2daybiz online classified system SQLi AND XSS Vulnerability

No description provided by source. Name : 2daybiz online classified system SQLi AND XSS Vulnerability Date : june, 16 2010 Vendor url :http://www.2daybiz.com/onlineclassifiedscript.html Critical Level : HIGH Author : Sid3^effects aKa HaRi shellc99atyahoo.com special thanks to : r0073r...

Softbiz Web Host Directory Script (host_id) - SQL Injection Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV89$2008 ----------------------------------------------------------------------------------------- ECHOADV89$2008 Softbiz Web Host Directory Script searchresult.php hostid...

LoudBlog 0.41 index.php template Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote...

PHP Script Directory Software (sbcat_id) SQL Injection Vulnerability

No description provided by source. == Author: BorN To K!LL - h4ck3r Contact: [email protected] == Script: PHP script directory software Version: n/a Link: http://www.softbizsolutions.com/script-directory-software.php == 3xploit: path/showcats.php?sbcatid=SQL-Injection 3xample:...

PHP 3-5 Ini_Restore() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19933/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. This...

LoudBlog 0.41 backend_settings.php language Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote...

Tours Manager 1.0 - (cityview.php cityid) SQL Injection Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= IN THE NAME OF ALLAH -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Tour...

iDev Rentals 1.0 - Multiple Vulnerabilities

No description provided by source. Title: ====== iDev Rentals v1.0 - Multiple Web Vulnerabilities Date: ===== 2012-11-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=760 VL-ID: ===== 758 Common Vulnerability Scoring System: ==================================== 3.5...

Gallery 1.4 index.php Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8814/info It has been reported that Gallery is prone to a remote file include vulnerability in the index.php script file. The problem occurs due to the program failing to verify the location in which it includes the...

Orbis CMS 1.0.2 - Arbitrary File Upload Vulnerability

No description provided by source. 'Orbis CMS' Arbitrary Script Execution Vulnerability CVE-2010-4313 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Orbis CMS' filemanfileupload.php script that allows any authenticat...

Astium VoIP PBX <= 2.1 build 25399 - Multiple Vulns Remote Root Exploit

No description provided by source. !/usr/bin/python +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Astium VoIP PBX = v2.1 build 25399 Multiple Vulns Remote Root Exploit Date : 01-02-2012 Author :...

Proxyroll.com Clone PHP Script Cookie Handling Vulnerability

No description provided by source. Exploit Title: Proxyroll.com Clone PHP Script Cookie Handling And Tamper Data Date: 02.01.2010 Author: DigitALL Thanks: Zombie KroNicKq NoFear and All 1923Turk.biz Members Version: 1.0 Code : This Site Go To /advertise.php and Paypal Buton Click and Firefox Tamp...

Network Tool 0.2 PHPNuke Addon Metacharacter Filtering Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3552/info Network Tool is a PHPNuke addon, written and maintained by Rick Fournier. It is designed to offer network features such as nmap, traceroute, and ping from a web interface. A problem with the package has been...

myphpPageTool 0.4.3 -1 Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6744/info myphpPageTool is prone to an issue which may allow remote attackers to include files located on remote servers. This issue is present in several PHP script files in the /doc/admin folder. Under some circumstance...

Free Image Hosting <= 1.0 (forgot_pass.php) File Include Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' | \\ | \\ | \ . . |\ \ \ /\ \ / /| || | | | | \ | \ Y / | || | | \ | \ \ / | || | |/ // / / ||| \ | / / \ / \ |\ /\ / / \ / \ | | | | / /\ \ / \ / \ | | | | / | / Y \ || / /| /| /...

gBook 1.4 Administrative Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6033/info A vulnerability has been discovered in gBook v1.4. It has been reported that it is possible for an unauthorized attacker to gain administrative access to gBook by passing a malicious request to a php script...

AutoIndex PHP Script (index.php) Directory Traversal Vulnerability

No description provided by source...

AutoIndex PHP Script 2.2.1 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25448/info AutoIndex PHP Script is prone a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the...

AutoIndex PHP Script 2.2.2 PHP_SELF Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26411/info AutoIndex PHP Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in...

AutoIndex PHP Script 2.2.2/2.2.3 Index.PHP Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26410/info AutoIndex PHP Script is prone to a remote denial-of-service vulnerability because the application fails to properly handle unexpected input. Successfully exploiting this issue allows remote attackers to consume...