80 matches found
EUVD-2009-2885
Malware in sbrugna...
EUVD-2009-4935
Malware in sbrugna...
EUVD-2006-2588
Malware in sbrugna...
ourvideo CMS 9.5 rss.php lfi Vulnerabilities
No description provided by source...
Sql injection
Multiple SQL injection vulnerabilities in Web Reference Database aka refbase through 0.9.6 allow remote attackers to execute arbitrary SQL commands via 1 the where parameter to rss.php or 2 the sqlQuery parameter to search.php, a different issue than CVE-2015-7382...
Article Script 1.6.3 RSS.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20929/info Article Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromis...
Plume CMS 1.0.4 rss.php _PX_config[manager_path] Parameter Remote File Inclusion
No description provided by source...
Loggix Project <= 9.4.5 - Multiple Remote File Include Vulnerability
No description provided by source. In The Name Of Allah Loggix Project = 9.4.5 Multiple Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/loggix/files/ Author : cr4wl3r Contact : cr4wl3r4tlinuxmaildotorg Location : Gorontalo - INDONESIA Blog :...
totalcalendar 2.4 (bsql/lfi) Multiple Vulnerabilities
No description provided by source. / | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || TotalCalendar 2.4 bSQL/LFI Multiples Remote Vulnerability Discovered By : Moudi Contact : [email protected]...
CVE-2013-2643
Multiple cross-site scripting XSS vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inject arbitrary web script or HTML via the 1 xss parameter in an allow action to rss.php, 2 msg parameter to end-user/errdoc.php, 3 h parameter to end-user/ftpredirect.php, or 4...
ThinkSaas 1.98 /app/group/action/rss.php SQL注入漏洞
No description provided by source...
NTG Haber Yazilim 1 SQL Injection
Exploit Title; NTG Haber Yazilim v1 - SQL Injection Vulnerability Date ; 14/03/12 Author ; 3spi0n Script Vendor ; www.netgenel.net/index/1/ntg-haber-yazilimi-v1.html Script Demo ; http://www.netgenel.net/v1/anasayfa.php Category ; Webapps Type ; Sql Injection Tested on ; Ubuntu / Win7 Script...
CVE-2012-0999
SQL injection vulnerability in modules/news/rss.php in LEPTON before 1.1.4 allows remote attackers to execute arbitrary SQL commands via the groupid parameter...
KaiBB 2.0.1 - SQL Injection
Advisory: KaiBB 2.0.1 XSS and SQL Injection vulnerabilities Advisory ID: SSCHADV2011-027 Author: Stefan Schurtz Affected Software: Successfully tested on KaiBB 2.0.1 Vendor URL: http://code.google.com/p/kaibb/ Vendor Status: informed CVE-ID: - ========================== Vulnerability Description:...
CVE-2011-1062
Multiple cross-site scripting XSS vulnerabilities in include/html/header.php in TaskFreak! 0.6.4 allow remote attackers to inject arbitrary web script or HTML via the 1 sContext, 2 sort, 3 dir, and 4 show parameters in a save action to index.php; the 5 dir and 6 show parameters to printlist.php;...
TaskFreak! 0.6.4 - Multiple Cross-Site Scripting Vulnerabilities
TaskFreak! v0.6.4 Multiple Cross-Site Scripting Vulnerabilities Vendor: Stan Ozier Product web page: http://www.taskfreak.com Affected version: 0.6.4 multi-user Summary: TaskFreak! Original is a simple but efficient web based task manager written in PHP. Desc: TaskFreak! suffers from multiple XSS...
CVE-2010-3713
rss.php in UseBB before 1.0.11 does not properly handle forum configurations in which a user has the view permission but not the read permission, which allows remote attackers to bypass intended access restrictions by reading a forum feed in combination with a topic feed...
Design/Logic Flaw
rss.php in UseBB before 1.0.11 does not properly handle forum configurations in which a user has the view permission but not the read permission, which allows remote attackers to bypass intended access restrictions by reading a forum feed in combination with a topic feed...
CVE-2010-3713
rss.php in UseBB before 1.0.11 does not properly handle forum configurations in which a user has the view permission but not the read permission, which allows remote attackers to bypass intended access restrictions by reading a forum feed in combination with a topic feed...
CVE-2009-4973
SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows remote attackers to execute arbitrary SQL commands via the selectedCal parameter in a SwitchCal action...