Sql injection

SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows remote attackers to execute arbitrary SQL commands via the selectedCal parameter in a SwitchCal action...

CVE-2009-4973

TotalCalendar 2.4 is affected by a SQL injection in rss.php, exploitable via the selectedCal parameter in a SwitchCal action. The vulnerability allows remote attackers to execute arbitrary SQL commands. CVSS v2 base score 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P). Referenced exploit appears at Exploit-DB ...

CVE-2009-4973

SQL injection vulnerability in rss.php in TotalCalendar 2.4 allows remote attackers to execute arbitrary SQL commands via the selectedCal parameter in a SwitchCal action...

CVE-2010-1093

SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action...

CVE-2010-1093

SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action...

CVE-2010-1093

CVE-2010-1093 details (MODE C): Affected product: 1024 CMS 2.1.1. The vulnerability is a SQL injection in rss.php when magic_quotes_gpc is disabled, allowing remote attackers to execute arbitrary SQL commands via the id parameter in a vp action. This is the explicit root cause described in connec...

Thelia 1.4.2.1 Cross Site Scripting

Exploit Title: Thelia Date: 17/01/2010 Author: EsSandRe Software Link: http://www.thelia.fr/fichiers/thelia1.4.2.1.zip Version: 1.4.2.1 Tested on: / Vulnérabilité XSS au niveau de la variable 'motcle' de type POST http://localhost/recherche.php Une deuxième au niveau de la variable "ref" dans le...

Bitrix Site Manager Remote File Inclusion

Author : Don Tukulesto [email protected] + Date : November 13, 2009 + Homepage : http://www.indonesiancoder.com + Vendor : http://www.bitrixsoft.com/ + Method : Remote File Inclusion + Location : INDONESIA Notes : I know this is an old bugs, but i just write this exploit under perl module...

Bitrix Site Manager Multiple Remote File Include Vulnerability

No description provided by source. + Author : Don Tukulesto [email protected] + Date : November 13, 2009 + Homepage : http://www.indonesiancoder.com + Vendor : http://www.bitrixsoft.com/ + Method : Remote File Inclusion + Location : INDONESIA Notes : I know this is an old bugs, but i just...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Loggix Project 9.4.5 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the pathToIndex parameter to 1 Calendar.php, 2 Comment.php, 3 Rss.php and 4 Trackback.php in lib/Loggix/Module/; and 5...

Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities

No description provided by source. In The Name Of Allah Loggix Project = 9.4.5 Multiple Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/loggix/files/ Author : cr4wl3r Contact : cr4wl3r4tlinuxmaildotorg Location : Gorontalo - INDONESIA Blog :...

Loggix Project <= 9.4.5 Multiple Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ====================================================================== Loggix Project = 9.4.5 Multiple Remote File Inclusion Vulnerabilities ====================================================================== In The Name Of Allah Loggix...

Loggix Project 9.4.5 - Multiple Remote File Inclusions

In The Name Of Allah Loggix Project = 9.4.5 Multiple Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/loggix/files/ Author : cr4wl3r Contact : cr4wl3r4tlinuxmaildotorg Location : Gorontalo - INDONESIA Blog : http://sh3ll4u.blogspot.com Dork : No DoRk f0R ScRipT...

CVE-2009-3190

Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the 1 search parameter to list.php and 2 cat parameter to rss.php...

Sql injection

Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the 1 search parameter to list.php and 2 cat parameter to rss.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to inject arbitrary web script or HTML via the cat parameter to 1 rss.php and 2 opml.php...

CVE-2009-3190

Multiple SQL injection vulnerabilities in PAD Site Scripts 3.6 allow remote attackers to execute arbitrary SQL commands via the 1 search parameter to list.php and 2 cat parameter to rss.php...

TotalCalendar 2.4 (bSQL/LFI) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ TotalCalendar 2.4 bSQL/LFI Multiple Remote Vulnerabilities ============================================================ / | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /|...

totalcalendar 2.4 - Blind SQL Injection / Local File Inclusion

/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || TotalCalendar 2.4 bSQL/LFI Multiples Remote Vulnerability Discovered By : Moudi Contact : Download :...

totalcalendar 2.4 - Blind SQL Injection Local File Inclusion

totalcalendar 2.4 - Blind SQL Injection Local File Inclusion / | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || TotalCalendar 2.4 bSQL/LFI Multiples Remote Vulnerability Discovered By : Moudi...