967 matches found
FCMS 2.3 SQL Injection
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...
FCMS_2.3 SQL injection vulnerability
Exploit for php platform in category web applications ==================================== FCMS2.3 SQL injection vulnerability ==================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1...
Cross site scripting
Cross-site scripting XSS vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.21, 8.12.7, and 8.05; allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is not...
CVE-2010-0440
The CVE-2010-0440 issue is a Cross-Site Scripting (XSS) vulnerability in Cisco Secure Desktop (CSCOT) translation path. Affects Cisco Secure Desktop 3.4.2048 and earlier than 3.5, and is also implicated in Cisco ASA appliances running before 8.2(1), 8.1(2.7), and 8.0(5). The root cause is imprope...
Vivvo CMS 4.1.5.1 file disclosure
Exploit for unknown platform in category web applications ================================= Vivvo CMS 4.1.5.1 file disclosure ================================= Description of vulnerable software: Vivvo CMS is an intuitive content management system atop a powerful programming framework, empowering...
phpBB3 addon prime_quick_style GetAdmin Vulnerability
No description provided by source. phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited by -SmoG- target file: primequickstyle.php vuln: POST parameter "primequickstyle" is injectable. source: http://www.phpbb.com/community/viewtopic.php?f=70&t=692625 HowTo: after login...
phpBB3 addon prime_quick_style GetAdmin Vulnerability
Exploit for unknown platform in category web applications ===================================================== phpBB3 addon primequickstyle GetAdmin Vulnerability ===================================================== phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited...
phpBB3 - addon prime_quick_style GetAdmin
phpBB3 - addon primequickstyle GetAdmin phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited by -SmoG- target file: primequickstyle.php vuln: POST parameter "primequickstyle" is injectable. source: http://www.phpbb.com/community/viewtopic.php?f=70&t=692625 HowTo: after...
phpBB3 - addon prime_quick_style GetAdmin
phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited by -SmoG- target file: primequickstyle.php vuln: POST parameter "primequickstyle" is injectable. source: http://www.phpbb.com/community/viewtopic.php?f=70&t=692625 HowTo: after login, go to "./ucp.php" and manipulate...
Dust on the network enterprise website management system vulnerability-vulnerability warning-the black bar safety net
company. asp a get way to get the variable id's value is only filtered spaces and judgment Whether the value is empty contains an anti-note only the filter get way to pass the incoming parameter value company. asp it is request. querystring"id" that is not using the post And cookie injection but...
CVE-2009-0643
CVE-2009-0643 describes a static code injection in Simple PHP News 1.0 final. An attacker can inject arbitrary PHP code into news.txt via the post parameter and then trigger execution by requesting display.php, indicating a combination of unsafeguarded input handling and file-based code execution...
CVE-2008-4632
Multiple directory traversal vulnerabilities in index.php in Kure 0.6.3, when magicquotesgpc is disabled, allow remote attackers to read and possibly execute arbitrary local files via a .. dot dot in the 1 post and 2 doc parameters...
Kure 0.6.3 (index.php post,doc) Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ================================================================== Kure 0.6.3 index.php post,doc Local File Inclusion Vulnerability ================================================================== Kure 0.6.3 index.php post,doc Local File...
CVE-2008-2823
SQL injection vulnerability in newsarchive.php in PHPeasyblog formerly phpeasynews 1.13 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter...
Sql injection
SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remote attackers to execute arbitrary SQL commands via the post parameter...
BolinOS 4.6.1 - Local File Inclusion / Cross-Site Scripting
Digital Security Research Group DSecRG Advisory DSECRG-08-022 Application: BolinOS Versions Affected: 4.6.1 Vendor URL: http://www.bolinos.com Bugs: Local File Include,Multiple XSS, System information disclosure Exploits: YES Reported: 13.03.2008 Second report: 18.03.2008 Vendor response: none...
Sql injection
SQL injection vulnerability in classes/gelato.class.php in Gelato allows remote attackers to execute arbitrary SQL commands via the post parameter to index.php...
CVE-2007-1244
Cross-site request forgery CSRF vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting X...
DEBIAN-CVE-2007-1244
Cross-site request forgery CSRF vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting X...
CVE-2007-1244
Cross-site request forgery CSRF vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting X...