Phoenix View CMS Pre Alpha2 - SQL Injection Local File Inclusion Cross-Site Scripting

Phoenix View CMS Pre Alpha2 - SQL Injection Local File Inclusion Cross-Site Scripting Phoenix View CMS = Pre Alpha2 Multiple Vulnerabilities LFISQLIXSS Found by : tw8 Date : 8.05.2008 Website && Forum : http://rstzone.org && http://rstzone.org/forum/ Bug type : LFI, SQLI & XSS Affected software...

CVE-2008-2035

Cross-site scripting XSS vulnerability in the Bluemoon, Inc. 1 BackPack 0.91 and earlier, 2 BmSurvey 0.84 and earlier, 3 newbbfileup 1.83 and earlier, 4 Newsembed newsfileup 1.44 and earlier, and 5 PopnupBlog 3.19 and earlier modules for XOOPS 2.0.x, XOOPS Cube 2.1, and ImpressCMS allows remote...

Python PyLocale_strxfrm函数远程信息泄露漏洞

BUGTRAQ ID: 23887 CVECAN ID: CVE-2007-2052 Python是一种开放源代码的脚本编程语言。 Python的Modules/localemodule.c文件中的PyLocalestrxfrm函数中存在单字节溢出漏洞，允许攻击者读取部分内存内容。 Modules/localemodule.c:361 356 n1 = strlens + 1; 357 buf = PyMemMallocn1; 358 if !buf 359 return PyErrNoMemory; 360 n2 = strxfrmbuf, s, n1;...

XOOPS Recette 2.2 - 'detail.php' SQL Injection

source: https://www.securityfocus.com/bid/28859/info XOOPS Recette is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

Remote file inclusion

PHP remote file inclusion vulnerability in modules/basicfog/basicfogfactory.class.php in PhpBlock A8.4 allows remote attackers to execute arbitrary PHP code via a URL in the PATHTOCODE parameter...

phpblock-rfi.txt

Script Name : PHP Block a8.4 Download : http://sourceforge.net/project/downloading.php?groupid=186381&usemirror=surfnet&filename=a8.4.zip&73507325 Error : includeonce $PATHTOCODE."/script/fonction.php"; Vul Code :...

SA-2008-023 - Ubercart - Cross site scripting

During checkout in Ubercart enabled stores, customers have text fields in which to enter their address and order information. Some stores will have modules enabled that restrict what sort of values are accepted in these fields, but this is not the case for everyone. This provides an opportunity f...

Kill KV 2 0 0 8, Rising, etc. most of the mollusc-vulnerability warning-the black bar safety net

Article author: sudami [email protected] Information source: evil octal information security team www.eviloctal.com） Original source: http://hi.baidu.com/sudami/blog/item/a0f114dac68fe3dfb6fd481a.html Preface: Writing this article is not to spread the virus technology,but for the majority of compute...

exv2webchat-sql.txt

Powered by eXV2 WebChat 1.60 SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORKS 1 : allinurl :"modules/WebChat" EXPLOIT 1 :...

exv2viso-sql.txt

Powered by eXV2 Viso 2.03 SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORKS 1 : allinurl :"modules/viso" EXPLOIT 1 :...

PT-2008-2889 · Php Nuke · Php-Nuke

Name of the Vulnerable Software and Affected Versions: PHP-Nuke affected versions not specified Description: A SQL injection issue exists, allowing remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the cat parameter in a viewcat action to modules.php...

CVE-2008-1060

Eval injection vulnerability in modules/execute.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via the text parameter...

Debian: Security Advisory (DSA-1505-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1505-1 (alsa-driver)

The remote host is missing an update to alsa-driver announced via advisory DSA 1505-1. OpenVAS Vulnerability Test $Id: deb15051.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1505-1 alsa-driver Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

php-nuke Kuran SQL Injection(surano)

php-nuke Kuran SQL Injectionsurano AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl: "modules php name Kuran"surano DORK 2 : allinurl: "modules php name Kuran" EXPLOIT : admin...

[SECURITY] [DSA 1505-1] New alsa-driver packages fix kernel memory leak

------------------------------------------------------------------------ Debian Security Advisory DSA-1505 [email protected] http://www.debian.org/security/ dann frazier February 22, 2008 http://www.debian.org/security/faq -...

phpnukemanuales-sql.txt

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-= PHP-NUKE Modules Manuales v0.1 Remote SQL Injection =-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-= Found: xoron contact: [email protected] only e-mail...

PHP-Nuke Modules Manuales 0.1 (cid) SQL Injection Vulnerability

No description provided by source. =-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-= PHP-NUKE Modules Manuales v0.1 Remote SQL Injection =-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-= Found: xoron contact: [email protected] only e-mail...

PHP-Nuke Modules Manuales 0.1 - 'cid' SQL Injection

=-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-= PHP-NUKE Modules Manuales v0.1 Remote SQL Injection =-==-==-==-==-==-==-==X==O==R==O==N==-==-==-==-==-==-==-==-==-==-==-= Found: xoron contact: [email protected] only e-mail...

PHP-Nuke Modules Manuales 0.1 (cid) SQL Injection Vulnerability

Exploit for unknown platform in category web applications =============================================================== PHP-Nuke Modules Manuales 0.1 cid SQL Injection Vulnerability ===============================================================...