ! Author: s4r4d0 Mail: [email protected] Team: Fatal Error Poc:http://www.site.com/mod.php?mod=/../../../../../../proc/self/environ%00...
eNdonesia CMS 8.4 - Local File Inclusion
eNdonesia CMS 8.4 - Local File Inclusion Endonesia 8.4 CMS Site: http://www.endonesia.org/ Download: http://sourceforge.net/projects/endonesia Bug: Local File Inclusion in mod.php file ! Author: s4r4d0 Mail: [email protected] Team: Fatal Error...
Endonesia CMS 8.4 local file inclusion
No description provided by source. Endonesia 8.4 CMS Site: http://www.endonesia.org/ Download: http://sourceforge.net/projects/endonesia Bug: Local File Inclusion in mod.php file ! Author: s4r4d0 Mail: [email protected] Team: Fatal Error...