SkaLinks 1.5 - 'register.php' Arbitrary Add Editor

|| || | || o,7 || . o7 || 4||| ow, : / / . SQL Injection Found by ::: mr.al7rbi Contact ::: n16 at live.com my Group ::: mr.al7rbi team Title: SkaLinks - Link Exchange Script d0rk: 2005. Powered by SkaLinks - Link Exchange Script DESCRIPTION: add admin EXPLOITS:...

SkaLinks 1.5 - register.php Arbitrary Add Editor

SkaLinks 1.5 - register.php Arbitrary Add Editor || || | || o,7 || . o7 || 4||| ow, : / / . SQL Injection Found by ::: mr.al7rbi Contact ::: n16 at live.com my Group ::: mr.al7rbi team Title: SkaLinks - Link Exchange Script d0rk: 2005. Powered by SkaLinks - Link Exchange Script DESCRIPTION: add...

Unfixed XSS vulnerability at www.theshiznit.co.uk

Security researcher PaPPy, has submitted on 09/11/2008 a cross-site-scripting XSS vulnerability affecting www.theshiznit.co.uk, which at the time of submission ranked 254247 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 10/11/2008. It is...

Unfixed XSS vulnerability at www.ultimatexchange.net

Security researcher PaPPy, has submitted on 08/11/2008 a cross-site-scripting XSS vulnerability affecting www.ultimatexchange.net, which at the time of submission ranked 7394931 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/09/2009. It is...

Unfixed XSS vulnerability at www.hitmanslife.com

Security researcher PaPPy, has submitted on 08/07/2008 a cross-site-scripting XSS vulnerability affecting www.hitmanslife.com, which at the time of submission ranked 125464 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/07/2008. It is...

Owl Intranet Engine register.php跨站脚本执行漏洞

BUGTRAQ ID: 30410 CVECAN ID: CVE-2008-3100 Owl Intranet Engine是一种用于多用户维护知识库的基于Web软件。 Owl Intranet Engine没有正确地验证提交给register.php文件输入参数，允许远程攻击者通过提交恶意请求执行跨站脚本攻击。 Owl Intranet Engine = 0.95 Owl --- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://owl.cvs.sourceforge.net/checkout/owl/owl-0.90/lib/owl.lib.php...

Sql injection

SQL injection vulnerability in register.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely...

CVE-2008-3359

SQL injection vulnerability in register.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely...

CVE-2008-3359

SQL injection vulnerability in register.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely...

CVE-2008-3100

Cross-site scripting XSS vulnerability in lib/owl.lib.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter in a getpasswd action to register.php...

Cross site scripting

Cross-site scripting XSS vulnerability in lib/owl.lib.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter in a getpasswd action to register.php...

CVE-2008-3100

Cross-site scripting XSS vulnerability in lib/owl.lib.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter in a getpasswd action to register.php...

CVE-2008-3359

SQL injection vulnerability in register.php in Steve Bourgeois and Chris Vincent Owl Intranet Knowledgebase 0.95 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: the provenance of this information is unknown; the details are obtained solely...

CVE-2008-3359

CVE-2008-3359 describes a SQL injection vulnerability in register.php of the Owl Intranet Knowledgebase (version 0.95 and earlier). The underlying issue allows remote attackers to execute arbitrary SQL commands through the username parameter. The vulnerability is documented across multiple source...

esyndicat-xss.txt

eSyndiCat Directory Software Pro 2.2 XSS - Cross-Site Scripting Vulnerability - Vendor : www.esyndicat.com - Platform : PHP - Discovered : by Fugitif My vulnerability is on "register.php" and works this way : http://www.site.com/register.php where...

Unfixed XSS vulnerability at bec.msoe.edu

Security researcher PaPPy, has submitted on 07/05/2008 a cross-site-scripting XSS vulnerability affecting bec.msoe.edu, which at the time of submission ranked 56477 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/05/2008. It is currently...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in 427BB 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to a register.php, b reminder.php, and c search.php; the 2 uname, 3 email, and 4 email2 parameters to register.php; the 5 email parameter to...

427BB 2.3.1 (SQL/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ===================================================== 427BB 2.3.1 SQL/XSS Multiple Remote Vulnerabilities ===================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...

427bb 2.3.1 - SQL Injection / Cross-Site Scripting

============================================================ 427BB 2.3.1 SQL/XSS Multiple Remote Vulnerabilities ============================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

426bb-sqlxss.txt

============================================================ 427BB 2.3.1 SQL/XSS Multiple Remote Vulnerabilities ============================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...