bbPress 1.0.2 Cross Site Request Forgery

: Software : bbPress v 1.0.2 CSRF : site : www.bbpress.org : date : 29/6/2010 : Author : saudi0hacker : Date : May 25, 2010 : Type : CSRF : Greetz to : pr.al7rbi : so busy : evil-ksa : Dr.dakota : v4-team.com admin Key Master Hotmail: Free, trusted and rich email service...

bbPress v1.0.2 Cross-Site Request Forgery

No description provided by source. : Software : bbPress v 1.0.2 CSRF : site : www.bbpress.org : Author : saudi0hacker : Date : May 25, 2010 : Type : CSRF : Greetz to : pr.al7rbi : so busy : evil-ksa : Dr.dakota : v4-team.com html body onload=\"document.forms\'Login\'.submit;\" form...

CVE-2010-2508

SQL injection vulnerability in user-profile.php in 2daybiz Video Community Portal Script allows remote attackers to execute arbitrary SQL commands via the userid parameter...

Sql injection

SQL injection vulnerability in user-profile.php in 2daybiz Video Community Portal Script allows remote attackers to execute arbitrary SQL commands via the userid parameter...

CVE-2010-2508

CVE-2010-2508 describes a SQL injection in the 2daybiz Video Community Portal Script, specifically in the file user-profile.php, where the userid parameter can be manipulated by an attacker to execute arbitrary SQL commands. The vulnerability is documented across multiple sources (NVD, Red Hat ad...

CVE-2010-2508

SQL injection vulnerability in user-profile.php in 2daybiz Video Community Portal Script allows remote attackers to execute arbitrary SQL commands via the userid parameter...

2daybiz Video Community Portal SQL Injection

$------------------------------------------------------------------------------------------------------------------- $ 2daybiz Video Community portal"user-profile.php" SQL injection $ Author : Sangteamtham $ Home : Hcegroup.net $ Download :http://www.2daybiz.com/videocommunityportalscript.html $...

2DayBiz Video Community Portal - 'user-profile.php' SQL Injection

$------------------------------------------------------------------------------------------------------------------- $ 2daybiz Video Community portal"user-profile.php" SQL injection $ Author : Sangteamtham $ Home : Hcegroup.net $ Download :http://www.2daybiz.com/videocommunityportalscript.html $...

CVE-2009-4894

Multiple cross-site scripting XSS vulnerabilities in profile.php in PunBB before 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 password or 2 e-mail...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in profile.php in PunBB before 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 password or 2 e-mail...

CVE-2009-4894

Multiple cross-site scripting XSS vulnerabilities in profile.php in PunBB before 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the 1 password or 2 e-mail...

CVE-2009-4894

PunBB contains multiple XSS vulnerabilities in profile.php prior to version 1.3.4 that allow remote attackers to inject arbitrary scripts via the (1) password or (2) e-mail fields. Red Hat/NVD references confirm the same issue; remediation guidance in the sources is to upgrade to PunBB 1.3.4 or l...

PHPWind 6.0 multiple cross-site scripting vulnerability-vulnerability warning-the black bar safety net

PHPWind is a domestic of the more popular PHP-based Web forum application. PHPWind 在 访客 注销 时 没有 正确 的 过滤 提交 给 hack.php and search.php and read.php and post.php and thread.php and profile.php and sort.php and message.php and userpay. php, etc. page of request parameters, a remote attacker can submi...

PHPWind 6.0 Cross Site Scripting

I found the PHPWind v6.0 just filter the xss code when the visitors login in, but it doesnt do it when login off. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This flaw makes its all the parameters...

Unfixed XSS vulnerability at www.iwdp.co.uk

Security researcher Gamoscu, has submitted on 15/03/2010 a cross-site-scripting XSS vulnerability affecting www.iwdp.co.uk, which at the time of submission ranked 2341561 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/07/2010. It is current...

CVE-2009-4673

CVE-2009-4673 concerns a SQL injection in profile.php of the Mole Group Adult Portal Script, exploitable via the user_id parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands (impact: partial confidentiality, integrity, and availability according to NVD). Public r...

phpMDJ 1.0.3 SQL Injection

,------------------------, Author : k4cp3r/Ablus ^ Date : 05.01.2010 ^ '------------------------' ,--------------------------------------------------------------, Vulnerable Script : phpMDJ 1.0.3 \ Download : http://www.weboac.be/phpmdj/docs/phpmdj1.0.3.zip \ Vulnerability : Remote Sql Injection ...

phpMDJ 1.0.3 SQL Injection Vulnerability

Exploit for unknown platform in category web applications ======================================== phpMDJ 1.0.3 SQL Injection Vulnerability ======================================== ,--------------------------------------------------------------, Vulnerable Script : phpMDJ 1.0.3 \ Download :...

phpMDJ 1.0.3 - SQL Injection

,--------------------------------------------------------------, Vulnerable Script : phpMDJ 1.0.3 \ Download : http://www.weboac.be/phpmdj/docs/phpmdj1.0.3.zip \ Vulnerability : Remote Sql Injection \ '--------------------------------------------------------------'...

phpMDJ 1.0.3 - SQL Injection

phpMDJ 1.0.3 - SQL Injection ,--------------------------------------------------------------, Vulnerable Script : phpMDJ 1.0.3 \ Download : http://www.weboac.be/phpmdj/docs/phpmdj1.0.3.zip \ Vulnerability : Remote Sql Injection \ '--------------------------------------------------------------'...