SUSE CVE-2005-1921

Eval injection vulnerability in PEAR XMLRPC 1.3.0 and earlier aka XML-RPC or xmlrpc and PHPXMLRPC aka XML-RPC For PHP or php-xmlrpc 1.1 and earlier, as used in products such as 1 WordPress, 2 Serendipity, 3 Drupal, 4 egroupware, 5 MailWatch, 6 TikiWiki, 7 phpWebSite, 8 Ampache, and others, allows...

Logic Flaw Vulnerability in AiFreePhp

AiFreePhp is a free and open source PHP website builder. AiFreePhp has a logic flaw vulnerability that can be exploited by attackers to reinstall a system...

KG-Group Administrator Account Bypass Vulnerability

KG-Group is a php developed website system in India. KG-Group suffers from an administrator page login bypass vulnerability. An attacker can use this vulnerability to directly login to the backend and gain administrator privileges...

phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 pagemaster Module PAGE_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/8393/info PHP Website is a web site content management system that allows for easy maintainance and administration of interactive community-driven websites. Cross-site vulnerabilities have been reported in the Calendar,...

PHP Website 0.7.3/0.8.2/0.8.3/0.9.2 Calendar Module SQL Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/8390/info Multiple SQL injection vulnerabilities have been reported in PHP Website. These issue may be exploited by sending a malicious request to the calendar script. Possible consequencs of exploitation include compromi...

Athena PHP Website Administration 0.1 - Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15574/info Athena PHP Website Administration is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue ...

phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 calendar Module day Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/8393/info PHP Website is a web site content management system that allows for easy maintainance and administration of interactive community-driven websites. Cross-site vulnerabilities have been reported in the Calendar,...

phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 earch Module PDA_limit Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/8393/info PHP Website is a web site content management system that allows for easy maintainance and administration of interactive community-driven websites. Cross-site vulnerabilities have been reported in the Calendar,...

phpWebSite 0.7.3/0.8.2/0.8.3/0.9.2 fatcat Module fatcat_id Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/8393/info PHP Website is a web site content management system that allows for easy maintainance and administration of interactive community-driven websites. Cross-site vulnerabilities have been reported in the Calendar,...

phpWebsite 0.8.2/0.8.3 friend.php sid Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/17150/info phpWebSite is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit...

Slackware: Security Advisory (SSA:2006-230-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

phpcms 2 0 0 8 sp4 explosive paths and arbitrary file deletion vulnerability-vulnerability warning-the black bar safety net

A page, not as fault-tolerant processing result in the explosion path, while the filter is not strict lead to a malicious attacker can delete the website of any of the files corpandresize/config. inc. php definition: $tmp = $COOKIE'tmp'; define"TMPPATH", $tmp; In corpandresize/process. php with t...

ZeeMatri 3x Shell Upload

1 1 0 I'm SONiC member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : ZeeMatri v3x- Arbitrary file upload Vulnerability Date : july 23,2010 Critical Level :VERY HIGH vendor URL :?? http://www.zeeways.com Author : ..:: SONiC ::.. aka...

ZeeNetworking 1x Shell Upload

1 1 0 I'm SONiC member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : ZeeNetworking v1x- Arbitrary file upload Vulnerability Date : july 23,2010 Critical Level :VERY HIGH vendor URL :?? http://www.zeeways.com Author : ..:: SONiC ::.. aka...

ZeeMatri 3.x - Arbitrary File Upload

ZeeMatri 3.x - Arbitrary File Upload 1 1 0 I'm SONiC member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : ZeeMatri v3x- Arbitrary file upload Vulnerability Date : july 23,2010 Critical Level :VERY HIGH vendor URL :?? http://www.zeeways.co...

CVE-2009-2589

Multiple cross-site scripting XSS vulnerabilities in Hutscripts PHP Website Script allow remote attackers to inject arbitrary web script or HTML via the msg parameter to 1 feedback.php, 2 index.php, and 3 lostpassword.php...

CVE-2009-2590

SQL injection vulnerability in showcategory.php in Hutscripts PHP Website Script allows remote attackers to execute arbitrary SQL commands via the cid parameter...

CVE-2009-2590

CVE-2009-2590 describes an SQL injection vulnerability in the Hutscripts PHP Website Script, specifically affecting the showcategory.php component where the cid parameter is used in a way that allows remote attackers to execute arbitrary SQL commands. The affected software is referenced as Hutscr...

Gentoo Security Advisory GLSA 200605-04 (phpwebsite)

The remote host is missing updates announced in advisory GLSA 200605-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

CVE-2006-1819

Directory traversal vulnerability in the loadConfig function in index.php in phpWebSite 0.10.2 and earlier allows remote attackers to include arbitrary local files and execute arbitrary PHP code via the hubdir parameter, as demonstrated by including accesslog. NOTE: in some cases, arbitrary remot...