110 matches found
PHPX 3.5.16 Cookie Poisoning and Login Bypass Vulnerability
No description provided by source. ======================================================================= = gnix = gnixmail at gmail dot com http://gnix.netsons.org Application: phpx http://www.phpx.org/project.php stable version Versions: 3.5.16 Platforms: All Bug: Cookie poisoning / Login bypa...
PHPX 3.5.16 Cookie Poisoning and Login Bypass Vulnerability
Exploit for unknown platform in category web applications =========================================================== PHPX 3.5.16 Cookie Poisoning and Login Bypass Vulnerability =========================================================== Application: phpx http://www.phpx.org/project.php stable...
phpx-cookie.txt
======================================================================= = gnix = gnixmail at gmail dot com http://gnix.netsons.org Application: phpx http://www.phpx.org/project.php stable version Versions: 3.5.16 Platforms: All Bug: Cookie poisoning / Login bypass Date: 31 July 2008...
PHPX 3.5.16 - Cookie Poisoning Authentication Bypass
PHPX 3.5.16 - Cookie Poisoning Authentication Bypass ======================================================================= = gnix = gnixmail at gmail dot com http://gnix.netsons.org Application: phpx http://www.phpx.org/project.php stable version Versions: 3.5.16 Platforms: All Bug: Cookie...
PHPX 3.5.16 - Cookie Poisoning / Authentication Bypass
======================================================================= = gnix = gnixmail at gmail dot com http://gnix.netsons.org Application: phpx http://www.phpx.org/project.php stable version Versions: 3.5.16 Platforms: All Bug: Cookie poisoning / Login bypass Date: 31 July 2008...
Sql injection
Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote attackers to execute arbitrary SQL commands via the 1 imageid or 2 catid parameter to a gallery.php; the 3 newsid parameter to b news.php or c print.php; 4 the newscatid parameter to news.php; the 5 catid, 6 topicid, or 7 postid...
CVE-2007-1551
Multiple cross-site scripting XSS vulnerabilities in phpx 3.5.15 allow remote attackers to inject arbitrary web script or HTML via 1 the signature in "dans profile," or 2 search.php...
CVE-2007-1550
Multiple SQL injection vulnerabilities in phpx 3.5.15 allow remote attackers to execute arbitrary SQL commands via the 1 imageid or 2 catid parameter to a gallery.php; the 3 newsid parameter to b news.php or c print.php; 4 the newscatid parameter to news.php; the 5 catid, 6 topicid, or 7 postid...
CVE-2007-1551
CVE-2007-1551 affects phpx 3.5.15 with multiple cross-site scripting (XSS) vulnerabilities. The issues allow remote attackers to inject arbitrary web script or HTML via (1) the signature in "dans profile" and (2) search.php. The affected software is phpx 3.5.15; root cause details are not spelled...
CVE-2007-1549
CVE-2007-1549 affects phpx 3.5.15 where gallery.php’s addImage action allows unrestricted file upload. An attacker can upload arbitrary PHP scripts, which are placed under gallery/shelties/ and could be executed remotely. The CVE details focus on the unrestricted upload vulnerability and its abil...
CVE-2007-1550
CVE-2007-1550 affects phpx 3.5.15, introducing multiple SQL injection weaknesses in gallery.php, news.php/print.php (via image_id, cat_id, news_id), news.php (news_cat_id), forums.php (cat_id, topic_id, post_id), and users.php (user_id). The underlying issue is unsafely concatenated SQL queries t...
PHPX 3.5.153.5.16 - users.php SQL Injection
PHPX 3.5.153.5.16 - users.php SQL Injection source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...
PHPX 3.5.153.5.16 - forums.php SQL Injection
PHPX 3.5.153.5.16 - forums.php SQL Injection source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-base...
PHPX 3.5.153.5.16 - news.php SQL Injection
PHPX 3.5.153.5.16 - news.php SQL Injection source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...
PHPX 3.5.153.5.16 - gallery.php SQL Injection
PHPX 3.5.153.5.16 - gallery.php SQL Injection source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-bas...
PHPX 3.5.153.5.16 - print.php SQL Injection
PHPX 3.5.153.5.16 - print.php SQL Injection source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...
PHPX 3.5.15/3.5.16 - 'gallery.php' SQL Injection
source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitra...
PHPX 3.5.15/3.5.16 - 'news.php' SQL Injection
source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitra...
PHPX 3.5.15/3.5.16 - 'users.php' SQL Injection
source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitra...
PHPX 3.5.15/3.5.16 - 'forums.php' SQL Injection
source: https://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, execute arbitra...