26 matches found
EUVD-2006-1878
Malware in sbrugna...
EUVD-2006-3896
Malware in sbrugna...
EUVD-2006-3764
Malware in sbrugna...
EUVD-2007-2150
Malware in sbrugna...
PHPFaber TopSites 3 Admin/Index.PHP Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23419/info TopSites is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable...
phpFaber TopSites Index.PHP Cross-Site Scripting Vulnerability
漏洞信息: phpfaber topsites是一个php编写的功能强大,可靠和安全的排行榜。 phpFaber TopSites存在跨站脚本攻击漏洞。 漏洞影响: phpFaber TopSites 0 漏洞详情: phpFaber TopSites中的index.php存在跨站脚本攻击漏洞。这使得远程攻击者可以借助于page参数注入任意Web脚本或HTML。 可使用以下代码进行漏洞验证: http://www.example.com/index.php?page=alert/sebug/ 解决方案:...
Directory traversal
Directory traversal vulnerability in template.php in in phpFaber TopSites 3 allows remote attackers to read arbitrary files via a .. dot dot in the modify parameter in a template action to admin/index.php...
CVE-2007-2155
CVE-2007-2155 affects phpFaber TopSites 3. A directory traversal vulnerability in template.php (modify parameter in a template action to admin/index.php) allows remote attackers to read arbitrary files via .. traversal. This is a network-accessible issue with low attack complexity and no authenti...
phpfaber-include.txt
phpFaber TopSites v.3index.phpRemote File Disclosure Vulnerability D.Script: http://www.phpfaber.com/cmscontent/files/phpfabertopsites.zip Discovered by: Dr.RoVeR --Arab48 Hacker [email protected] Greetz To: Tryag Team You have to be admin to run the script :D V.Code: if !$GET'page' ||...
nEw Bug :D
phpFaber TopSites v.3index.phpRemote File Disclosure Vulnerability D.Script: http://www.phpfaber.com/cmscontent/files/phpfabertopsites.zip Discovered by: Dr.RoVeR --Arab48 Hacker [email protected] Greetz To: Tryag Team You have to be admin to run the script :D V.Code: if !$GET'page' ||...
PHPFaber TopSites 3 - 'admin/index.php' Directory Traversal
source: https://www.securityfocus.com/bid/23419/info TopSites is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the webserve...
PHPFaber TopSites 3 - adminindex.php Directory Traversal
PHPFaber TopSites 3 - adminindex.php Directory Traversal source: https://www.securityfocus.com/bid/23419/info TopSites is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files...
CVE-2006-3902
Cross-site scripting XSS vulnerability in index.php in phpFaber TopSites 2.0.9 allows remote attackers to inject arbitrary web script or HTML via the icat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...
CVE-2006-3902
Cross-site scripting XSS vulnerability in index.php in phpFaber TopSites 2.0.9 allows remote attackers to inject arbitrary web script or HTML via the icat parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information...
CVE-2006-3902
CVE-2006-3902 is an XSS vulnerability in phpFaber TopSites 2.0.9 where the i_cat parameter of index.php can be exploited to inject arbitrary web script or HTML. The description notes that the vulnerability arises from the input handling in the i_cat parameter; no further details on the root cause...
CVE-2006-3770
Multiple SQL injection vulnerabilities in index.php in phpFaber TopSites 2.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 icat or 2 method parameters...
[MajorSecurity #21] phpFaber TopSites <=2.0.9 - SQL Injection Vulnerability
MajorSecurity 21 phpFaber TopSites =2.0.9 - SQL Injection Vulnerability ----------------------------------------------------------------- Software: phpFaber TopSites Version: =2.0.9 Type: SQL Injection Vulnerability Made public: July, 19th 2006 Vendor: phpFaber, LLC Page: http://www.phpfaber.com/...
CVE-2006-3770
Multiple SQL injection vulnerabilities in index.php in phpFaber TopSites 2.0.9 and earlier allow remote attackers to execute arbitrary SQL commands via the 1 icat or 2 method parameters...
CVE-2006-3770
The CVE-2006-3770 entry covers multiple SQL injection flaws in phpFaber TopSites (index.php) affecting version 2.0.9 and earlier. The underlying issue is unsecured handling of the (1) i_cat and (2) method parameters, enabling remote attackers to alter SQL queries and potentially compromise data. ...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in phpFaber TopSites allows remote attackers to inject arbitrary web script or HTML via the page parameter...