Pixie 1.04 - Blog Post Cross-Site Request Forgery

Pixie 1.04 - Blog Post Cross-Site Request Forgery Exploit Title: Pixie v1.04 blog post CSRF Google Dork: Date: 11-Dec-2011 Author: hackme Software Link: http://pixie-cms.googlecode.com/files/pixiev1.04.zip Version: 1.04 Tested on: Linux Ubuntu 10.10 CVE : + TH4NKZ T0: broiosen,ReGun and...

CVE-2011-4710

Multiple SQL injection vulnerabilities in Pixie CMS 1.01 through 1.04 allow remote attackers to execute arbitrary SQL commands via the 1 pixieuser parameter and 2 Referer HTTP header in a request to the default URI...

Sql injection

Multiple SQL injection vulnerabilities in Pixie CMS 1.01 through 1.04 allow remote attackers to execute arbitrary SQL commands via the 1 pixieuser parameter and 2 Referer HTTP header in a request to the default URI...

CVE-2011-4710

CVE-2011-4710 affects Pixie CMS versions 1.01 through 1.04, where the application is vulnerable to SQL injection via the pixie_user parameter and the Referer HTTP header in requests to the default URI. The underlying root cause is improper input handling that allows remote attackers to execute ar...

CVE-2011-4710

Multiple SQL injection vulnerabilities in Pixie CMS 1.01 through 1.04 allow remote attackers to execute arbitrary SQL commands via the 1 pixieuser parameter and 2 Referer HTTP header in a request to the default URI...

Pixie CMS 1.01 - 1.04 Blind SQL Injections

No description provided by source. Exploit Title: Pixie CMS 1.01 - 1.04 "pixieuser" Blind SQL Injection Google Dork: None Date: 11/14/2011 Author: Piranha, piranhaattorontomail.com Software Link: http://www.getpixie.co.uk/ Version: 1.01 - 1.04 Tested on: Windows XP SP3, Pixie versions: 1.01 - 1.0...

Pixie CMS 1.01 < 1.04 - Blind SQL Injections

Exploit Title: Pixie CMS 1.01 - 1.04 "pixieuser" Blind SQL Injection Google Dork: None Date: 11/14/2011 Author: Piranha, piranhaattorontomail.com Software Link: http://www.getpixie.co.uk/ Version: 1.01 - 1.04 Tested on: Windows XP SP3, Pixie versions: 1.01 - 1.04 CVE : None Example request: GET...

Pixie CMS 1.01 1.04 - Blind SQL Injections

Pixie CMS 1.01 1.04 - Blind SQL Injections Exploit Title: Pixie CMS 1.01 - 1.04 "pixieuser" Blind SQL Injection Google Dork: None Date: 11/14/2011 Author: Piranha, piranhaattorontomail.com Software Link: http://www.getpixie.co.uk/ Version: 1.01 - 1.04 Tested on: Windows XP SP3, Pixie versions: 1....

Pixie CMS 1.04 Blind SQL Injection

Exploit Title: Pixie CMS 1.01 - 1.04 "pixieuser" Blind SQL Injection Google Dork: None Date: 11/14/2011 Author: Piranha, piranhaattorontomail.com Software Link: http://www.getpixie.co.uk/ Version: 1.01 - 1.04 Tested on: Windows XP SP3, Pixie versions: 1.01 - 1.04 CVE : None Example request: GET...

Pixie CMS 1.01 - 1.04 Blind SQL Injections

Exploit for php platform in category web applications Exploit Title: Pixie CMS 1.01 - 1.04 "pixieuser" Blind SQL Injection Google Dork: None Date: 11/14/2011 Author: Piranha, piranhaattorontomail.com Software Link: http://www.getpixie.co.uk/ Version: 1.01 - 1.04 Tested on: Windows XP SP3, Pixie...

CVE-2011-3793

Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files...

Information disclosure

Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files...

CVE-2011-3793

Pixie 1.04 is affected by an information-disclosure vulnerability where remote attackers can obtain sensitive data by requesting a PHP file directly, causing an error message that reveals the installation path (e.g., admin/modules/static.php). ThisSummary is supported by multiple sources (NVD, Re...

CVE-2011-3793

Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files...

BoutikOne - 'rss_flash.php?lang' SQL Injection

source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access ...

BoutikOne - rss_flash.php?lang SQL Injection

BoutikOne - rssflash.php?lang SQL Injection source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

BoutikOne - 'rss_top10.php?lang' SQL Injection

source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access ...

BoutikOne - 'rss_promo.php?lang' SQL Injection

source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access ...

BoutikOne - 'rss_news.php?lang' SQL Injection

source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access ...

BoutikOne - 'categorie.php?path' SQL Injection

source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access ...