Lucene search
K

406 matches found

securityvulns
securityvulns
added 2003/05/21 12:0 a.m.42 views

ttCMS/ttForum multiple bugs

SQL injection via username in Profile.php. PHP injection in News.php, install.php...

3.2AI score
Exploits0References3Affected Software2
securityvulns
securityvulns
added 2003/04/23 12:0 a.m.43 views

[NGSEC-2003-5] YABB SE, remote command execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Next Generation Security Technologies http://www.ngsec.com Security Advisory Title: YABB SE, remote command execution. ID: NGSEC-2003-5 Application: YABB SE up to 1.5.1 Date: 04/22/2003 Status: Vendor contacted, new fixed version available. Platforms:...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2003/02/27 12:0 a.m.38 views

GOnicus System Administrator php injection

I. BACKGROUND The GOnicus System Administrator is a PHP based administration tool for managing accounts/systems in LDAP databases. Project homepage : http://www.gonicus.de II. DESCRIPTION A remote attacker can inject into GOsa arbitrary PHP code that executes under the privileges of the underlyin...

1.7AI score
Exploits0
exploitpack
exploitpack
added 2002/10/02 12:0 a.m.34 views

MySimpleNews 1.0 - PHP Injection

MySimpleNews 1.0 - PHP Injection source: https://www.securityfocus.com/bid/5865/info MySimpleNews allows users to enter news articles through a web interface. It will allow PHP code to be injected into URI parameters of the 'users.php' script, which will be stored into a MySimpleNews file...

Exploits0
Exploit DB
Exploit DB
added 2002/10/02 12:0 a.m.32 views

MySimpleNews 1.0 - PHP Injection

source: https://www.securityfocus.com/bid/5865/info MySimpleNews allows users to enter news articles through a web interface. It will allow PHP code to be injected into URI parameters of the 'users.php' script, which will be stored into a MySimpleNews file news.php3. The injected code may then be...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/06/18 12:0 a.m.58 views

malicious PHP source injection in phpBB

JCC Security Advisory June 16, 2002 malicious PHP source injection in phpBB Description phpBB is one of popular PHP bulletin board systems. When allowurlfopen = On and registerglobals = On in php.ini, phpBB has vulnerability because install.php contains dangerous codes. So an attacker can include...

7.4AI score
Exploits0
Rows per page
Query Builder