Gentoo Security Advisory GLSA 200508-21 (phpwebsite)

The remote host is missing updates announced in advisory GLSA 200508-21. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200508-21 (phpwebsite)

The remote host is missing updates announced in advisory GLSA 200508-21. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200411-35 (phpwebsite)

The remote host is missing updates announced in advisory GLSA 200411-35. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerabilities in phpWebSite

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Insufficient Anti-automation и Cross-Site Scripting уязвимостях в phpWebSite. Insufficient Anti-Automation: На странице регистраций http://site/index.php?module=users&action=user&command=signupuser нет защиты от автоматизированных запросов капчи...

phpwebsitelinks-sql.txt

powered by phpWebSitelinks AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAiL : [email protected] DORK 1 : allinurl:"mod.php?mod=links" DORK 2 : allinurl: EXPLOIT :...

phpwebsitedownloads-sql.txt

powered by phpWebSitedownloads AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAiL : [email protected] DORK 1 : allinurl:"mod.php?mod=downloads" EXPLOIT :...

phpwebsitedownload-sql.txt

powered by phpWebSitedownload AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAiL : [email protected] DORK 1 : allinurl:"mod.php?mod=download" DORK 2 : allinurl: EXPLOIT :...

phpwebsite-sql.txt

powered by phpWebSiteiklanbaris AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAiL : [email protected] DORK 1 : allinurl: cid "mod php mod iklanbaris" EXPLOIT :...

phpwebsitefaq-sql.txt

powered by phpWebSite SQL InjectionFAQ AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAiL : [email protected] DORK 1 : allinurl: "topics.php?op=viewtopic" EXPLOIT : topics.php?op=viewtopic&topic=-999//union//select+0,aid,pwd,pwd+from//authors/where%20name%20pwd...

phpwebsitegallery-sql.txt

powered by phpWebSitegallery AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAiL : [email protected] DORK 1 : allinurl:"mod.php?mod=gallery" id EXPLOIT : mod.php?mod=gallery&op=gallery&id=-77//union//select+0,concataid,0x3a,pwd//from//authors/where%20gallery...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in the search module in Appalachian State University phpWebSite 1.4.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2008-0092

Cross-site scripting XSS vulnerability in index.php in the search module in Appalachian State University phpWebSite 1.4.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2008-0092

CVE-2008-0092 describes a Cross-site Scripting (XSS) vulnerability in the search module of Apache State University’s phpWebSite 1.4.0, specifically in index.php, where an attacker can inject arbitrary web script or HTML through the search parameter. The issue allows remote, unauthenticated input ...

CVE-2008-0092

Cross-site scripting XSS vulnerability in index.php in the search module in Appalachian State University phpWebSite 1.4.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

phpWebSite搜索模块跨站脚本执行漏洞

BUGTRAQ ID: 27090 phpWebSite是一款网站内容管理系统（CMS）。 phpWebSite的实现上存在输入验证漏洞，远程攻击者可能利用此漏洞在用户浏览器中执行恶意代码。 phpWebSite的搜索模块没有正确地转义用户输入便在搜索结果页面中生成链接，这允许攻击者通过提交恶意搜索请求执行跨站脚本攻击。 Appalachian State Universit phpWebSite 1.4.0 Appalachian State Universit ---------------------------...

Cross-Site Scripting (XSS) in phpWebSite 1.4.0 search

------------------------------------------------------------------------ Cross-Site Scripting XSS in phpWebSite 1.4.0 search ------------------------------------------------------------------------ Author: Audun Larsen larsen at xqus dot com Date: Dec 29, 2007 --AFFECTED...

phpwebsite-xss.txt

------------------------------------------------------------------------ Cross-Site Scripting XSS in phpWebSite 1.4.0 search ------------------------------------------------------------------------ Author: Audun Larsen larsen at xqus dot com Date: Dec 29, 2007 --AFFECTED...

CVE-2006-5234

Multiple PHP remote file inclusion vulnerabilities in phpWebSite 0.10.2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPWSSOURCEDIR parameter in 1 init.php, 2 users.php, 3 Cookie.php, 4 forms.php, 5 Groups.php, 6 ModSetting.php, 7 Calendar.php, 8 DateTime.php, 9 core.php,...

CVE-2006-5234

CVE-2006-5234 is linked to phpWebSite 0.10.2 with a remote code execution flaw via a URL in the PHPWS_SOURCE_DIR parameter across multiple PHP files (init.php, users.php, Cookie.php, forms.php, Groups.php, ModSetting.php, Calendar.php, DateTime.php, core.php, ImgLibrary.php, Manager.php, Template...

CVE-2006-5234

Multiple PHP remote file inclusion vulnerabilities in phpWebSite 0.10.2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPWSSOURCEDIR parameter in 1 init.php, 2 users.php, 3 Cookie.php, 4 forms.php, 5 Groups.php, 6 ModSetting.php, 7 Calendar.php, 8 DateTime.php, 9 core.php,...