18 matches found
EUVD-2003-1539
Malware in sbrugna...
EUVD-2003-1538
Malware in sbrugna...
MyABraCaDaWeb <= 1.0.3 (base) Remote File Include Vulnerabilities
No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class MyABraCaDaWebRemoteFileIncludePOCBase: vulID = '63954' version = '1' vulDate = '2006-09-08' author = ' '...
CVE-2003-1549
The CVE-2003-1549 entry describes a cross-site scripting (XSS) vulnerability in header.php of MyABraCaDaWeb 1.0.2 and earlier, exploitable via the ma_kw parameter. Root cause: insufficient input sanitization on ma_kw leading to script/HTML injection. Affected software: MyABraCaDaWeb prior to/incl...
CVE-2003-1548
The CVE-2003-1548 entry affects MyAbraCaDaWeb version 1.0.2 and earlier. The vulnerability is a path disclosure flaw: remote attackers can obtain installation path information via an error message triggered by an invalid IDAdmin or other parameter. This is a server-side information leak present i...
CVE-2003-1549
Cross-site scripting XSS vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the makw parameter...
CVE-2003-1548
MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message...
CVE-2006-4719
Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to 1 index.php or 2 pop.php...
CVE-2006-4719
CVE-2006-4719 describes multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3. When register_globals is enabled, an attacker can supply a URL via the base parameter to index.php or pop.php to execute arbitrary PHP code on the affected system. The documented impact is arbitrary...
MyABraCaDaWeb 1.0.3 - base Remote File Inclusion
MyABraCaDaWeb 1.0.3 - base Remote File Inclusion ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- MyABraCaDaWeb v1.0.3 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=272 Script : MyABraCaDaWeb v1.0.3 Credits : ERNE Contact : [email protected] and...
MyABraCaDaWeb 1.0.3 - 'base' Remote File Inclusion
ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- MyABraCaDaWeb v1.0.3 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=272 Script : MyABraCaDaWeb v1.0.3 Credits : ERNE Contact : [email protected] and irc.gigachat.net kurdhack Thanks : BLaCKWHITE,...
MyABraCaDaWeb <= 1.0.3 (base) Remote File Include Vulnerabilities
No description provided by source. ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- MyABraCaDaWeb v1.0.3 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=272 Script : MyABraCaDaWeb v1.0.3 Credits : ERNE Contact : [email protected] and irc.gigachat.net...
MyABraCaDaWeb <= 1.0.3 (base) Remote File Include Vulnerabilities
Exploit for unknown platform in category web applications ================================================================= MyABraCaDaWeb = 1.0.3 base Remote File Include Vulnerabilities ================================================================= ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ----...
CVE-2003-1548
MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message...
CVE-2003-1549
Cross-site scripting XSS vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the makw parameter...
MyAbraCadaWeb header.php ma_kw Parameter XSS
The remote host seems to be running MyAbraCadaWeb. An attacker may use it to perform a cross-site scripting attack on this host, or to reveal the full path to its physical location by sending a malformed request. %NASLMINLEVEL 70300 C Tenable Network Security, Inc Message-ID: From: "Gregory" Le...
[SCSA-010] Path Disclosure & Cross Site Scripting Vulnerability in MyABraCaDaWeb
Security Corporation Security Advisory SCSA-010 PROGRAM: MyABraCaDaWeb HOMEPAGE: http://www.webmaster-mag.net/ VULNERABLE VERSIONS: v1.0.2 and prior DESCRIPTION MyABraCaDaWeb is an other Content Management Systems like PHP-Nuke More informations at :...
MyABraCaDaWeb 1.0 - Full Path Disclosure
source: https://www.securityfocus.com/bid/7126/info MyABraCaDaWeb is reported to disclose path information in error messages when handling some invalid requests. This information could be useful in further attacks against a system hosting the software. http://www.example.com/index.php?IDAdmin=tes...