633 matches found
AlstraSoft AskMe Pro <= 2.1 - Multiple SQL Injection Vulnerabilities
No description provided by source. -+================================================================================+- -+ AlstraSoft AskMe Pro = 2.1 SQL Injection Vulnerabilitys +- -+================================================================================+- Discovered By: t0pP8uZz...
TinyPHP Forum <= 3.6 (profile.php) Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl $App : TinyPHP forum = 3.6 Remote Command Execution Exploit $Bug : http://tinyphp/profile.php?action=view&uname=../afile%00 $IHST: h4ckerz.com / hackerz.ir / aria-security.net coded By Hessam-x Hessamx -at- Hessamx.net use IO::Socket; use...
Chamilo LMS 1.9.6 (profile.php, password0 param) - SQL Injection
No description provided by source...
OvBB 0.x profile.php userid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15566/info OvBB is prone to multiple SQL injection vulnerabilities. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit...
PHP-post Web Forum 0.x.1.0 profile.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/20061/info PHP-Post is prone to multiple input-validation vulnerabilities, including multiple cross-site scripting, SQL-injection, and remote file-include issues, because the application fails to sanitize user-supplied...
XennoBB 2.1 Profile.PHP Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/19374/info XennoBB is prone to multiple SQL injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful attack could allow an attacker to compromise th...
VBulletin 3.0/3.5 Profile.PHP Email Field HTML Injection Vulnerability
No description provided by source...
RedCMS 0.1 profile.php u Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17336/info RedCMS is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. The application is prone to HTML-injection and...
phpMDJ 1.0.3 - SQL Injection Vulnerability
No description provided by source. ,--------------------------------------------------------------, Vulnerable Script : phpMDJ 1.0.3 \ Download : http://www.weboac.be/phpmdj/docs/phpmdj1.0.3.zip \ Vulnerability : Remote Sql Injection ...
webSPELL <= 4.01.02 Multiple Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV3 print \n \'/ ; print \n -.- ; print \n -------------------oOO------OOo--------------------; print \n | webSPELL = v4.01.02 Multiple Remote SQL Injection |; print \n | coded by DNX |; print \n...
VBZoom 1.11 Profile.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19803/info VBZooM is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...
phpauctionsystem (xss/sql) Multiple Vulnerabilities
No description provided by source. PHPAuctionSystem Author:x0r Email:[email protected] Cms:PhpAuctionSystemvnew Cmsprice:$59.99 Demo:http://www.phpauctions.info/demo/ BugIn:\profile.phpBlind\Normal Sql Injection ExploitBlind: profile.php?userid=29%20and%20substring@@version,1,1=5--...
PHPBB 2.0.x Profile.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13344/info phpBB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...
Extcalendar <= 2 (profile.php) Remote User Pass Change Exploit
No description provided by source. form name=userform action=http://target/register.php method=post input name=step type=hidden value=regform tr td class='tableh2' colspan='2'Account Information/td /tr tr td class='tableb' width='160'Username/td td class='tableb' /td /tr tr td class='tableb'...
eFront 3.6.14.4 profile.php 跨站脚本漏洞
No description provided by source...
CVE-2014-1877
Multiple cross-site scripting XSS vulnerabilities in Dokeos 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 Phone, 2 Street, 3 Address line, 4 Zip code, or 5 City field to main/auth/profile.php; 6 Subject field to main/social/groups.php; or 7 Message body field to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Dokeos 2.1.1 allow remote attackers to inject arbitrary web script or HTML via the 1 Phone, 2 Street, 3 Address line, 4 Zip code, or 5 City field to main/auth/profile.php; 6 Subject field to main/social/groups.php; or 7 Message body field to...
Chamilo LMS 1.9.6 (profile.php, password0 param) - SQL Injection Vulnerability
Exploit for php platform in category web applications High-Tech Bridge Security Research Lab discovered vulnerability in Chamilo LMS, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in Chamilo LMS: CVE-2013-6787 The vulnerability exists due to insufficient validation of...
Chamilo LMS 1.9.6 SQL Injection Vulnerability
Chamilo LMS version 1.9.6 suffers from a remote SQL injection vulnerability. Vendor: Chamilo Association Vulnerable Versions: 1.9.6 and probably prior Tested Version: 1.9.6 Advisory Publication: November 6, 2013 without technical details Vendor Notification: November 6, 2013 Vendor Patch: Novembe...
Blizard BB 1.7 SQL Injection Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...