18 matches found
EUVD-2003-1539
Malware in sbrugna...
EUVD-2003-1538
Malware in sbrugna...
MyABraCaDaWeb <= 1.0.3 (base) Remote File Include Vulnerabilities
No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class MyABraCaDaWebRemoteFileIncludePOCBase: vulID = '63954' version = '1' vulDate = '2006-09-08' author = ' '...
CVE-2003-1549
Cross-site scripting XSS vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the makw parameter...
CVE-2003-1548
MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message...
CVE-2003-1549
The CVE-2003-1549 entry describes a cross-site scripting (XSS) vulnerability in header.php of MyABraCaDaWeb 1.0.2 and earlier, exploitable via the ma_kw parameter. Root cause: insufficient input sanitization on ma_kw leading to script/HTML injection. Affected software: MyABraCaDaWeb prior to/incl...
CVE-2003-1548
The CVE-2003-1548 entry affects MyAbraCaDaWeb version 1.0.2 and earlier. The vulnerability is a path disclosure flaw: remote attackers can obtain installation path information via an error message triggered by an invalid IDAdmin or other parameter. This is a server-side information leak present i...
CVE-2006-4719
Multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the base parameter to 1 index.php or 2 pop.php...
CVE-2006-4719
CVE-2006-4719 describes multiple PHP remote file inclusion vulnerabilities in MyABraCaDaWeb 1.0.3. When register_globals is enabled, an attacker can supply a URL via the base parameter to index.php or pop.php to execute arbitrary PHP code on the affected system. The documented impact is arbitrary...
MyABraCaDaWeb 1.0.3 - base Remote File Inclusion
MyABraCaDaWeb 1.0.3 - base Remote File Inclusion ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- MyABraCaDaWeb v1.0.3 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=272 Script : MyABraCaDaWeb v1.0.3 Credits : ERNE Contact : [email protected] and...
MyABraCaDaWeb <= 1.0.3 (base) Remote File Include Vulnerabilities
No description provided by source. ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- MyABraCaDaWeb v1.0.3 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=272 Script : MyABraCaDaWeb v1.0.3 Credits : ERNE Contact : [email protected] and irc.gigachat.net...
MyABraCaDaWeb <= 1.0.3 (base) Remote File Include Vulnerabilities
Exploit for unknown platform in category web applications ================================================================= MyABraCaDaWeb = 1.0.3 base Remote File Include Vulnerabilities ================================================================= ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ----...
MyABraCaDaWeb 1.0.3 - 'base' Remote File Inclusion
ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ---- MyABraCaDaWeb v1.0.3 - Remote File Include Vulnerabilities site : http://www.comscripts.com/jump.php?action=script&id=272 Script : MyABraCaDaWeb v1.0.3 Credits : ERNE Contact : [email protected] and irc.gigachat.net kurdhack Thanks : BLaCKWHITE,...
CVE-2003-1549
Cross-site scripting XSS vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the makw parameter...
CVE-2003-1548
MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message...
MyAbraCadaWeb header.php ma_kw Parameter XSS
The remote host seems to be running MyAbraCadaWeb. An attacker may use it to perform a cross-site scripting attack on this host, or to reveal the full path to its physical location by sending a malformed request. %NASLMINLEVEL 70300 C Tenable Network Security, Inc Message-ID: From: "Gregory" Le...
[SCSA-010] Path Disclosure & Cross Site Scripting Vulnerability in MyABraCaDaWeb
Security Corporation Security Advisory SCSA-010 PROGRAM: MyABraCaDaWeb HOMEPAGE: http://www.webmaster-mag.net/ VULNERABLE VERSIONS: v1.0.2 and prior DESCRIPTION MyABraCaDaWeb is an other Content Management Systems like PHP-Nuke More informations at :...
MyABraCaDaWeb 1.0 - Full Path Disclosure
source: https://www.securityfocus.com/bid/7126/info MyABraCaDaWeb is reported to disclose path information in error messages when handling some invalid requests. This information could be useful in further attacks against a system hosting the software. http://www.example.com/index.php?IDAdmin=tes...