Smart PHP Subscriber Multiple Disclosure Vulnerabilities

Exploit for unknown platform in category web applications ======================================================== Smart PHP Subscriber Multiple Disclosure Vulnerabilities ========================================================...

No title provided

Directory traversal vulnerability in the ZipArchive::extractTo function in PHP 5.2.6 and earlier allows context-dependent attackers to write arbitrary files via a ZIP file with a file whose name contains .. dot dot sequences...

SocialEngine多个SQL注入漏洞

BUGTRAQ ID: 30342 SocialEngine是基于PHP的社会网络平台，允许在网站上创建社会网络。 在客户端认证期间，include/classuser.php文件没有正确地验证对seuser cookie参数的输入，include/classadmin.php文件没有正确的验证对seadmin参数的输入，这允许远程攻击者执行SQL注入攻击，无需有效的管理员凭据便以管理权限登录；此外SocialEngine没有正确地验证对模板数据的输入便储存到了模板中，远程攻击者可以注入并执行恶意PHP代码，导致完全控制服务器。 Webligo Developments...

vBulletin 3.7.1 PL1 and lower, vBulletin 3.6.10 PL1: XSS in modcp index

====================================================================== Advisory : XSS in modcp index Release Date : June 17th 2008 Application : vBulletin Version : vBulletin 3.7.1 PL1 and lower, vBulletin 3.6.10 PL1 and lower Platform : PHP Vendor URL : http://www.vbulletin.com/ Authors : Jessic...

security flaw

The zendhashinit function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service infinite loop by unserializing certain integer expressions, which only cause 32-bit arguments to be used after the check for a...

[MaxPatrol] SQL-injection in Ikonboard 3.1.x

MaxPatrol SQL-injection in Ikonboard 3.1.x Release Date: December 16, 2004 Date Reported: December 2, 2004 Severity: High Application: Ikonboard 3.1.x Affects versions: 3.1.0, 3.1.1, 3.1.2 and 3.1.3. Platform: PHP I. DESCRIPTION Input passed to the "st" and "keywords" parameters in "ikonboard.cgi...

[MaxPatrol] SQL-injection in Invision Power Board 2.x

SQL-injection in Invision Power Board 2.x MaxPatrol Security Advisory 11.18.04 November 18, 2004 Release Date: November 18, 2004 Date Reported: November 12, 2004 Severity: High Application: Invision Power Board v2.x Affects versions: IPB 2.0.0, IPB 2.0.1 and IPB 2.0.2. Platform: PHP I. DESCRIPTIO...

[Full-Disclosure] [Maxpatrol Security Advisory] Multiple vulnerabilities in DCP-Portal

Title: Maxpatrol Security Advisory Multiple vulnerabilities in DCP-Portal Date: 28.09.2004 Severity: Low Application: DCP-Portal, dcp-portal Platform: PHP I. DESCRIPTION -------------- Multiple vulnerabilities were found in DCP-Portal. A remote user can conduct cross-site scripting attacks and HT...

Information Disclosure Vulnerability in bitboard2

================================================ ------------------------------------------------ ------------www.bright-shadows.net------------ ------------------------------------------------ --------------theblacksheep&erik-------------- ------------------------------------------------...