CsForum v0.8 - Cross Site Scripting Vulnerability

Document Title: =============== CsForum v0.8 - Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=496 Release Date: ============= 2012-04-04 Vulnerability Laboratory ID VL-ID: ==================================== 496 Produ...

PHPWind 6.0 multiple cross-site scripting vulnerability-vulnerability warning-the black bar safety net

PHPWind is a domestic of the more popular PHP-based Web forum application. PHPWind 在 访客 注销 时 没有 正确 的 过滤 提交 给 hack.php and search.php and read.php and post.php and thread.php and profile.php and sort.php and message.php and userpay. php, etc. page of request parameters, a remote attacker can submi...

PHPWind 6.0 Cross Site Scripting

I found the PHPWind v6.0 just filter the xss code when the visitors login in, but it doesnt do it when login off. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This flaw makes its all the parameters...

Sql injection

SQL injection vulnerability in read.php in Flashlight Free Edition allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2009-4204

SQL injection vulnerability in read.php in Flashlight Free Edition allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2009-4204

SQL injection vulnerability in read.php in Flashlight Free Edition allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2009-4204

Flashlight Free Edition is affected by a remote SQL injection in the read.php handler, exploitable via the id parameter. The issue is described as allowing an attacker to execute arbitrary SQL commands and is associated with the vulnerability entry CVE-2009-4204. Public references (e.g., Exploit-...

CVE-2009-3750

SQL injection vulnerability in read.php in ToyLog 0.1 allows remote attackers to execute arbitrary SQL commands via the idm parameter...

Sql injection

SQL injection vulnerability in read.php in ToyLog 0.1 allows remote attackers to execute arbitrary SQL commands via the idm parameter...

CVE-2009-3750

CVE-2009-3750 is a confirmed SQL injection vulnerability in ToyLog 0.1, exploitable via read.php through the idm parameter. The NVD entry describes remote arbitrary SQL execution with a CVSS v2 base score of 7.5 (HIGH), indicating partial confidentiality, integrity, and availability impact. Conne...

Flashlight Free Edition Local File Inclusion / SQL Injection

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Flashlight Free Edition - LFI/SQL Multiple Remote Vul XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX RATM: "All hell can't stop us now!" XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --Author : k4m1k451 --E-mail :...

Flashlight Free Edition (LFI/SQL) Multiple Remote Vulnerabilities

No description provided by source. XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Flashlight Free Edition - LFI/SQL Multiple Remote Vul XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX RATM: "All hell can't stop us now!" XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX...

flashlight free edition - Local File Inclusion SQL Injection

flashlight free edition - Local File Inclusion SQL Injection XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Flashlight Free Edition - LFI/SQL Multiple Remote Vul XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX RATM: "All hell can't stop us now!"...

BlogMan 0.45 Multiple Vulnerabilities

Salvatore "drosophila" Fresta Application: BlogMan http://sourceforge.net/projects/blogman/ Version: 0.45 Bug: Multiple SQL Injection Authentication Bypass Privilege Escalation Exploitation: Remote Date: 1 Mar 2009 Discovered by: Salvatore "drosophila" Fresta Author: Salvatore "drosophila" Fresta...

SebracCMS 0.4 - Multiple SQL Injections

SebracCMS 0.4 - Multiple SQL Injections Name: SebracCMS Webiste: http://www.sebrac.netsons.org/cms/ Vulnerability type: SQL Injection Author: shinmai, 2008-06-28 Description: SebracCMS contains two major SQL injection vulnerabilities: Unsanitazed POST-variables in SQL queries when logging users i...

SebracCMS <= 0.4 Multiple SQL Injection Vulnerabilities

No description provided by source. Name: SebracCMS Webiste: http://www.sebrac.netsons.org/cms/ Vulnerability type: SQL Injection Author: shinmai, 2008-06-28 Description: SebracCMS contains two major SQL injection vulnerabilities: Unsanitazed POST-variables in SQL queries when logging users in. Th...

SebracCMS <= 0.4 Multiple SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ======================================================= SebracCMS = 0.4 Multiple SQL Injection Vulnerabilities ======================================================= Name: SebracCMS Webiste: http://www.sebrac.netsons.org/cms/ Vulnerabilit...

Sql injection

SQL injection vulnerability in read.php in Advanced Links Management ALM 1.5.2 allows remote attackers to execute arbitrary SQL commands via the catId parameter...

CVE-2008-2529

SQL injection vulnerability in read.php in Advanced Links Management ALM 1.5.2 allows remote attackers to execute arbitrary SQL commands via the catId parameter...

PHP Visit Counter &lt;= 0.4 (datespan) SQL Injection Vulnerability

No description provided by source. PHP Visit Counter = 0.4 - SQL Injection Vulnerability Vulnerability discovered by: LidlosesAuge Greetz to: -=Player=- , Suicide, g4ms3, enco, GPM, Free-Hack, Ciphercrew, h4ck-y0u Date: &nb...