Lucene search
K

99 matches found

seebug.org
seebug.org
added 2008/08/23 12:0 a.m.11 views

NoName Script 1.0 (index.php Page) Local File Inclusion Vulnerability

No description provided by source. + NoName Script 1.0 Local File Inclusion + Discovered By SirGod + www.mortal-team.org + Greetz : E.M.I.N.E.M, Ras ,Puscasmarin,ToxicBlood,MesSiAH,xZu,HrN,kemrayz Example : http://localhost/index.php?action=../../../autoexec.bat%00 This will open autoexec.bat...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/08/22 12:0 a.m.16 views

noname-lfi.txt

NoName Script 1.0 Local File Inclusion + Discovered By SirGod + www.mortal-team.org + Greetz : E.M.I.N.E.M, Ras ,Puscasmarin,ToxicBlood,MesSiAH,xZu,HrN,kemrayz Example : http://localhost/index.php?action=../../../autoexec.bat%00 This will open autoexec.bat...

7.4AI score
Exploits0
CVE
CVE
added 2008/07/10 6:0 p.m.35 views

CVE-2008-3124

CVE-2008-3124 : A SQL injection vulnerability exists in index.php of Mole Group Hotel Script 1.0, allowing remote attackers to inject arbitrary SQL commands via the file parameter. Affected software is Mole Group Hotel Script 1.0 (index.php). The vulnerability enables partial confidentiality, int...

7.5CVSS8.4AI score0.00973EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2008/06/20 11:48 a.m.14 views

Sql injection

SQL injection vulnerability in product.detail.php in Kalptaru Infotech Comparison Engine Power Script 1.0 allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS9.1AI score0.00973EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2008/05/16 12:54 p.m.17 views

Sql injection

SQL injection vulnerability in browseproject.php in Freelance Auction Script 1.0 allows remote attackers to execute arbitrary SQL commands via the pid parameter in a pdetails action...

7.5CVSS9.1AI score0.0101EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2008/05/16 10:0 a.m.35 views

CVE-2008-2278

The CVE-2008-2278 entry concerns an SQL injection in Freelance Auction Script 1.0, exploitable via the pid parameter in a pdetails action of browseproject.php. The vulnerability enables remote attackers to execute arbitrary SQL commands and has a base CVSS v2 score of 7.5 (HIGH). Affected softwar...

7.5CVSS8.3AI score0.0101EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2008/05/16 10:0 a.m.40 views

CVE-2008-2277

CVE-2008-2277 describes an SQL injection in the web application module: a vulnerability in the file/function detail.php of the Feedback and Rating Script 1.0 . The flaw allows remote attackers to inject arbitrary SQL through the listingid parameter, potentially compromising database contents and ...

7.5CVSS8.4AI score0.0101EPSS
Exploits0References4Affected Software1
0day.today
0day.today
added 2008/04/06 12:0 a.m.25 views

Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability

Exploit for unknown platform in category web applications =============================================================== Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability ===============================================================...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/11/27 12:0 a.m.26 views

amber-lfi.txt

+By CrackersChild+ Script.......: Amber Script 1.0 Download.....: http://rapidshare.com/files/54891799/AmberScript1.0.rar Nulled Author.......: CrackersChild | [email protected] & [email protected] Class........: Local File Inclusion Demo.........:...

7.4AI score
Exploits0
CVE
CVE
added 2007/11/26 10:0 p.m.42 views

CVE-2007-6129

CVE-2007-6129 affects Amber Script 1.0, where a directory traversal flaw in scripts/include/show_content.php allows remote attackers to include and execute arbitrary local files by supplying a .. in the id parameter. In some environments, this can enable remote file inclusion via UNC share paths ...

5.8CVSS7.2AI score0.03224EPSS
Exploits0References7Affected Software1
exploitpack
exploitpack
added 2007/11/24 12:0 a.m.30 views

Amber Script 1.0 - show_content.php?id Local File Inclusion

Amber Script 1.0 - showcontent.php?id Local File Inclusion +By CrackersChild+ Script.......: Amber Script 1.0 Download.....: http://rapidshare.com/files/54891799/AmberScript1.0.rar Nulled Author.......: CrackersChild | [email protected] & [email protected] Class........: Local File...

Exploits0
0day.today
0day.today
added 2007/11/24 12:0 a.m.18 views

Amber Script 1.0 (show_content.php id) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ========================================================================= Amber Script 1.0 showcontent.php id Local File Inclusion Vulnerability ========================================================================= +By CrackersChild+...

7.1AI score
Exploits0
CVE
CVE
added 2007/11/15 10:0 p.m.44 views

CVE-2007-5997

CVE-2007-5997 describes an SQL injection vulnerability in the campaign_stats.php of Softbiz Banner Exchange Network Script 1.0. The issue allows remote authenticated users to execute arbitrary SQL commands via the id parameter. The vulnerability is documented with a Medium base score (CVSS v2: 6....

6.5CVSS7.9AI score0.00869EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2007/08/14 6:17 p.m.10 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the SERVERDOCUMENTROOT parameter in 1 poll.php and 2 pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable...

7.5CVSS8.1AI score0.01832EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2007/08/14 6:0 p.m.51 views

CVE-2007-4339

PHPCentral Poll Script 1.0 is affected by multiple PHP remote file inclusion vulnerabilities. The issue allows an attacker to execute arbitrary PHP code by supplying a URL to the _SERVER[DOCUMENT_ROOT] parameter in poll.php and pollarchive.php. The note attributes the underlying cause to a variab...

7.5CVSS7.6AI score0.01832EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2007/02/23 3:28 a.m.15 views

CVE-2006-7034

SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter...

7.5CVSS8.2AI score0.01051EPSS
Exploits0References3
CVE
CVE
added 2007/02/23 1:0 a.m.53 views

CVE-2006-7034

CVE-2006-7034 corresponds to an SQL injection in the Super Link Exchange Script 1.0, specifically via the cat parameter in directory.php. The underlying flaw is unsanitized user input in the SQL query construction, enabling remote attackers to execute arbitrary SQL commands. The CVSS v2 base scor...

7.5CVSS8.6AI score0.01051EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/02/23 1:0 a.m.46 views

CVE-2006-7033

The CVE-2006-7033 entry describes a Cross-site Scripting (XSS) vulnerability in Super Link Exchange Script 1.0. The flaw allows remote attackers to inject arbitrary web script or HTML through IMG tags in the search box. This affects the vulnerable component (the search input handling in Super Lin...

6.8CVSS5.9AI score0.01134EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2006/06/30 11:0 p.m.47 views

CVE-2006-3327

The CVE-2006-3327 entry describes a Cross-site scripting (XSS) vulnerability in the Custom dating biz dating script 1.0. The affected components are profile/mini.php (sn20_special_cases parameter, “Special Cases”), profile/photo_create.php (tyxx01_album_name parameter, “Album Name”), and admin/us...

4.3CVSS6AI score0.01275EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder