33 matches found
EUVD-2007-2001
Malware in sbrugna...
EUVD-2007-2002
Malware in sbrugna...
File upload vulnerability in emlog v6.0.0 backend pl***.php page
Short for every memory log, emlog is a PHP and MySQL based blog and CMS builder. A file upload vulnerability exists in the emlog v6.0.0 backend pl.php page. An attacker can exploit the vulnerability to elevate background privileges...
pL-PHP 0.9 'index.php' Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37593/info pL-PHP is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browse...
pl-php beta 0.9 - Multiple Vulnerabilities
No description provided by source...
pL-PHP <= beta 0.9 - Local File Include Exploit
No description provided by source. !/usr/bin/perl pL-PHP = beta 0.9 Local File Include Exploit Discovered by cr4wl3r Contact : cr4wl3r!linuxmail.org use IO::Socket; use LWP::Simple; @apache= ../apache/logs/error.log, ../apache/logs/access.log, ../../apache/logs/error.log,...
CVE-2010-3781
The PL/php add-on 1.4 and earlier for PostgreSQL does not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, a related issue to CVE-2010-3433...
Design/Logic Flaw
The PL/php add-on 1.4 and earlier for PostgreSQL does not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, a related issue to CVE-2010-3433...
CVE-2010-3781
The PL/php add-on 1.4 and earlier for PostgreSQL does not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, a related issue to CVE-2010-3433...
CVE-2010-3781
CVE-2010-3433 concerns PostgreSQL PL/perl and PL/Tcl implementations that failed to protect script execution by a different SQL user within the same session, enabling remote authenticated users to gain privileges via crafted code in a SECURITY DEFINER function. Vulnerable are PostgreSQL branches ...
pL-PHP 0.9 - index.php Cross-Site Scripting
pL-PHP 0.9 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/37593/info pL-PHP is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in...
pL-PHP Beta 0.9 Cross Site Scripting
======================================================================================== | Title : pL-PHP beta 0.9 Cross Site Scripting Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | Total alerts found ...
pL-PHP 0.9 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/37593/info pL-PHP is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
pL-PHP <= beta 0.9 Local File Include Exploit
Exploit for unknown platform in category web applications ============================================= pL-PHP = beta 0.9 Local File Include Exploit ============================================= !/usr/bin/perl pL-PHP = beta 0.9 Local File Include Exploit Discovered by cr4wl3r Contact :...
CVE-2007-2008
Directory traversal vulnerability in admin.php in pL-PHP beta 0.9 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...
Authentication flaw
admin.php in pL-PHP beta 0.9 allows remote attackers to bypass authentication by setting the isadmin parameter to 1...
Directory traversal
Directory traversal vulnerability in admin.php in pL-PHP beta 0.9 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...
Sql injection
Multiple SQL injection vulnerabilities in login.php in pL-PHP beta 0.9 allow remote attackers to execute arbitrary SQL commands via the 1 login or 2 pass parameter...
CVE-2007-2006
Multiple SQL injection vulnerabilities in login.php in pL-PHP beta 0.9 allow remote attackers to execute arbitrary SQL commands via the 1 login or 2 pass parameter...
CVE-2007-2008
Directory traversal vulnerability in admin.php in pL-PHP beta 0.9 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter...