openSite 0.2.2 Beta - Local File Inclusion

opensite-v0.2.2-beta === Local File Include vuln By n0n0x Homepage: http://priasantai.uni.cc/ Download script :http://sourceforge.net/projects/contentone/files/openSite/opensite-v0.2.2-beta/opensite-v0.2.2-beta.zip/download ========================================= xpl :...

DEBIAN-CVE-2010-2545

Multiple cross-site scripting XSS vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing HPC Solution and other products, allow remote attackers to inject arbitrary web script or HTML via 1 the name element in an XML template to templatesimport.php; and allow remote...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in The Uniform Server 5.6.5 allow remote attackers to hijack the authentication of administrators for requests that change passwords via 1 apsetup.php, 2 psetup.php, 3 sslpsetup.php, or 4 mqsetup.php...

Joomla Autartitarot Directory Traversal

...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comautartitarot Directory Traversal Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON: LocalHost PRE-REQUERIMENTS:...

Cross-Site Scripting vulnerabilities in Invision Power Board

Hello 3APA3A! I want to warn you about new vulnerabilities in Invision Power Board. These are Cross-Site Scripting vulnerabilities. Attack is going via attachment at click on the attachment in the post at forum or on the link to this attachment. These are persistent XSS vulnerabilities. I know fo...

Gumblar Continues to Spread, Thousands of Sites Infected

Months after it first appeared on the scene, the Gumblar malware continues to infect thousands of servers across the Internet and is closing in on nearly 80,000 servers pointing to the hosts that are serving the malware. In just the last month, the number of servers redirecting users to the Gumbl...

Uploader 1.0 - File Hosting Script Shell Upload Vulnerability

Exploit for unknown platform in category web applications ============================================================== Uploaderr 1.0 - File Hosting Script Shell Upload Vulnerability ============================================================== Dork: "Instant Free File Uploader" Application:...

Sql injection

Multiple SQL injection vulnerabilities in FrontAccounting FA before 2.1.7, and 2.2.x before 2.2 RC, allow remote attackers to execute arbitrary SQL commands via unspecified parameters to 1 admin/db/usersdb.inc, and various other .inc and .php files under 2 admin/, 3 dimensions/, 4 gl/, 5...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in sample code in the XenServer Resource Kit in Citrix XenCenterWeb allow remote attackers to inject arbitrary web script or HTML via the 1 username parameter to config/edituser.php; 2 location, 3 sessionid, and 4 vmname parameters to console.php;...

GLSA-200909-14 : Horde: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200909-14 Horde: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Horde: Gunnar Wrobel reported an input sanitation and directory traversal flaw in framework/Image/Image.php, related to the 'HordeImage...

OpenPro Remote File Inclusion Vulnerability

This host is installed with OpenPro and is prone to Remote File Inclusion vulnerability. OpenVAS Vulnerability Test $Id: gbopenprofileincvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ OpenPro Remote File Inclusion Vulnerability Authors: Nikita MR Copyright: Copyright c 2009 Greenbone Networks GmbH,...

OpenPro Remote File Inclusion Vulnerability

OpenPro is prone to a remote file inclusion vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sql injection

Multiple SQL injection vulnerabilities in Pligg 9.9 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to vote.php, which is not properly handled in libs/link.php; 2 id parameter to trackback.php; 3 an unspecified parameter to submit.php; 4 requestTitle...

Moa Gallery 1.2.0 - Multiple Remote File Inclusions

Moa Gallery 1.2.0 - Multiple Remote File Inclusions $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% &&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&...

Directory traversal

Directory traversal vulnerability in index.php in MiniGal b13 aka MG2 allows remote attackers to read the source code of .php files, and possibly the content of other files, via a .. dot dot in the list parameter...

CVE-2008-6933

Directory traversal vulnerability in index.php in MiniGal b13 aka MG2 allows remote attackers to read the source code of .php files, and possibly the content of other files, via a .. dot dot in the list parameter...

Almond Classifieds Cross Site Scripting

-----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...

Information disclosure

KerviNet Forum 1.1 and earlier allows remote attackers to obtain sensitive information via a direct request to 1 admin/head.php, or 2 votingdiagram.php, 3 voting.php, 4 topicssearch.php, 5 topicslist.php, 6 toppart.php, 7 quicksearch.php, 8 quickreply.php, 9 modermenu.php, 10 messageslist.php, 11...

kervinet forum 1.1 - Multiple Vulnerabilities

dork: "Copyright KerviNet" eLwauxc 20.06.2009 Blind SQLinj /index.php ------------------------------------------------------------------------------------------------- if$COOKIE'userenter'=="auto" $enterlogin=$COOKIE'enterlogin'; $enterparol=$COOKIE'enterparol'; $mysql-query"SELECT name, pass,...

IceWarp Merak WebMail Server < 9.4.2 Multiple Vulnerabilities

The remote host is running IceWarp WebMail Server - a webmail server for Windows and Linux. According to its banner, the version of IceWarp installed on the remote host is earlier than 9.4.2. Such versions may reportedly be affected by multiple vulnerabilities : - A SQL injection vulnerability...