Sql injection

Multiple SQL injection vulnerabilities in index.php in ProfileCMS 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter in a 1 codes action in the profile-codes module, 2 videos action in the video-codes module, or 3 games action in the arcade-games module...

ProfileCMS 1.0 - 'id' SQL Injection

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV84$2007 ----------------------------------------------------------------------------------------- ECHOADV84$2007 ProfileCMS = 1.0 Remote SQL Injection Vulnerability...

Unrestricted file upload

Unrestricted file upload vulnerability in the profiles script in ProfileCMS 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving creation of a profile...

ProfileCMS 1.0 Remote File Upload Vulnerability Shell Upload Exploit

No description provided by source. ProfileCMS v1.0 Shell Upload Exploit Demo : http://slrate.com/ You can direct upload PHP shell instead of image while creating profile at this script, For example http://slrate.com/profiles here you can direct upload shell instead of images. Dorks : "Total...