11 matches found
EUVD-2005-0327
Malware in sbrugna...
EUVD-2005-0725
Malware in sbrugna...
paFileDB 3.6 (search.php) Remote SQL Injection Vulnerability
No description provided by source. Site: http://www.phparena.net/pafiledb Description: SQL injection categories in includes/search.php Code: $results = $db-GetArray"SELECT FROM ".$dbPrefix."files WHERE ".$searchin." AND filecatid IN ".implode',',$POST'categories'.""; Comment:"ouuch" SQL: UNION...
paFileDB 3.5.2/3.5.3 Remote Login Bypass SQL Injection Vulnerability
Exploit for unknown platform in category web applications ==================================================================== paFileDB 3.5.2/3.5.3 Remote Login Bypass SQL Injection Vulnerability ==================================================================== PafileDB Login SQL injection =...
paFileDB31XSS.txt
Vulnerable System : paFileDB 3.1 and less exploit : http://target/pafiledb.php?action="alertdocument.cookie discovered by : neO SecurityGurus Team www.securitygurus.net...
PaFileDB.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dcrab 's Security Advisory http://icis.digitalparadox.org/dcrab http://www.hackerscenter.com/ Severity: Medium Title: PaFileDB Version 3.1 and below are exploitable via a XSS and a SQL injection vulnerability Date: 31/03/2005 Vendor: PhpArena Vendor...
[SECURITYREASON.COM] Mass Full Path Disclosure in paFileDB
-= SecurityReason-2005-SRA02 =- -= Mass Full Path Disclosure in paFileDB =- Author: sp3x Date: 12 March 2005 Affected software : =================== paFileDB version : =3.1 Description : ============= paFileDB is designed to allow webmasters have a database of files for download on their site. To...
CVE-2005-0327
pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php...
[PersianHacker.net] Full Path Disclosure and PHP Injection In Pafiledb 3.1 Final
In the name of GOD Persianhacker.net Full Path Disclosure and PHP Injection In Pafiledb 3.1 Final PafileDB paFileDB is designed to allow webmasters have a database of files for download on their site. To add a download, all you do is upload the file using FTP or whatever method you use, log into...
CVE-2004-1551
Cross-site scripting XSS vulnerability in the 1 email or 2 file modules in paFileDB 3.1 Final allows remote attackers to execute arbitrary web script or HTML via the id parameter...
paFileDB sessions Directory Admin Hashed Password Disclosure
According to its version number, the remote installation of paFileDB is vulnerable to an attack that would allow the attacker to view the password hash of user accounts, including an administrator account, by making a direct request to the application's 'sessions' directory. This could allow an...