CarLine Forum Russian Board 4.2 new.php name_ig_array1[1] Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/14045/info Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting, and HTML injection attacks. Forum Russian Board 4.2 ...

Basic Forum by JM LLC - Multiple Vulnerabilities

Basic Forum by JM LLC - Multiple Vulnerabilities Dear Offensive Security, I have discovered some vulnerabilities in Basic Forum, developed by JM LLC. Best regards, Sp3ctrecore ADVISORY ================================================ Basic Forum by JM LLC - Multiple Vulnerabilities...

CVE-2012-4393

Multiple cross-site request forgery CSRF vulnerabilities in ownCloud before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users for requests that use 1 addBookmark.php, 2 delBookmark.php, or 3 editBookmark.php in bookmarks/ajax/; 4 calendar/delete.php, 5 calendar/edit.php...

CVE-2010-5012

SQL injection vulnerability in new.php in DaLogin 2.2 and 2.2.5 allows remote attackers to execute arbitrary SQL commands via the id parameter. NOTE: some of these details are obtained from third party information...

WordPress WPtouch Plugin <= 1.9.20 - XSS

Because of this vulnerability in lib/includes/auth.inc.php, the attackers can inject arbitrary web script or HTML via the "wptouchsettings" parameter to include/adsense-new.php. Solution Update the plugin...

F3Site2009 Multiple LFI Exploit

Exploit for unknown platform in category web applications =============================== F3Site2009 Multiple LFI Exploit =============================== Exploit Title: F3Site2009 Multiple LFI Exploit Date: 18-12-2009 Author: cr4wl3r Software Link: http://code.google.com/p/f3site/ Version: N/A...

F3Site2009 Local File Inclusion

Exploit Title: F3Site2009 Multiple LFI Exploit Date: 18-12-2009 Author: cr4wl3r Software Link: http://code.google.com/p/f3site/ Version: N/A Tested on: GNU/LINUX Code poll.php : iffileexists'./cache/poll'.$GLOBALS'nlang'.'.php': include'./cache/poll'.$GLOBALS'nlang'.'.php'; 3xplo!t :...

SiSplet CMS 2008-01-24 - Multiple Remote File Inclusions

SiSplet CMS 3rr0r 2: ./SiSplet-2008-01-24/main/forum/komentar.php line 3 PoC : http://target/path/main/anketa/new.php?sitepath=Shell http://target/path/main/forum/komentar.php?sitepath=Shell Contact Me : cr4wl3r4tlinuxmaildotorg...

Dow Group - new.php SQL Injection

Dow Group - new.php SQL Injection ===================================== | Dow Group admin by pass new.php ===================================== Author:ProF.Code Email :[email protected] ===================================== dorkgoogle : intext:"powered and designed by Dow Group" demo username:...

Dow Group - &#039;new.php&#039; SQL Injection

===================================== | Dow Group admin by pass new.php ===================================== Author:ProF.Code Email :[email protected] ===================================== dorkgoogle : intext:"powered and designed by Dow Group" demo username:...

Dow Group (new.php) SQL Injection

Exploit for unknown platform in category web applications ================================= Dow Group new.php SQL Injection ================================= ===================================== | Dow Group admin by pass new.php ===================================== Author:ProF.Code...

Wordpress 2.7.0 admin remote code execution vulnerability-vulnerability warning-the black bar safety net

by Ryatpuretot mail: puretot at gmail dot com team: http://www.80vul.com date: 2008-12-18 Analysis: This vulnerability out in the background: wp-admin/post.php if currentusercan'editpost', $postID if $last = wpcheckpostlock $post-ID $lastuser = getuserdata $last ; $lastusername = $lastuser ?...

Arbitrary file edit, Local file include, Directory traversal and Full path disclosure in WordPress

Здравствуйте 3APA3A! Сообщаю вам о найденной мною Arbitrary file edit, Local file include, Directory traversal и Full path disclosure уязвимостях в WordPress. Дыры в файле templates.php в параметрах file и page и файлах edit-pages.php, categories.php, edit-comments.php, moderation.php, post.php и...

indexu-xss.txt

vulnerability script indexu all versions Found by :SwEET-DeViL & viP HaCkEr & HaCkEr sUn TeaM AL-GaRNi Application : indexu version : all versions URL : http://www.nicecoder.com/ google : "Powered by INDEXU 5." Exploits : |//1\| in upgrade.php...

vulnerability script indexu all versions

vulnerability script indexu all versions Found by :SwEET-DeViL & viP HaCkEr & HaCkEr sUn TeaM AL-GaRNi Application : indexu version : all versions URL : http://www.nicecoder.com/ google : "Powered by INDEXU 5." Exploits : |//1| in upgrade.php...

CarLine Forum Russian Board 4.2 - new.php Multiple Cross-Site Scripting Vulnerabilities

CarLine Forum Russian Board 4.2 - new.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/14045/info Forum Russian Board is prone to multiple input validation vulnerabilities. These issues can allow attackers to carry out SQL Injection, cross-site scripting...