24 matches found
EUVD-2008-5176
Malware in sbrugna...
EUVD-2005-4614
Malware in sbrugna...
EUVD-2006-5278
Malware in sbrugna...
PHPOutSourcing Zorum 3.x Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8388/info A cross-site scripting vulnerability has been reported in the index.php script of PHPOutSourcing Zorum. Because of this, an attacker may be able to execute HTML and script code in the browsers of target users in...
CVE-2008-5199
PHP remote file inclusion vulnerability in include.php in PHPOutsourcing IdeaBox aka IdeBox 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the gorumDir parameter...
CVE-2008-5199
The CVE-2008-5199 issue affects the PHPOutsourcing IdeaBox (aka IdeBox) 1.1 and constitutes a PHP remote file inclusion vulnerability in include.php, exploitable via a URL in the gorumDir parameter. The underlying vulnerability allows an attacker to cause the remote inclusion of PHP code, which c...
CVE-2006-5431
CVE-2006-5431 describes a PHP remote file inclusion flaw in gorum/dbproperty.php of PHPOutsourcing Zorum 3.5 and earlier, allowing an attacker to place a URL in the appDirName parameter to execute arbitrary PHP code. The vulnerability affects the app’s handling of the appDirName input and can lea...
CVE-2006-5293
Cross-site scripting XSS vulnerability in index.php in PhpOutsourcing Noah's Classifieds 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the frommethod parameter...
CVE-2006-5293
Cross-site scripting XSS vulnerability in index.php in PhpOutsourcing Noah's Classifieds 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the frommethod parameter...
CVE-2006-5293
CVE-2006-5293 affects PhpOutsourcing Noah’s Classifieds, prior to or including version 1.3, where index.php is vulnerable to cross-site scripting via the frommethod parameter. Affected component: index.php; vulnerability type: XSS. CVSS v2 base score 6.8 (Medium) with network attack vector, requi...
IdeaBox <= 1.1 (gorumDir) Remote File Include Vulnerability
$$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ IdeaBox = 1.1 gorumDir Remote File Include Vulnerability $$ script site: http://ideabox.phpoutsourcing.com/ $$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$ $$ Find by: Kacper a.k.a Rahim $$ $$ Contact:...
IdeaBox <= 1.1 (gorumDir) Remote File Include Vulnerability
Exploit for unknown platform in category web applications =========================================================== IdeaBox = 1.1 gorumDir Remote File Include Vulnerability =========================================================== $$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$...
Noah's Classifieds Multiple Path Disclosure and Cross Site Scripting Vulnerabilities
I have contacted PhpOutsourcing 2 weeks ago, and they didn't answer. The mail I sent on classifieds AT phpoutsourcing DOT com bounced back in error. The one I sent on askme AT phpoutsourcing DOT com never got replied. "Currently, we are completely overloaded with our running projects, and we don'...
CVE-2005-4619
CVE-2005-4619 affects Zorum Forum 3.5 and earlier (index.php showhtmllist) where the rollid parameter is vulnerable to SQL injection, allowing remote attackers to execute arbitrary SQL commands. This is documented as a SQL injection vulnerability in Zorum/phpoutsourcing code; no patch/version det...
CVE-2005-4619
SQL injection vulnerability in index.php in phpoutsourcing Zorum Forum 3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the rollid parameter in the showhtmllist method...
noahSQLXSS.txt
Software: phpoutsourcing Noah's classifieds Vendor: http://classifieds.phpoutsourcing.com/ Version: all versions Bug: SQL injection & XSS Exploitation: Remote with browser ------------------------------------------------------------------------------------- Introduction: Noah' Classifieds is a...
CVE-2005-2979
SQL injection vulnerability in index.php in phpoutsourcing Noah's classifieds allows remote attackers to execute arbitrary SQL commands via the rollid parameter...
CVE-2005-2980
Cross-site scripting XSS vulnerability in index.php in phpoutsourcing Noah's classifieds 1.3 allows remote attackers to inject arbitrary web script or HTML via the rollid parameter...
CVE-2005-2979
SQL injection vulnerability in index.php in phpoutsourcing Noah's classifieds allows remote attackers to execute arbitrary SQL commands via the rollid parameter...
CVE-2005-2980
Cross-site scripting XSS vulnerability in index.php in phpoutsourcing Noah's classifieds 1.3 allows remote attackers to inject arbitrary web script or HTML via the rollid parameter...