19 matches found
EUVD-2007-1098
Malware in sbrugna...
PhotoStand 1.2 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22707/info PhotoStand is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the...
PhotoStand 1.2.0 - Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl App : PhotoStand 1.2.0 Site : http://www.photostand.org Remote Command Execution Exploit Credits to : Giovanni Buzzin, Osirys osirysatautisticidotorg Greets: drosophila, emgent, Fireshot PhotoStand is a used Image Gallery CMS. PhotoStand is...
PhotoStand 1.2.0 - Remote Command Execution
!/usr/bin/perl App : PhotoStand 1.2.0 Site : http://www.photostand.org Remote Command Execution Exploit Credits to : Giovanni Buzzin, "Osirys" osirysatautisticidotorg Greets: drosophila, emgent, Fireshot PhotoStand is a used Image Gallery CMS. PhotoStand is vulnerable to SQL Injection, AUTH BYPAS...
PhotoStand 1.2.0 Remote Command Execution Exploit
Exploit for unknown platform in category web applications ================================================= PhotoStand 1.2.0 Remote Command Execution Exploit ================================================= !/usr/bin/perl App : PhotoStand 1.2.0 Site : http://www.photostand.org Remote Command...
PhotoStand 1.2.0 Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl App : PhotoStand 1.2.0 Site : http://www.photostand.org Remote Command Execution Exploit Credits to : Giovanni Buzzin, "Osirys" osirysatautisticidotorg Greets: drosophila, emgent, Fireshot PhotoStand is a used Image Gallery CMS. PhotoStand is...
PhotoStand 1.2.0 Command Execution
!/usr/bin/perl App : PhotoStand 1.2.0 Site : http://www.photostand.org Remote Command Execution Exploit Credits to : Giovanni Buzzin, "Osirys" osirysatautisticidotorg Greets: drosophila, emgent, Fireshot PhotoStand is a used Image Gallery CMS. PhotoStand is vulnerable to SQL Injection, AUTH BYPAS...
PhotoStand 1.2.0 - Remote Command Execution
PhotoStand 1.2.0 - Remote Command Execution !/usr/bin/perl App : PhotoStand 1.2.0 Site : http://www.photostand.org Remote Command Execution Exploit Credits to : Giovanni Buzzin, "Osirys" osirysatautisticidotorg Greets: drosophila, emgent, Fireshot PhotoStand is a used Image Gallery CMS. PhotoStan...
Design/Logic Flaw
Photostand 1.2.0 allows remote attackers to obtain sensitive information via a ' quote character in 1 a PHPSESSID cookie or 2 the id parameter in an article action in index.php, which reveal the path in various error messages...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Photostand 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 message "comment" or 2 name field, or the 3 q parameter in a search action in index.php...
CVE-2007-1102
Photostand 1.2.0 allows remote attackers to obtain sensitive information via a ' quote character in 1 a PHPSESSID cookie or 2 the id parameter in an article action in index.php, which reveal the path in various error messages...
CVE-2007-1101
Multiple cross-site scripting XSS vulnerabilities in Photostand 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 message "comment" or 2 name field, or the 3 q parameter in a search action in index.php...
CVE-2007-1101
Multiple cross-site scripting XSS vulnerabilities in Photostand 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 message "comment" or 2 name field, or the 3 q parameter in a search action in index.php...
CVE-2007-1102
Photostand 1.2.0 allows remote attackers to obtain sensitive information via a ' quote character in 1 a PHPSESSID cookie or 2 the id parameter in an article action in index.php, which reveal the path in various error messages...
CVE-2007-1101
CVE-2007-1101 covers multiple cross-site scripting (XSS) vulnerabilities in Photostand 1.2.0. The flaws allow remote attackers to inject arbitrary web script or HTML via the (1) message/comment field, (2) name field, or (3) q parameter in the search action of index.php. The reports do not specify...
CVE-2007-1102
CVE-2007-1102 affects Photostand 1.2.0. The vulnerability allows remote attackers to obtain sensitive information through the string "'" in either a PHPSESSID cookie or the id parameter in index.php’s article action, causing error messages to reveal internal paths. According to NVD, the issue yie...
Photostand_1.2.0 Multiple Cross Site Scripting
Photostand1.2.0 Multiple Cross Site Scripting Vendor site : http://www.photostand.org/ Global risk : medium XSS ----- + Permanents Message & name fields are vulnerable to xss attacks. This kind of xss are pretty dangerous,because anyone who see the page gone get his cookie stolen and sended to th...
PhotoStand 1.2 - index.php Cross-Site Scripting
PhotoStand 1.2 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/22707/info PhotoStand is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...
PhotoStand 1.2 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/22707/info PhotoStand is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in t...