4534 matches found
PT-2006-6587 · Exporia · Exporia
Name of the Vulnerable Software and Affected Versions: Exporia version 0.3.0 Description: A remote file inclusion issue in common.php allows remote attackers to execute arbitrary PHP code via a URL in the lan parameter. However, it's noted that further analysis by SecurityFocus disputes this issu...
[KAPDA::#61] - PacPoll <= 4.0 Multiple Vulnerabilities
KAPDA New advisory Vulnerable product : PacPoll = 4.0 Vendor: http://www.pacosdrivers.com/asp/poll/poll.asp Vulnerability: Admin Logon bypass , SQLInjection Date : -------------------- Found : 2006/10/10 Vendor Contacted : N/A Release Date : 2006/10/25 Vulnerabilities: -------------------- Admin...
phpBB Insert User Mod 0.1.2 - Remote File Inclusion
phpBB Insert User Mod 0.1.2 - Remote File Inclusion !/usr/bin/perl PHPBB insert user 0.1.2 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://www.grahameames.co.uk/phpbb/downloads/insertuser0.1.2.zip use IO::Socket; use LWP::Simple;...
simpleboard110.txt
World Defacers Team ====================================== --------------------Summary---------------- eVuln ID: WD23 Vendor: SimpleBoard Mambo Component 1.1.0 Vendor's Web Site: mamboxchange.com/projects/simpleboard Class: Remote PoC/Exploit: Available Solution: Not Available Discovered by:...
cutenews13.txt
Welcome people In World Defacers Team World Defacers Team ====================================== --------------------Summary---------------- eVuln ID: WD22 Vendor: CuteNews 1.3. Vendor's Web Site: http://cutephp.com/ Software: Live Customer Support Solution :- http://www.pansionat.net/novost/...
PHP Live! 3.2.1 - help.php Remote File Inclusion
PHP Live! 3.2.1 - help.php Remote File Inclusion Advisory: PHPLive 3.2 Remote Injection Vulnerability Release Date: 2006/07/23 Author: magnific Discovered: aneurysm.inc security reserach Risk: High Vendor Status: not contacted | no patch available Vendor Site: www.osicodes.com Contact:...
[KAPDA::#44] - NewsCMSLite Login ByPass by Cookie
KAPDA::44 - NewsCMSLite Login ByPass by Cookie Vulnerability KAPDA New advisory Vulnerable product : NewsCMSLite Vendor: http://www.katywhitton.com Vulnerability: Authentication Flaw in 'newsadmin.asp' Lets Remote User Gain Administrative Access . Date : -------------------- Found : 2006/05/21...
Mozilla Firefox <= 1.5.0.2 (js320.dll/xpcom_core.dll) Denial of Service PoC
Exploit for multiple platform in category dos / poc =========================================================================== Mozilla Firefox var textarea = document.getElementsByName"xOtherInfo"; textarea=textarea.item0; var htmlarea = document.createElement"div"; htmlarea.className =...
Mozilla Firefox <= 1.5.0.2 (js320.dll/xpcom_core.dll) Denial of Service PoC
No description provided by source. !-- --------------------------------------------------- Software: Firefox Web Browser Tested: Linux, Windows clients' version 1.5.0.2 Result: Firefox Remote Code Execution and Denial of Service - Vendor contacted, no patch yet. Problem: A handling issue exists i...
[eVuln] MWGuest XSS Vulnerability
New eVuln Advisory: MWGuest XSS Vulnerability http://evuln.com/vulns/122/summary.html --------------------Summary---------------- eVuln ID: EV0122 Vendor: Manic Web Software: MWGuest Sowtware's Web Site: http://www.manicweb.co.uk/ Versions: 2.1.0 Critical Level: Harmless Type: Cross-Site Scriptin...
[eVuln] CzarNews XSS and Multiple SQL Injection Vulnerabilities
New eVuln Advisory: CzarNews XSS and Multiple SQL Injection Vulnerabilities http://evuln.com/vulns/118/summary.html --------------------Summary---------------- eVuln ID: EV0118 CVE: CVE-2006-1640 CVE-2006-1641 Software: CzarNews Sowtware's Web Site: http://www.czaries.net/scripts/ Versions: 1.14...
CanfTool v1.1 Cross Site Scripting Attack
Cross Site Scripting Attack CanfTool v1.1 ========================================= Description : Conftool is a Web-based online system that was developed to supports many administrative tasks of conferences, workshops and seminars. It can help to make the management of events easier and much mor...
[eVuln] Maian Weblog Multiple SQL Injection Vulnerabilities
New eVuln Advisory: Maian Weblog Multiple SQL Injection Vulnerabilities http://evuln.com/vulns/101/summary.html --------------------Summary---------------- eVuln ID: EV0101 CVE: CVE-2006-1334 Software: Maian Weblog Sowtware's Web Site: http://www.maianscriptworld.co.uk/ Versions: 2.0 Critical...
[eVuln] Vegas Forum SQL Injection Vulnerability
New eVuln Advisory: Vegas Forum SQL Injection Vulnerability http://evuln.com/vulns/90/summary.html --------------------Summary---------------- eVuln ID: EV0090 CVE: CVE-2006-1020 Software: Vegas Forum Sowtware's Web Site: http://www.battlereports.com/downloads.php Versions: 1.0 Critical Level:...
[eVuln] Skate Board Multimple Vulnerabilities
New eVuln Advisory: Skate Board Multimple Vulnerabilities http://evuln.com/vulns/84/summary.html --------------------Summary---------------- eVuln ID: EV0084 CVE: CVE-2006-0809 CVE-2006-0810 CVE-2006-0811 Software: Skate Board Sowtware's Web Site: http://bb.jiraiya.se/main.php?content=start...
EV0076.txt
New eVuln Advisory: Guestex Shell Command Execution Vulnerability http://evuln.com/vulns/76/summary.html --------------------Summary---------------- eVuln ID: EV0076 CVE: CVE-2006-0777 Software: Guestext Sowtware's Web Site: http://www.teca-scripts.com/ Versions: 1.0 Critical Level: Dangerous Typ...
[eVuln] Magic Downloads Unauthorized Data Modification
New eVuln Advisory: Magic Downloads Unauthorized Data Modification http://evuln.com/vulns/73/summary.html --------------------Summary---------------- eVuln ID: EV0073 CVE: CVE-2006-0722 Vendor: Reamday Enterprises Vendor's Web Site: http://reamdaysoft.com Software: Magic Downloads Sowtware's Web...
EV0063.txt
New eVuln Advisory: PHP Event Calendar XSS & User's Data Corruption Vulnerabilities http://evuln.com/vulns/63/summary.html --------------------Summary---------------- eVuln ID: EV0063 CVE: CVE-2006-0657 Vendor: Softcomplex Vendor's Web Site: http://www.softcomplex.com/ Software: PHP Event Calenda...
[eVuln] phphg Guestbook Multiple Vulnerabilities
New eVuln Advisory: phphg Guestbook Multiple Vulnerabilities http://evuln.com/vulns/58/summary.html --------------------Summary---------------- eVuln ID: EV0058 CVE: CVE-2006-0602 CVE-2006-0603 CVE-2006-0604 Vendor: Hinton Design Vendor's Web Site: http://www.hintondesign.org Software: phphg...
UebiMiauXSS.txt
I.Vulnerability UebiMiau Webmail System Cross Site Scripting Vulnerability II.Vendor Aldoir Ventura III.Affected Systems UebiMiau 2.7.9 latest release and probably previous versions. IV.About UebiMiau is a simple, yet efficient mail reader webmail supporting both IMAP and POP3 without dependence ...