52 matches found
SiteX CMS 0.7.4 beta (/photo.php) SQL-Injection exploit
No description provided by source. ?php echo "\n\n\n"; echo " \n"; echo " Product: SiteX CMS 0.7.4 beta /photo.php SQL-Injection exploit \n"; echo " Usage: php.exe sitex.php www.site.com /cmspath/ \n"; echo " Require: Magicquotes = off \n"; echo " Author: Sc0rpi0n RUS http://scorpion.su \n"; echo...
SiteX CMS 0.7.4 Beta - 'photo.php' SQL Injection
?php echo "\n\n\n"; echo " \n"; echo " Product: SiteX CMS 0.7.4 beta /photo.php SQL-Injection exploit \n"; echo " Usage: php.exe sitex.php www.site.com /cmspath/ \n"; echo " Require: Magicquotes = off \n"; echo " Author: Sc0rpi0n RUS http://scorpion.su \n"; echo " Special for Antichat...
SiteX CMS 0.7.4 beta (photo.php) SQL-Injection exploit
Exploit for php platform in category web applications ====================================================== SiteX CMS 0.7.4 beta photo.php SQL-Injection exploit ====================================================== ?php echo "\n\n\n"; echo " \n"; echo " Product: SiteX CMS 0.7.4 beta /photo.php...
CVE-2009-0446
SQL injection vulnerability in photo.php in WEBalbum 2.4b allows remote attackers to execute arbitrary SQL commands via the id parameter...
WEBalbum 2.4b (photo.php id) Blind SQL Injection Exploit
No description provided by source. ?php iniset"maxexecutiontime",0; printr' WEBalbum v2.4b Blind SQL Injection Exploit Some webpages have a diffirint table name ---- xoron ----- [email protected] XORON c 2009 WARNING!: php xoron.php "http://www.web-album.org/PATH/photo.php?id=1" '; if $argc 1 $ur...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in FlatnuX CMS aka Flatnuke3 2008-12-11 allow remote attackers to inject arbitrary web script or HTML via 1 the mod parameter to the default URI; 2 the foto parameter to photo.php in the 05Foto module; or 3 the name parameter in an insertrecord...
CVE-2008-4348
SQL injection vulnerability in photo.php in PHPortfolio, possibly 1.3, allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2008-4348
PHPortfolio is affected by a SQL injection in photo.php (likely version ~1.3). The vulnerability enables remote attackers to inject SQL via the id parameter, potentially leading to arbitrary SQL execution. Public references include a known Exploit-DB entry (17316) and advisories citing the issue....
QuicO - 'photo.php' SQL Injection
source: https://www.securityfocus.com/bid/31154/info QuicO is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, o...
Unfixed XSS vulnerability at www.bit.te.ua
Security researcher THEMILLER, has submitted on 02/08/2008 a cross-site-scripting XSS vulnerability affecting www.bit.te.ua, which at the time of submission ranked 29207 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2008. It is currentl...
CVE-2005-0776
CVE-2005-0776 affects PhotoPost PHP 5.0 RC3, where adm-photo.php does not properly verify administrative privileges before manipulating photos. This could allow remote attackers to modify other users’ photos. The vulnerability details are described in multiple sources (e.g., NVD entry), but the p...
CVE-2005-0776
adm-photo.php in PhotoPost PHP 5.0 RC3 does not properly verify administrative privileges before manipulating photos, which could allow remote attackers to manipulate other users' photos...