967 matches found
[Full-disclosure] Remote Sql Injection in EasyMoblog 0.5.1 # 2
·= Security Advisory =· Issue: Sql injection Vulnerability in EasyMoblog by Umberto Caldera. Discovered Date: 30/01/07 Author: Tal Argoni, LegendaryZion. talargoni at gmail.com Product Vendor: http://sourceforge.net/project/showfiles.php?groupid=88633 Ver: easymoblog-0.5.1 Details: EasyMoblog is...
CVE-2006-6773
pages/register/register.php in Fishyshoop 0.930 beta allows remote attackers to create arbitrary administrative users by setting the isadmin HTTP POST parameter to 1...
NoahsClassifieds.txt
Noah's Classifieds is prone to a Cross Site Scripting Vulnerability, due to a failure in the application to properly sanitize the "frommethod" POST parameter in "index.php" : alert'XSS Vulnerable';" Advisory: http://zone14.free.fr/advisories/5/ --Raphael HUCK...
Noah's Classifieds Cross Site Scripting Vulnerability
Noah's Classifieds is prone to a Cross Site Scripting Vulnerability, due to a failure in the application to properly sanitize the "frommethod" POST parameter in "index.php" : html body form method="POST" enctype="multipart/form-data" action="http://www.example.com/classifieds/index.php" input...
CVE-2006-3267
SQL injection vulnerability in index.php in Infinite Core Technologies ICT 1.0 Gold and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter...
Sql injection
SQL injection vulnerability in editpost.php in CoolForum 0.8.3 beta and earlier allows remote attackers to execute arbitrary SQL commands via the post parameter...
PT-2006-1442 · Rcblog · Rcblog
Name of the Vulnerable Software and Affected Versions: RCBlog version 1.03 Description: A directory traversal issue exists, allowing remote attackers to read arbitrary .txt files by using a .. dot dot in the post parameter of the index.php file. This could potentially include accessing a file tha...