Directory traversal

Directory traversal vulnerability in the JExtensions JE Section/Property Finder jesectionfinder component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Online Photo Pro 2.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter...

Joomla Health & Fitness Stats Persistent XSS Vulnerability

Exploit for php platform in category web applications ========================================================== Joomla Health & Fitness Stats Persistent XSS Vulnerability ==========================================================...

Joomla EasyBlog Persistent XSS Vulnerability

Exploit for php platform in category web applications ============================================ Joomla EasyBlog Persistent XSS Vulnerability ============================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, ...

Joomla! Component EasyBlog - Persistent Cross-Site Scripting

Name : Joomla EasyBlog Persistent XSS Vulnerability Date : july 12,2010 Critical Level : HIGH vendor URL :http://stackideas.com/products/easyblog.html Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd CruSad3r,MaYur,MA1201,KeDar,Sonic,gunslinger greetz to...

CVE-2010-2680

The CVE-2010-2680 issue affects Joomla! via the JExtensions JE Section/Property Finder (jesectionfinder) component, described as a directory traversal (Local File Inclusion) vulnerability. An attacker can exploit the view parameter to index.php to include and execute arbitrary local files. Exploi...

CVE-2010-2680

Directory traversal vulnerability in the JExtensions JE Section/Property Finder jesectionfinder component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php...

CVE-2009-4934

Cross-site scripting XSS vulnerability in index.php in Online Photo Pro 2.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter...

Sijio Community Software - SQL Injection / Persistent Cross-Site Scripting

I'm SiD3^effects member from Inj3ct0r Team Support e-mail : submitatinj3ct0r.com Name : Sijio Community Software SQLi/Persistent XSS Vulnerability Date : july, 7 2010 Critical Level : HIGH Vendor Url : http://www.sijio.com/ Google Dork: © Powered by sijio - Community Software Author : Sid3^effect...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 tipo or 2 destino parameter to loginregistrese.php3 in the Services section, 3 the rubro parameter to precios.php3 in the Products section, 4...

Joomla JE Section Finder Local File Inclusion

================================================ Joomla jesectionfinder LFI Vulnerability ================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //...

Joomla Joomdocs Cross Site Scripting

======================================= Joomla comjoomdocs XSS Vulnerability ======================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database...

Joomla Component com_joomdocs XSS Vulnerability

Exploit for php platform in category web applications =============================================== Joomla Component comjoomdocs XSS Vulnerability =============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0...

CVE-2010-1932

Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap MBM file with a Paint Data Section that contains a malformed Encoding field...

Heap overflow

Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute arbitrary code via a MultiBitMap MBM file with a Paint Data Section that contains a malformed Encoding field...

SchoolMation 2.3 SQL Injecton / Cross Site Scripting

==================================================== SchoolMation Version 2.3 SQLi and XSS Vulnerability ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //...

Unfixed XSS vulnerability at www.paktribune.com

Security researcher malwarrior, has submitted on 06/10/2010 a cross-site-scripting XSS vulnerability affecting www.paktribune.com, which at the time of submission ranked 87624 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/12/2011. It is...

SchoolMation 2.3 - SQL Injection Cross-Site Scripting

SchoolMation 2.3 - SQL Injection Cross-Site Scripting ==================================================== SchoolMation Version 2.3 SQLi and XSS Vulnerability ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /...

SchoolMation 2.3 - SQL Injection / Cross-Site Scripting

==================================================== SchoolMation Version 2.3 SQLi and XSS Vulnerability ==================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //...

Simple to Use Property Management System SQLi & XSS Vulnerability

Exploit for php platform in category web applications ================================================================= Simple to Use Property Management System SQLi & XSS Vulnerability ================================================================= Author: L0rd CrusAd3r aka VSN email protected...