107 matches found
Code injection
phpFoX allows remote authenticated users to modify arbitrary accounts via a modified NATIO cookie value, possibly the phpfoxuser parameter...
CVE-2006-2631
phpFoX allows remote authenticated users to modify arbitrary accounts via a modified NATIO cookie value, possibly the phpfoxuser parameter...
CVE-2006-2631
phpFoX allows remote authenticated users to modify arbitrary accounts via a modified NATIO cookie value, possibly the phpfoxuser parameter...
CVE-2006-2631
phpFoX is affected by an authentication-bypass like issue where remote authenticated users can modify arbitrary accounts by tampering with a NATIO cookie value, potentially the phpfox_user parameter. The root cause is a cookie handling flaw that allows escalation of privileges within authenticate...
phpFoX.txt
phpFoX AllVersion Login to any Account Exploit found by Mx at hackmx.net Login as any user/admin/mod Action event only once This exploit will allow you to action an event per login, on any account in phpFoX All Versions. 1 Create an account on phpFox, after activating the account, login. 2 Go to...
phpFoX All Version Login Exploit
phpFoX AllVersion Login to any Account Exploit found by Mx at hackmx.net Login as any user/admin/mod Action event only once This exploit will allow you to action an event per login, on any account in phpFoX All Versions. 1 Create an account on phpFox, after activating the account, login. 2 Go to...
XSS in phpFoX Version 1.06
Advisory: XSS in phpFoX Version 1.06 Home Page: http://www.phpfox.com/ Уязвимость/Vulnerability: Межсайтовый скриптинг/Cross Site Scripting http://www.arcticarmy.co.uk/user/?P=Daalvashi"scriptalert/script" http://www.arcticarmy.co.uk/user/?G=Cutiebubbleboo"scriptalert/script"...