31 matches found
EUVD-2012-6354
Malware in sbrugna...
CVE-2012-6504
SQL injection vulnerability in mods/hours/data/gethours.php in PHP Volunteer Management 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2012-6505
Cross-site scripting XSS vulnerability in mods/hours/data/gethours.php in PHP Volunteer Management 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
php volunteer management 1.0.2 - Multiple Vulnerabilities
No description provided by source. Exploit Title: PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities Date: 04/21/12 Author: G13 Twitter: @g13net Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Category: webapp php ToC 0x01 Description 0x02 XSS 0x03 SQL...
PHP Volunteer Management System 1.0.2 - Arbitrary File Upload
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
PHP Volunteer Management System 1.0.2 - Multiple SQL Injection Vulnerabilities
No description provided by source. Title: PHP Volunteer Management System v 1.0.2 multiple SQLi Vulnerabilities Version: 1.0.2 Author/Found by: loneferret Software Site: https://sourceforge.net/projects/phpvolunteer/ Other vulnerabilities: http://www.exploit-db.com/exploits/18941/ Date found: May...
PHP Volunteer Management System 1.0.2 - Multiple Vulnerabilities
No description provided by source. Exploit Title: PHP Volunteer Management System v 1.0.2 Multiple Vulnerabilities Date: 05/28/12 Author: Ashoo Mail: [email protected] Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Tested on: IIS6.0-Windows 2003 ToC 1.0...
CVE-2012-6505
Cross-site scripting XSS vulnerability in mods/hours/data/gethours.php in PHP Volunteer Management 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2012-6504
SQL injection vulnerability in mods/hours/data/gethours.php in PHP Volunteer Management 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in mods/hours/data/gethours.php in PHP Volunteer Management 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2012-6505
Cross-site scripting XSS vulnerability in mods/hours/data/gethours.php in PHP Volunteer Management 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter...
CVE-2012-6504
SQL injection vulnerability in mods/hours/data/gethours.php in PHP Volunteer Management 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2012-6505
CVE-2012-6505 is an XSS vulnerability in PHP Volunteer Management 1.0.2, specifically in mods/hours/data/get_hours.php where the id parameter can be abused to inject arbitrary script/HTML. Affected component is the get_hours.php routine; root cause is improper handling/validation of the id input....
CVE-2012-6504
CVE-2012-6504 affects PHP Volunteer Management 1.0.2, with the vulnerability in mods/hours/data/get_hours.php . An attacker can exploit an SQL injection via the id parameter to execute arbitrary SQL commands. The NVD metrics show a base score of 7.5 (HIGH) with network access, low attack complexi...
PHP Volunteer Management System v1.0.2 Arbitrary File Upload
Exploit for php platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
PHP Volunteer Management System v1.0.2 Arbitrary File Upload
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "PHP Volunteer...
PHP Volunteer Management System 1.0.2 - Arbitrary File Upload (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "PHP Volunteer...
PHP Volunteer Management System v1.0.2 Arbitrary File Upload Vulnerability
This module exploits a vulnerability found in PHP Volunteer Management System, version v1.0.2 or prior. This application has an upload feature that allows an authenticated user to upload anything to the 'uploads' directory, which is actually reachable by anyone without a credential. An attacker c...
PHP Volunteer Management System 1.0.2 - Multiple Vulnerabilities
PHP Volunteer Management System 1.0.2 - Multiple Vulnerabilities Exploit Title: PHP Volunteer Management System v 1.0.2 Multiple Vulnerabilities Date: 05/28/12 Author: Ashoo Mail: [email protected] Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Tested on:...
PHP Volunteer Management System 1.0.2 Cross Site Scripting / Shell Upload
Exploit Title: PHP Volunteer Management System v 1.0.2 Multiple Vulnerabilities Date: 05/28/12 Author: Ashoo Mail: [email protected] Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Tested on: IIS6.0-Windows 2003 ToC 1.0 Introduction 2.0 Unrestricted File Upload 3...