99 matches found
NoName Script 1.0 (index.php Page) Local File Inclusion Vulnerability
No description provided by source. + NoName Script 1.0 Local File Inclusion + Discovered By SirGod + www.mortal-team.org + Greetz : E.M.I.N.E.M, Ras ,Puscasmarin,ToxicBlood,MesSiAH,xZu,HrN,kemrayz Example : http://localhost/index.php?action=../../../autoexec.bat%00 This will open autoexec.bat...
noname-lfi.txt
NoName Script 1.0 Local File Inclusion + Discovered By SirGod + www.mortal-team.org + Greetz : E.M.I.N.E.M, Ras ,Puscasmarin,ToxicBlood,MesSiAH,xZu,HrN,kemrayz Example : http://localhost/index.php?action=../../../autoexec.bat%00 This will open autoexec.bat...
CVE-2008-3124
CVE-2008-3124 : A SQL injection vulnerability exists in index.php of Mole Group Hotel Script 1.0, allowing remote attackers to inject arbitrary SQL commands via the file parameter. Affected software is Mole Group Hotel Script 1.0 (index.php). The vulnerability enables partial confidentiality, int...
Sql injection
SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...
Sql injection
SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action...
CVE-2008-2278
The CVE-2008-2278 entry concerns an SQL injection in Freelance Auction Script 1.0, exploitable via the pid parameter in a pdetails action of browseproject.php. The vulnerability enables remote attackers to execute arbitrary SQL commands and has a base CVSS v2 score of 7.5 (HIGH). Affected softwar...
CVE-2008-2277
CVE-2008-2277 describes an SQL injection in the web application module: a vulnerability in the file/function detail.php of the Feedback and Rating Script 1.0 . The flaw allows remote attackers to inject arbitrary SQL through the listingid parameter, potentially compromising database contents and ...
Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability
Exploit for unknown platform in category web applications =============================================================== Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability ===============================================================...
amber-lfi.txt
+By CrackersChild+ Script.......: Amber Script 1.0 Download.....: http://rapidshare.com/files/54891799/AmberScript1.0.rar Nulled Author.......: CrackersChild | [email protected] & [email protected] Class........: Local File Inclusion Demo.........:...
CVE-2007-6129
CVE-2007-6129 affects Amber Script 1.0, where a directory traversal flaw in scripts/include/show_content.php allows remote attackers to include and execute arbitrary local files by supplying a .. in the id parameter. In some environments, this can enable remote file inclusion via UNC share paths ...
Amber Script 1.0 - show_content.php?id Local File Inclusion
Amber Script 1.0 - showcontent.php?id Local File Inclusion +By CrackersChild+ Script.......: Amber Script 1.0 Download.....: http://rapidshare.com/files/54891799/AmberScript1.0.rar Nulled Author.......: CrackersChild | [email protected] & [email protected] Class........: Local File...
Amber Script 1.0 (show_content.php id) Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ========================================================================= Amber Script 1.0 showcontent.php id Local File Inclusion Vulnerability ========================================================================= +By CrackersChild+...
CVE-2007-5997
CVE-2007-5997 describes an SQL injection vulnerability in the campaign_stats.php of Softbiz Banner Exchange Network Script 1.0. The issue allows remote authenticated users to execute arbitrary SQL commands via the id parameter. The vulnerability is documented with a Medium base score (CVSS v2: 6....
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the SERVERDOCUMENTROOT parameter in 1 poll.php and 2 pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable...
CVE-2007-4339
PHPCentral Poll Script 1.0 is affected by multiple PHP remote file inclusion vulnerabilities. The issue allows an attacker to execute arbitrary PHP code by supplying a URL to the _SERVER[DOCUMENT_ROOT] parameter in poll.php and pollarchive.php. The note attributes the underlying cause to a variab...
CVE-2006-7034
SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter...
CVE-2006-7034
CVE-2006-7034 corresponds to an SQL injection in the Super Link Exchange Script 1.0, specifically via the cat parameter in directory.php. The underlying flaw is unsanitized user input in the SQL query construction, enabling remote attackers to execute arbitrary SQL commands. The CVSS v2 base scor...
CVE-2006-7033
The CVE-2006-7033 entry describes a Cross-site Scripting (XSS) vulnerability in Super Link Exchange Script 1.0. The flaw allows remote attackers to inject arbitrary web script or HTML through IMG tags in the search box. This affects the vulnerable component (the search input handling in Super Lin...
CVE-2006-3327
The CVE-2006-3327 entry describes a Cross-site scripting (XSS) vulnerability in the Custom dating biz dating script 1.0. The affected components are profile/mini.php (sn20_special_cases parameter, “Special Cases”), profile/photo_create.php (tyxx01_album_name parameter, “Album Name”), and admin/us...