Gallery MX 2.0.0 (pics_pre.asp ID) Blind SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================================== Gallery MX 2.0.0 picspre.asp ID Blind SQL Injection Vulnerability ==================================================================== Tybe:picspre.asp ID Blind SQL...

CVE-2008-2477

CVE-2008-2477 describes a SQL injection vulnerability in the MX-System/MxBB Portal 2.7.3, specifically in index.php where the vulnerable input is the page parameter. The underlying issue is improper handling of user-supplied input in constructing SQL queries, enabling remote attackers to execute ...

MX-System 2.7.3 (index.php page) Remote SQL Injection Vulnerability

No description provided by source. Name : MX-System 2.7.3 index.php page Remote SQL Injection Vulnerability Author : cOndemned Dork : intext:Powered by MX-System 2.7.3 Greetz : ZaBeaTy, str0ke, doctor, Avantura /3 PoC :...

mxsystem-sql.txt

Name : MX-System 2.7.3 index.php page Remote SQL Injection Vulnerability Author : cOndemned Dork : intext:Powered by MX-System 2.7.3 Greetz : ZaBeaTy, str0ke, doctor, Avantura /3 PoC : http://target/path/index.php?page=-1+union+select+1,2,3,4,5,concatwschar58,version,user,now/...

MX-System 2.7.3 - index.php SQL Injection

MX-System 2.7.3 - index.php SQL Injection Name : MX-System 2.7.3 index.php page Remote SQL Injection Vulnerability Author : cOndemned Dork : intext:Powered by MX-System 2.7.3 Greetz : ZaBeaTy, str0ke, doctor, Avantura /3 PoC :...

MX-System 2.7.3 - 'index.php' SQL Injection

Name : MX-System 2.7.3 index.php page Remote SQL Injection Vulnerability Author : cOndemned Dork : intext:Powered by MX-System 2.7.3 Greetz : ZaBeaTy, str0ke, doctor, Avantura /3 PoC : http://target/path/index.php?page=-1+union+select+1,2,3,4,5,concatwschar58,version,user,now/...

MX-System 2.7.3 (index.php page) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications =================================================================== MX-System 2.7.3 index.php page Remote SQL Injection Vulnerability =================================================================== Name : MX-System 2.7.3 index.php page...

Adobe Flash CS3 Professional / Macromedia Flash MX code execution

Multiple code execution vulnerabilities on .FLV files parsing...

Imperva SecureSphere 5.0 - Cross-Site Scripting

Imperva SecureSphere 5.0 - Cross-Site Scripting source: https://www.securityfocus.com/bid/28279/info Imperva SecureSphere is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitra...

CVE-2008-0644

Adobe ColdFusion MX 7.x (7.00, 7.01, 7.02) and ColdFusion 8 are affected by a cross‑site scripting bypass via the setEncoding function. The Seebug entry confirms remote attackers can trigger XSS through inadequate handling of CGI variables and setEncoding, with the impact being bypassed XSS prote...

CVE-2003-1469

The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message...

CVE-2003-1469

The CVE: CVE-2003-1469 affects Macromedia ColdFusion MX. The default configuration enables Robust Exception Information, which allows remote attackers to obtain the web server’s full path via a direct request to CFIDE/probe.cfm, leaking the path in an error message. Affected component is the CFID...

mxbb233-rfi.txt

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + mxBB Module mxglance 2.3.3 Remote File Include Vulnerability + + + + Discovered by bd0rk || SOH-Crew + + + + www.soh-crew.it.tt + + + + The german Coding and IT-Security Ressource + + +...

Immunity Canvas: ADMINBOT_INCLUDE

Name| adminbotinclude ---|--- CVE| CVE-2007-2986 Exploit Pack| CANVAS Description| AdminBot-MX Remote file inclusion Notes| References: http://www.securityfocus.com/bid/24231 CVE Name: CVE-2007-2986 VENDOR: Nexen Notes: None Repeatability: Infinite Date public: 05/30/07 CERT Advisory: None CVE Ur...

Remote file inclusion

PHP remote file inclusion vulnerability in lib/livestatus.lib.php in AdminBot MX 9.0.5 allows remote attackers to execute arbitrary PHP code via a URL in the ROOT parameter...

CVE-2007-2986

PHP remote file inclusion vulnerability in lib/livestatus.lib.php in AdminBot MX 9.0.5 allows remote attackers to execute arbitrary PHP code via a URL in the ROOT parameter...

CVE-2007-2986

AdminBot MX 9.0.5 contains a PHP remote file inclusion vulnerability in lib/live_status.lib.php where the ROOT parameter can be used to load arbitrary PHP code, enabling remote code execution. Exploitation details and references are listed (e.g., Exploit-DB, X-Force). The documents do not specify...

adminbot-rfi.txt

AdminBot-MX Remote file inclusion Download script : http://download.nexen.org/tools/adminbot/adminbothttp-mxb2.tar.gz Thanks Str0ke :D Exploit : http://127.0.0.1/adminbotpath/lib/livestatus.lib.php?ROOT=shell.txt? Discovered by ThE TiGeR MiroTigeratHotmail.com...

mxBB Module FAQ & RULES 2.0.0 Remote File Inclusion Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' mxBB Module MX Faq & Rules = 2.0.0 faq.php Remote File Include Exploit Vendor: http://www.mx-system.com/modules/mxpafiledb/dload.php?action=download&fileid=371 Bug found and Exploit by bd0rk from SOH-Crew Website1:...

Remote file inclusion

PHP remote file inclusion vulnerability in admin/adminalbumotf.php in the MX Smartor Full Album Pack FAP 2.0 RC1 module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...