CVE-2007-6691

Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to 1 "hotlink protection" in the URL rewrite module, 2 a WebDAV view in the WebDAV module, 3 a comment view in the Comment module, 4 unspecified "item information disclosure attacks" in the Core modu...

CVE-2007-6691

Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to 1 "hotlink protection" in the URL rewrite module, 2 a WebDAV view in the WebDAV module, 3 a comment view in the Comment module, 4 unspecified "item information disclosure attacks" in the Core modu...

CVE-2007-6691

CVE-2007-6691 affects Menalto Gallery

CVE-2007-6691

Multiple unspecified vulnerabilities in Menalto Gallery before 2.2.4 have unknown impact, related to 1 "hotlink protection" in the URL rewrite module, 2 a WebDAV view in the WebDAV module, 3 a comment view in the Comment module, 4 unspecified "item information disclosure attacks" in the Core modu...

Debian: Security Advisory (DSA-580-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CORE FORCE Firewall 0.95.167 and Registry Modules - Multiple Local Kernel Buffer Overflow Vulnerabilities

source: https://www.securityfocus.com/bid/27341/info CORE FORCE Firewall and Registry modules are prone to multiple local kernel buffer-overflow vulnerabilities because the software fails to adequately verify user-supplied input. Local attackers can exploit these issues to cause denial-of-service...

osData <= 2.08 Modules Php121 Local File Inclusion Vulnerability

No description provided by source. ========================================================================= osData = 2.08 Modules Php121 Local File Include Vulnerability ========================================================================= Found by : Cold z3ro , http://www.Hackteach.org/cc/...

osdata-lfi.txt

========================================================================= osData = 2.08 Modules Php121 Local File Include Vulnerability ========================================================================= Found by : Cold z3ro , http://www.Hackteach.org/cc/...

osData 2.08 Modules Php121 - Local File Inclusion

osData 2.08 Modules Php121 - Local File Inclusion ========================================================================= osData = 2.08 Modules Php121 Local File Include Vulnerability ========================================================================= Found by : Cold z3ro ,...

osData 2.08 Modules Php121 - Local File Inclusion

========================================================================= osData = 2.08 Modules Php121 Local File Include Vulnerability ========================================================================= Found by : Cold z3ro , http://www.Hackteach.org/cc/...

osData <= 2.08 Modules Php121 Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================ osData = 2.08 Modules Php121 Local File Inclusion Vulnerability ================================================================...

Design/Logic Flaw

The bsystemcommentsshow function in htdocs/modules/system/blocks/systemblocks.php in XOOPS before 2.0.18 does not check permissions, which allows remote attackers to read the comments in restricted modules...

Tribisur 2.0 - SQL Injection

!/usr/bin/php -q And now the bugged code :- : So we can exploit it with this simple PoC: forum.php?action=liste&cat=-1+union+select+0,concatpseudo,0x3a,passe,0,0,0,0,0,0,0,0+from+utiliz+where+id=1 Bug 2 in catmain.php : So like the first we can exploit it with:...

blakord-sql.txt

--==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ Blakord Portal = 0 Exploit2: http://localhost/path/any module?id=1 and exists select from TABLE Example: http://localhost/path/any module?id=1 AND SELECT Count FROM users = 0 Example2:...

runcms-sqlids.txt

// / RUNCMS 1.6 BLIND SQL Injection Exploit + IDS evasion / // / exploit get hash of admin password / / / / Exploit is invisible for / / RUNCMS sql injection detecting mechanism / // // / tested on RUNCMS english version 1.6 / // // / Date of Public EXPLOIT: December 25, 2007 / / Written by:...

runcms-sql.txt

// / RUNCMS 1.6 BLIND SQL Injection Exploit get Admin Cookie / // / exploit get admin cookie that can be used / / to login by pasting it into browser Opera / / and then get access to Admin session / / and change Admins password / / / // // / tested on RUNCMS english version 1.6 / // // / Date of...

CVE-2007-6545

Multiple cross-site scripting XSS vulnerabilities in RunCMS before 1.6.1 allow remote attackers to inject arbitrary web script or HTML via 1 the subject parameter to modules/news/submit.php; 2 the PATHINFO to modules/news/index.php, possibly related to the XoopsPageNav class; or 3 an avatar image...

Blakord Portal &lt;= Beta 1.3.A (all modules) SQL Injection Vulnerability

No description provided by source. --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ Blakord Portal = Beta 1.3.A all modules Blind Sql Injection +==-- --==+===================================================================================+==-- +...

Blakord Portal &lt;= Beta 1.3.A &#40;all modules&#41; Blind Sql Injection

Blakord Portal = Beta 1.3.A all modules Blind Sql Injection. + Info: Software: Blakord Portal HomePage: http://www.cdv3k.com Exploit: Blind Sql Injection High Where: All Modules Bug Found By: JosS / Jose Luis Gуngora Fernбndez Contact: sys-projectathotmail.com Web: http://www.spanish-hackers.com...

RunCMS 1.6 Remote Blind SQL Injection Exploit (IDS evasion)

Exploit for unknown platform in category web applications =========================================================== RunCMS 1.6 Remote Blind SQL Injection Exploit IDS evasion =========================================================== // / RUNCMS 1.6 BLIND SQL Injection Exploit + IDS evasion / /...