Lucene search
K

967 matches found

Packet Storm
Packet Storm
added 2010/09/08 12:0 a.m.20 views

FCMS 2.3 SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...

0.3AI score
Exploits0
0day.today
0day.today
added 2010/08/27 12:0 a.m.16 views

FCMS_2.3 SQL injection vulnerability

Exploit for php platform in category web applications ==================================== FCMS2.3 SQL injection vulnerability ==================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1...

7.1AI score
Exploits0
Prion
Prion
added 2010/02/03 6:30 p.m.23 views

Cross site scripting

Cross-site scripting XSS vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.21, 8.12.7, and 8.05; allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is not...

4.3CVSS6AI score0.04364EPSS
Exploits2References6Affected Software2
CVE
CVE
added 2010/02/03 6:0 p.m.73 views

CVE-2010-0440

The CVE-2010-0440 issue is a Cross-Site Scripting (XSS) vulnerability in Cisco Secure Desktop (CSCOT) translation path. Affects Cisco Secure Desktop 3.4.2048 and earlier than 3.5, and is also implicated in Cisco ASA appliances running before 8.2(1), 8.1(2.7), and 8.0(5). The root cause is imprope...

4.3CVSS5.6AI score0.04364EPSS
Exploits2References6Affected Software1
0day.today
0day.today
added 2009/10/23 12:0 a.m.51 views

Vivvo CMS 4.1.5.1 file disclosure

Exploit for unknown platform in category web applications ================================= Vivvo CMS 4.1.5.1 file disclosure ================================= Description of vulnerable software: Vivvo CMS is an intuitive content management system atop a powerful programming framework, empowering...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/09/01 12:0 a.m.23 views

phpBB3 addon prime_quick_style GetAdmin Vulnerability

No description provided by source. phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited by -SmoG- target file: primequickstyle.php vuln: POST parameter "primequickstyle" is injectable. source: http://www.phpbb.com/community/viewtopic.php?f=70&t=692625 HowTo: after login...

7.1AI score
Exploits0
0day.today
0day.today
added 2009/09/01 12:0 a.m.20 views

phpBB3 addon prime_quick_style GetAdmin Vulnerability

Exploit for unknown platform in category web applications ===================================================== phpBB3 addon primequickstyle GetAdmin Vulnerability ===================================================== phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2009/09/01 12:0 a.m.16 views

phpBB3 - addon prime_quick_style GetAdmin

phpBB3 - addon primequickstyle GetAdmin phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited by -SmoG- target file: primequickstyle.php vuln: POST parameter "primequickstyle" is injectable. source: http://www.phpbb.com/community/viewtopic.php?f=70&t=692625 HowTo: after...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/09/01 12:0 a.m.57 views

phpBB3 - addon prime_quick_style GetAdmin

phpBB3 addon primequickstyle GetAdmin Exploit Vulnerability found and exploited by -SmoG- target file: primequickstyle.php vuln: POST parameter "primequickstyle" is injectable. source: http://www.phpbb.com/community/viewtopic.php?f=70&t=692625 HowTo: after login, go to "./ucp.php" and manipulate...

7.4AI score
Exploits0
myhack58
myhack58
added 2009/04/14 12:0 a.m.14 views

Dust on the network enterprise website management system vulnerability-vulnerability warning-the black bar safety net

company. asp a get way to get the variable id's value is only filtered spaces and judgment Whether the value is empty contains an anti-note only the filter get way to pass the incoming parameter value company. asp it is request. querystring"id" that is not using the post And cookie injection but...

7.3AI score
Exploits0
CVE
CVE
added 2009/02/18 5:0 p.m.42 views

CVE-2009-0643

CVE-2009-0643 describes a static code injection in Simple PHP News 1.0 final. An attacker can inject arbitrary PHP code into news.txt via the post parameter and then trigger execution by requesting display.php, indicating a combination of unsafeguarded input handling and file-based code execution...

5.1CVSS7.6AI score0.04811EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2008/10/21 1:18 a.m.2 views

CVE-2008-4632

Multiple directory traversal vulnerabilities in index.php in Kure 0.6.3, when magicquotesgpc is disabled, allow remote attackers to read and possibly execute arbitrary local files via a .. dot dot in the 1 post and 2 doc parameters...

6.8CVSS6AI score0.01929EPSS
Exploits0References5
0day.today
0day.today
added 2008/10/16 12:0 a.m.13 views

Kure 0.6.3 (index.php post,doc) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== Kure 0.6.3 index.php post,doc Local File Inclusion Vulnerability ================================================================== Kure 0.6.3 index.php post,doc Local File...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2008/06/23 5:41 p.m.3 views

CVE-2008-2823

SQL injection vulnerability in newsarchive.php in PHPeasyblog formerly phpeasynews 1.13 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter...

7.5CVSS6.4AI score0.00967EPSS
Exploits1References4
Prion
Prion
added 2008/06/06 6:32 p.m.19 views

Sql injection

SQL injection vulnerability in showpost.php in 427BB 2.3.1 allows remote attackers to execute arbitrary SQL commands via the post parameter...

7.5CVSS9.1AI score0.0101EPSS
Exploits0References4Affected Software1
Exploit DB
Exploit DB
added 2008/03/25 12:0 a.m.48 views

BolinOS 4.6.1 - Local File Inclusion / Cross-Site Scripting

Digital Security Research Group DSecRG Advisory DSECRG-08-022 Application: BolinOS Versions Affected: 4.6.1 Vendor URL: http://www.bolinos.com Bugs: Local File Include,Multiple XSS, System information disclosure Exploits: YES Reported: 13.03.2008 Second report: 18.03.2008 Vendor response: none...

7.4AI score
Exploits0
Prion
Prion
added 2007/09/17 5:17 p.m.13 views

Sql injection

SQL injection vulnerability in classes/gelato.class.php in Gelato allows remote attackers to execute arbitrary SQL commands via the post parameter to index.php...

7.5CVSS9.1AI score0.01622EPSS
Exploits1References8Affected Software1
UbuntuCve
UbuntuCve
added 2007/03/03 7:19 p.m.23 views

CVE-2007-1244

Cross-site request forgery CSRF vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting X...

6.8CVSS5.9AI score0.07315EPSS
Exploits1References1
OSV
OSV
added 2007/03/03 7:19 p.m.3 views

DEBIAN-CVE-2007-1244

Cross-site request forgery CSRF vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting X...

6.8CVSS6.2AI score0.07315EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2007/03/03 7:0 p.m.37 views

CVE-2007-1244

Cross-site request forgery CSRF vulnerability in the AdminPanel in WordPress 2.1.1 and earlier allows remote attackers to perform privileged actions as administrators, as demonstrated using the delete action in wp-admin/post.php. NOTE: this issue can be leveraged to perform cross-site scripting X...

6.8CVSS6.7AI score0.07315EPSS
Exploits1
Rows per page
Query Builder