BoutikOne - rss_promo.php?lang SQL Injection

BoutikOne - rsspromo.php?lang SQL Injection source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

BoutikOne - rss_top10.php?lang SQL Injection

BoutikOne - rsstop10.php?lang SQL Injection source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

BoutikOne - rss_news.php?lang SQL Injection

BoutikOne - rssnews.php?lang SQL Injection source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

BoutikOne - categorie.php?path SQL Injection

BoutikOne - categorie.php?path SQL Injection source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

BoutikOne - list.php?path SQL Injection

BoutikOne - list.php?path SQL Injection source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacke...

BoutikOne - search.php Multiple SQL Injections

BoutikOne - search.php Multiple SQL Injections source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...

BoutikOne - 'search.php' Multiple SQL Injections

source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access ...

BoutikOne - 'list.php?path' SQL Injection

source: https://www.securityfocus.com/bid/46861/info Pixie is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access ...

SQL Injection in Pixie

Vulnerability ID: HTB22785 Reference: http://www.htbridge.ch/advisory/sqlinjectioninpixie.html Product: Pixie Vendor: Lucid Crew http://www.getpixie.co.uk/ Vulnerable Version: 1.04 Vendor Notification: 06 January 2011 Vulnerability Type: SQL Injection Status: Awaiting Vendor Response Risk level:...

SQL Injection in Pixie

Vulnerability ID: HTB22786 Reference: http://www.htbridge.ch/advisory/sqlinjectioninpixie1.html Product: Pixie Vendor: Lucid Crew http://www.getpixie.co.uk/ Vulnerable Version: 1.04 Vendor Notification: 06 January 2011 Vulnerability Type: SQL Injection Status: Awaiting Vendor Response Risk level:...

Pixie CMS 1.0.4 - adminindex.php SQL Injection

Pixie CMS 1.0.4 - adminindex.php SQL Injection source: https://www.securityfocus.com/bid/45937/info Pixie is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker...

Pixie 1.04 SQL Injection

================================== Vulnerability ID: HTB22786 Reference: http://www.htbridge.ch/advisory/sqlinjectioninpixie1.html Product: Pixie Vendor: Lucid Crew http://www.getpixie.co.uk/ Vulnerable Version: 1.04 Vendor Notification: 06 January 2011 Vulnerability Type: SQL Injection Status:...

Pixie CMS 1.0.4 - '/admin/index.php' SQL Injection

source: https://www.securityfocus.com/bid/45937/info Pixie is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modif...

PiXie CMS v1.04 <= Multiple CSRF Vulnerabilities

Exploit for php platform in category web applications Add Super User: Add Post: !-- Exploit Title: PiXie CMS v1.04 = CSRF Add Post Google Dork: allintext: "Pixie Powered" Date: 28/12/2010 Author: Ali Raheem AKA wolfmankurd Software Link: http://pixie-cms.googlecode.com/files/pixiev1.04.zip Versio...

PiXie CMS 1.04 - Multiple Cross-Site Request Forgery Vulnerabilities

PiXie CMS 1.04 - Multiple Cross-Site Request Forgery Vulnerabilities Add Super User: Add Post: !-- Exploit Title: PiXie CMS v1.04 = CSRF Add Post Google Dork: allintext: "Pixie Powered" Date: 28/12/2010 Author: Ali Raheem AKA wolfmankurd Software Link:...

PiXie CMS 1.04 - Multiple Cross-Site Request Forgery Vulnerabilities

Add Super User: Add Post: !-- Exploit Title: PiXie CMS v1.04 = CSRF Add Post Google Dork: allintext: "Pixie Powered" Date: 28/12/2010 Author: Ali Raheem AKA wolfmankurd Software Link: http://pixie-cms.googlecode.com/files/pixiev1.04.zip Version: =1.04 Tested on: Linux sheevaplug-debian...

Pixie 1.04 Cross Site Request Forgery

Pixie 1.04 suffers from CSRF where form data can be submitted by the admin unwittingly in this example to add a blog post or Add a new user. It was not tempted but it is possible to include a cookie stealer in the blog post which a naive admin my view if it has a curious/innocent sounding name...

Pixie 1.04 Cross Site Scripting

==================================================== Pixie v1.04 XSS Vulnerability ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //...

Pixie 1.0.4 Cross Site Request Forgery / Cross Site Scripting

Vulnerability ID: HTB22469 Reference: http://www.htbridge.ch/advisory/storedxssvulnerabilityinpixie.html Product: Pixie Vendor: Toggle Labs Ltd http://www.getpixie.co.uk/ Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: Stored XSS Cross...

XSRF &#40;CSRF&#41; in Pixie

Vulnerability ID: HTB22470 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinpixie.html Product: Pixie Vendor: Toggle Labs Ltd http://www.getpixie.co.uk/ Vulnerable Version: 1.0.4 and Probably Prior Versions Vendor Notification: 01 July 2010 Vulnerability Type: CSRF Cross-Site Request Forgery...