48 matches found
EUVD-2006-2736
Malware in sbrugna...
EUVD-2007-4036
Malware in sbrugna...
EUVD-2008-5557
Malware in sbrugna...
EUVD-2007-2427
Malware in sbrugna...
Nukedit 4.9.x Login.ASP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25081/info Nukedit is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...
Nukedit CMS <= 4.9.6 Unauthorized Admin Add Exploit
No description provided by source. KAPDA - Security Science Researchers Institute Advisory : http://www.kapda.ir/advisory-337.html Vendor : http://www.nukedit.com/ What is : Nukedit is a Free Content Management Vulnerability : Unauthorized Admin Add Exploit if register.asp be enable! Discovered :...
Nukedit 4.9.8 - Remote Database Disclosure Vulnerability
No description provided by source. Title: Nukedit 4.9.8 Remote Database Disclosure Vulnerability Credit: Cyber.Zer0 Cyber.Zer04tHotmaildotcom Download: http://www.nukedit.com/content/Download.asp Remote: Yes Dork: Powered by Nukedit --=Database Disclosure=-- http://target.com/database/dbsite.mdb...
CVE-2008-5773
Nukedit 4.9.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for database/dbsite.mdb...
Improper access control
Nukedit 4.9.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for database/dbsite.mdb...
CVE-2008-5773
The CVE-2008-5773 issue affects Nukedit 4.9.8, where the application stores the database file (dbsite.mdb) under the web root with insufficient access control. This allows remote attackers to download the database via a direct request, potentially exposing usernames and passwords. Connected sourc...
CVE-2008-5773
Nukedit 4.9.8 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing usernames and passwords via a direct request for database/dbsite.mdb...
Nukedit Database Disclosure
Title: Nukedit 4.9.8 Remote Database Disclosure Vulnerability Credit: Cyber.Zer0 Cyber.Zer04tHotmaildotcom Download: http://www.nukedit.com/content/Download.asp Remote: Yes Dork: "Powered by Nukedit" --=Database Disclosure=-- http://target.com/database/dbsite.mdb Live Demo...
Nukedit 4.9.8 Remote Database Disclosure Vulnerability
No description provided by source. Title: Nukedit 4.9.8 Remote Database Disclosure Vulnerability Credit: Cyber.Zer0 Cyber.Zer04tHotmaildotcom Download: http://www.nukedit.com/content/Download.asp Remote: Yes Dork: "Powered by Nukedit" --=Database Disclosure=-- http://target.com/database/dbsite.md...
Nukedit 4.9.8 - Remote Database Disclosure
Nukedit 4.9.8 - Remote Database Disclosure Title: Nukedit 4.9.8 Remote Database Disclosure Vulnerability Credit: Cyber.Zer0 Cyber.Zer04tHotmaildotcom Download: http://www.nukedit.com/content/Download.asp Remote: Yes Dork: "Powered by Nukedit" --=Database Disclosure=--...
Nukedit 4.9.8 Remote Database Disclosure Vulnerability
Exploit for unknown platform in category web applications ====================================================== Nukedit 4.9.8 Remote Database Disclosure Vulnerability ====================================================== Title: Nukedit 4.9.8 Remote Database Disclosure Vulnerability Credit:...
Nukedit 4.9.8 - Remote Database Disclosure
Title: Nukedit 4.9.8 Remote Database Disclosure Vulnerability Credit: Cyber.Zer0 Cyber.Zer04tHotmaildotcom Download: http://www.nukedit.com/content/Download.asp Remote: Yes Dork: "Powered by Nukedit" --=Database Disclosure=-- http://target.com/database/dbsite.mdb Live Demo...
Sql injection
SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter...
CVE-2008-5582
SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter...
CVE-2008-5582
SQL injection vulnerability in utilities/login.asp in Nukedit 4.9.x, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the email parameter...
CVE-2008-5582
CVE-2008-5582: SQL injection in Nukedit 4.9.x (and possibly earlier) in utilities/login.asp via the email parameter. The ASP script does not sanitize input before using it in a database query, enabling unauthenticated remote attackers to manipulate queries and potentially disclose or modify data....