CVE-2007-3269

Multiple cross-site scripting XSS vulnerabilities in Papoo Light 3.6 before 20070611 allow remote attackers to inject arbitrary web script or HTML via 1 the URI in a GET request or 2 the Title field of a visitor comment, and 3 allow remote authenticated users to inject arbitrary web script or HTM...

CVE-2007-3269

Multiple cross-site scripting XSS vulnerabilities in Papoo Light 3.6 before 20070611 allow remote attackers to inject arbitrary web script or HTML via 1 the URI in a GET request or 2 the Title field of a visitor comment, and 3 allow remote authenticated users to inject arbitrary web script or HTM...

CVE-2007-3269

Papoo Light 3.6 before 20070611 is affected by multiple XSS vulnerabilities per CVE-2007-3269: an attacker can inject arbitrary script via (1) the URI in a GET request, (2) the Title field of a visitor comment, and (3) a message to another user. The note mentions that vector (2) might overlap CVE...

Papoo CMS - Multiple Cross Site Scripting

Papoo Content Management System Multiple Cross Site Scriptings Jun 12 2007 ------------------------------------------------------------------------------- Product Papoo Content Management System Vulnerable Versions Papoo Light 3.6 Vendor Status The Vendor was notified and the issue fixed. A patch...

Sql injection

SQL injection vulnerability in kontakt.php in Papoo 3.02 and earlier allows remote attackers to execute arbitrary SQL commands via the menuid parameter, a different vector than CVE-2005-4478...

CVE-2007-2320

SQL injection vulnerability in kontakt.php in Papoo 3.02 and earlier allows remote attackers to execute arbitrary SQL commands via the menuid parameter, a different vector than CVE-2005-4478...

CVE-2007-2320

Papoo vulnerable component: kontakt.php in Papoo 3.02 and earlier. The issue is an SQL injection manifested through the menuid parameter, allowing remote attackers to execute arbitrary SQL commands. This CVE is referenced alongside CVE-2005-4478, indicating a related vulnerability family in Papoo...

CVE-2007-2320

SQL injection vulnerability in kontakt.php in Papoo 3.02 and earlier allows remote attackers to execute arbitrary SQL commands via the menuid parameter, a different vector than CVE-2005-4478...

papoo-sql.txt

126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==1...

Papoo 3.02 (kontakt menuid) Remote SQL Injection Exploit

No description provided by source. ? / Autor: Kacper Contact: [email protected] Homepage: http://www.rahim.webd.pl/ Irc: irc.milw0rm.com:6667 devilteam Pozdro dla wszystkich z kanalu IRC oraz forum DEVIL TEAM. //dork: \"Help Contact Imprint Sitemap\" | \"powered by papoo\" | \"powered...

Papoo 3.02 - kontakt menuid SQL Injection

Papoo 3.02 - kontakt menuid SQL Injection 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==...

Papoo <= 3.02 (kontakt menuid) Remote SQL Injection Exploit

No description provided by source. ? / Autor: Kacper Contact: [email protected] Homepage: http://www.rahim.webd.pl/ Irc: irc.milw0rm.com:6667 devilteam Pozdro dla wszystkich z kanalu IRC oraz forum DEVIL TEAM. //dork: "Help Contact Imprint Sitemap" | "powered by papoo" | "powered by cms papoo"...

Papoo <= 3.02 (kontakt menuid) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =========================================================== Papoo 126 $result.=" ."; else $result.=" ".$string$i; if strlen...

Papoo 3.02 - kontakt menuid SQL Injection

126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if...

Papoo CMS 3.2 - IBrowser Remote File Inclusion

Papoo CMS 3.2 - IBrowser Remote File Inclusion source: https://www.securityfocus.com/bid/19807/info Papoo CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containin...

Papoo CMS 3.2 - IBrowser Remote File Inclusion

source: https://www.securityfocus.com/bid/19807/info Papoo CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the...

CVE-2006-3571

Multiple cross-site scripting XSS vulnerabilities in interna/hilfe.php in Papoo 3 RC3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 titel or 2 ausgabe parameters...

CVE-2006-3572

SQL injection vulnerability in forumthread.php in Papoo 3 RC3 and earlier allows remote attackers to execute arbitrary SQL commands via the msgid parameter...

CVE-2006-3572

The vulnerability CVE-2006-3572 affects Papoo 3 RC3 and earlier, specifically the forumthread.php component. The root cause is an SQL injection in the msgid parameter, which could allow remote attackers to execute arbitrary SQL commands. The issue is documented with a base CVSS v2 score of 7.5 (H...

CVE-2006-3571

CVE-2006-3571: Multiple cross-site scripting (XSS) flaws in Papoo 3 RC3 and earlier affect interna/hilfe.php. The vulnerability allows remote injection of arbitrary web script/HTML via the (1) titel and (2) ausgabe parameters. Impact described only as XSS without official patch details in the pro...