50 matches found
IGNITION S.A.R.L. SQL Injection
Exploit Title: IGNITION s.a.r.l. SQL Injection Author: Th4 MasK Contact to ; [email protected] Software Website: http://www.educomoverseas.com Date : 14.02.2012 Platform : Php Dork : Designed and powered by IGNITION s.a.r.l. Demo Site :...
ReVou MicroBlogging Script Auth Bypass Vulnerabilty
Exploit for php platform in category web applications =================================================== ReVou MicroBlogging Script Auth Bypass Vulnerabilty =================================================== Name : ReVou MicroBlogging Script Auth Bypass Vulnerabilty Date : july 6,2010 Critical...
[Full-disclosure] POWER PHLOGGER v.2.2.5 (username) SQL Injection
POWER PHLOGGER v.2.2.5 username SQL Injection Author: Attila Gerendi Darkz Date: June 25, 2007 Package: POWER PHLOGGER http://www.phpee.com/ Versions Affected: v.2.2.5 Other versions may also be affected Severity: SQL Injection Description: Input passed to the "username" parameter in "login.php"...
PCPIN Chat <= 5.0.4 (login/language) Remote Code Execution Exploit
Exploit for unknown platform in category web applications ================================================================== PCPIN Chat works with magicquotesgpc = Off\r\n"; echo "dork: "powered by PCPIN.com"\r\n\r\n"; if $argc "" OR...
Linpha <= 1.0 multiple arbitrary local inclusion
------------- Linpha = 1.0 multiple arbitrary local inclusion ----------------- software: site: http://linpha.sourceforge.net/nuke/ description: " LinPHA is an easy to use, multilingual, flexible photo / image archive / album / gallery written in PHP. It uses a SQL database to store information...
runcms/e-xoops 1.1A and below file upload vulnerability
Products: runcms/e-xoops 1.1A http://www.runcms.org Summary: runcms/e-xoops 1.1A and below file upload vulnerability Description =========== runcms/e-xoops is an extensible, OO Object Oriented, easy to use dynamic web content management system written in PHP. runcms/e-xoops is the ideal tool for...
w-Agora Multiple Script Traversal Arbitrary File Access
The remote host is running w-agora, a web-based forum application written in PHP. The remote version of this software is prone to directory traversal attacks. A remote attacker could send specially crafted URL to read arbitrary files from the remote system with the privileges of the web server...
W-Agora Multiple Input Validation Vulnerabilities
Binary data 2339.prm...
Qualiteam X-Cart Multiple Script perl_binary Parameter Arbitrary Command Execution
The remote host is running Qualiteam X-Cart - a shopping cart software written in PHP. There is a bug in this software that could allow an attacker to execute arbitrary commands on the remote web server with the privileges of the web user. In addition to this, there are some flaws that could allo...
MidiCart Shopping Cart Software database vulnerability
Summary MIDICART is s an ASP and PHP based shopping Cart application with MS Access and SQL database. A security vulnerability in the product allows remote attackers to download the product's database, thus gain access to sensitive information about users of the product name, surname, address,...