Groone's Simple Contact Form (abspath) RFI Vulnerability

Exploit for php platform in category web applications ======================================================== Groone's Simple Contact Form abspath RFI Vulnerability ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0...

migascms "Xinha" Plugin Configuration Injection Vulnerability

Exploit for php platform in category web applications ============================================================= migascms "Xinha" Plugin Configuration Injection Vulnerability =============================================================...

Authentication flaw

EZ-Blog Beta 1 does not require authentication, which allows remote attackers to create or delete arbitrary posts via requests to PHP scripts...

CVE-2009-4801

CVE-2009-4801 affects EZ-Blog Beta 1. The vulnerability is an authentication bypass: remote attackers can craft requests to PHP scripts to create or delete arbitrary posts due to missing access control. Root cause is lack of authentication on post-manipulation endpoints, enabling network-based, u...

CVE-2009-4801

EZ-Blog Beta 1 does not require authentication, which allows remote attackers to create or delete arbitrary posts via requests to PHP scripts...

CVE-2009-4685

Cross-site scripting XSS vulnerability in celebrities.php in PHP Scripts Now Astrology allows remote attackers to inject arbitrary web script or HTML via the day parameter...

CVE-2009-4685

Cross-site scripting XSS vulnerability in celebrities.php in PHP Scripts Now Astrology allows remote attackers to inject arbitrary web script or HTML via the day parameter...

CVE-2009-4685

Technical details about CVE-2009-4685 are not publicly provided in the supplied documents. Monitor for updates; the available sources only reiterate that it is a Cross-site Scripting vulnerability in celebrities.php and the day parameter, without deeper technical data.

MediaWiki Parser Script Insertion (CVE-2006-2611)

A Wiki is generally referred to a collaborative online system that allows many users to easily contribute content by creating web pages that have a common look and feel and that may be changed and revised at any time. MediaWiki is a popular implementation of the Wiki system. It uses a number of P...

odlican.net CMS 1.5 - Arbitrary File Upload

odlican.net cms v.1.5 remote file upload vulnerability Author: Anonymous you can download following cms here http://cms.odlican.net/files/cmsv1-5.zip Info:odlican.net cms v.1.5 is simple opensource cms made by croatian web designers and it has serious flaw. dork:Powered by odlican.net cms v.1.5...

Odlican CMS 1.5 File Upload

odlican.net cms v.1.5 remote file upload vulnerability Author: REMOVED AT REQUEST OF AUTHOR you can download following cms here http://cms.odlican.net/files/cmsv1-5.zip Info:odlican.net cms v.1.5 is simple opensource cms made by croatian web designers and it has serious flaw. dork:Powered by...

Evernew Free Joke Script SQL Injection

/ Name : Evernew Free Joke Script viewjokes.php SQL Injection WebSite : www.evernewscripts.com Download : http://www.evernewscripts.com/free-php-scripts/jokescript1.2.zip Author : Hamza 'MizoZ' N. Email : [email protected] Greetz : Zuka , int0x80 , geeksec.com ... a loot / VULN CODE -- viewjokes.p...

Serendipity < 1.5 File Extension Processing Arbitrary File Upload Vulnerability

Serendipity is prone to arbitrary file upload vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:s9y:serendipity";...

Simple PHP Blog &lt;= 0.5.1 Local File Include vulnerability

No description provided by source. ============================================= INTERNET SECURITY AUDITORS ALERT 2009-005 - Original release date: March 2nd, 2009 - Last revised: December 18th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.8/10 CVSS scored...

Simple PHP Blog 0.5.1 Local File Inclusion

============================================= INTERNET SECURITY AUDITORS ALERT 2009-005 - Original release date: March 2nd, 2009 - Last revised: December 18th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.8/10 CVSS scored ============================================= I. VULNERABILITY...

CVE-2009-2884

Cross-site scripting XSS vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to inject arbitrary web script or HTML via the rank parameter...

CVE-2009-2888

SQL injection vulnerability in index.php in PHP Scripts Now Hangman allows remote attackers to execute arbitrary SQL commands via the n parameter...

CVE-2009-2885

SQL injection vulnerability in bios.php in PHP Scripts Now World's Tallest Buildings allows remote attackers to execute arbitrary SQL commands via the rank parameter...

CVE-2009-2890

Cross-site scripting XSS vulnerability in results.php in PHP Scripts Now Riddles allows remote attackers to inject arbitrary web script or HTML via the searchquery parameter...

CVE-2009-2887

Cross-site scripting XSS vulnerability in bios.php in PHP Scripts Now President Bios allows remote attackers to inject arbitrary web script or HTML via the rank parameter...