6 matches found
CVE-2009-0707
SQL injection vulnerability in admin/index.php in PowerClan 1.14a allows remote attackers to execute arbitrary SQL commands via the loginemail parameter aka login field. NOTE: some of these details are obtained from third party information...
PowerClan 1.14a SQL Injection
...:::::PowerClan 1.14a Auth Bypass SQL Injection Vulnerability::::.... Virangar Security Team www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz greetz:to my best friend in the...
PowerClan 1.14a - Authentication Bypass
PowerClan 1.14a - Authentication Bypass ...:::::PowerClan 1.14a Auth Bypass SQL Injection Vulnerability::::.... Virangar Security Team www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all...
CVE-2006-6715
PHP remote file inclusion vulnerability in footer.inc.php in PowerClan 1.14a and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the settingsfooter parameter...
EUVD-2006-6698
PHP remote file inclusion vulnerability in footer.inc.php in PowerClan 1.14a and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the settingsfooter parameter...
CVE-2006-6715
PowerClan 1.14a and earlier is affected by a PHP remote file inclusion in footer.inc.php. The root cause is a user-controllable URL passed via the settings[footer] parameter when register_globals is enabled, allowing remote attackers to execute arbitrary PHP code. This vulnerability can enable co...