myPHPNuke 1.8.8 reviews.php letter Parameter XSS

No description provided by source. !/usr/bin/env python coding: utf-8 from urlparse import urljoin from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '80921' ssvid version = '1.0' author = 'Disorder' vulDate =...

xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection "reviews.php"

No description provided by source. / / / / / / / / / / // / / / / ///// // Exploit Title: xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection reviews.php Date: 2010-09-18 Author: secret Contact : [email protected] / ICQ : 17-33-77 Site : swissfaking.net/board Software Link:...

xt:Commerce Gambio 2008-2010 ERROR Based (reviews.php) SQL Injection

Exploit for php platform in category web applications ====================================================================== xt:Commerce Gambio 2008 - 2010 ERROR Based reviews.php SQL Injection ====================================================================== Exploit Title: xt:Commerce Gambi...

xt:Commerce Gambio 2008 - 2010 SQL Injection

/ / / / / / / / / / // / / / / ///// // Exploit Title: xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection "reviews.php" Date: 2010-09-18 Author: secret Contact : [email protected] / ICQ : 17-33-77 Site : swissfaking.net/board Software Link: http://www.gambio.de/ Version: 2006 - 2008...

xt:Commerce Gambio 2008 < 2010 - 'reviews.php' Error-Based SQL Injection

/ / / / / / / / / / // / / / / ///// // Exploit Title: xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection "reviews.php" Date: 2010-09-18 Author: secret Contact : [email protected] / ICQ : 17-33-77 Site : swissfaking.net/board Software Link: http://www.gambio.de/ Version: 2006 - 2008...

xt:Commerce Gambio 2008 2010 - reviews.php Error-Based SQL Injection

xt:Commerce Gambio 2008 2010 - reviews.php Error-Based SQL Injection / / / / / / / / / / // / / / / ///// // Exploit Title: xt:Commerce Gambio 2008 - 2010 ERROR Based SQL Injection "reviews.php" Date: 2010-09-18 Author: secret Contact : [email protected] / ICQ : 17-33-77 Site :...

Sql injection

Multiple SQL injection vulnerabilities in Tourism Script Accommodation Hotel Booking Portal Script allow remote attackers to execute arbitrary SQL commands via the hotelid parameter to 1 hotel.php, 2 details.php, 3 roomtypes.php, 4 photos.php, 5 map.php, 6 weather.php, 7 reviews.php, and 8 book.p...

Sql injection

Multiple SQL injection vulnerabilities in iGaming 1.5 and earlier allow remote attackers to execute arbitrary SQL commands via the browse parameter to 1 previews.php and 2 reviews.php, and the 3 id parameter to index.php in a viewarticle action...

CVE-2007-6164

Multiple SQL injection vulnerabilities in Eurologon CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 reviews.php, 2 links.php and 3 articles.php...

CVE-2006-2979

Multiple cross-site scripting XSS vulnerabilities in ViArt Shop Free 2.5.5, and possibly other distributions including Light, Standard, and Enterprise, allow remote attackers to inject arbitrary web script or HTML via the 1 forumid parameter in forum.php, which is not properly handled in...

CVE-2005-1803

CVE-2005-1803 affects Net Portal Dynamic System (NPDS) 5.0. The description lists multiple XSS vectors: via the language parameter to admin.php or powerpack_f.php; the sitename parameter to sdv_infos.php; the categories parameter to faq.php; the lettre parameter to the glossaire module; the title...

CVE-2005-1803

Multiple cross-site scripting XSS vulnerabilities in Net Portal Dynamic System NPDS 5.0 allow remote attackers to inject arbitrary web script or HTML via the language parameter to 1 admin.php, or 2 powerpackf.php, 3 the sitename parameter to sdvinfos.php, 4 the categories parameter to faq.php, 5...

Another bug in phpNuke

Yes, i have found some bugs also... You can execute artibility mysql statments in many of its different scripts... reviews.php for example.. The parmenter with the id reviews.php?id=blah think doesn't check... so you can simply do reviews.php?id=12345 or ........ blah blah blah I don't think its...