CVE-2008-5668

Multiple cross-site scripting XSS vulnerabilities in Textpattern aka Txp CMS 4.0.5 allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to setup/index.php or 2 the name parameter to index.php in the comments preview section...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Textpattern aka Txp CMS 4.0.5 allow remote attackers to inject arbitrary web script or HTML via 1 the PATHINFO to setup/index.php or 2 the name parameter to index.php in the comments preview section...

Availscript Classmate File Upload

Availscript Classmate Script Remote File Upload Vulnerability ---------------------------------------------------------- Discovered By: S.W.A.T. [email protected] Home: www.batlagh.com Script Page: http://www.availscript.com/classmatescript.php...

Availscript Classmate Script Remote File Upload Vulnerability

Exploit for unknown platform in category web applications ============================================================= Availscript Classmate Script Remote File Upload Vulnerability ============================================================= Availscript Classmate Script Remote File Upload...

Social Groupie SQL Injection

|| || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

Social Groupie - create_album.php Arbitrary File Upload

Social Groupie - createalbum.php Arbitrary File Upload || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | |...

Social Groupie - 'create_album.php' Arbitrary File Upload

|| || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

Cross site scripting

Cross-site scripting XSS vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter...

CVE-2008-5271

Cross-site scripting XSS vulnerability in index.php in Fred Stuurman SyndeoCMS 2.6.0 allows remote attackers to inject arbitrary web script or HTML via the section parameter...

Unfixed XSS vulnerability at www.sparkfun.com

Security researcher SaMTHG, has submitted on 23/10/2008 a cross-site-scripting XSS vulnerability affecting www.sparkfun.com, which at the time of submission ranked 30494 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/09/2009. It is currentl...

ParsaWeb CMS (Search) Remote SQL Injection Vulnerability

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: ParsaWeb CMS SQL Injection Vendor: http://www.parsagostar.com Demo: http://cms.parsagostar.com/ Exploit: Available Impact: High Fix: N/A Original advisory: http://www.bugreport.ir/index53.htm 1. Descriptio...

CVE-2008-4194

The pexecquery function in src/dnsquery.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service daemon crash via a long DNS reply with many entries in the answer section, related to a "dangling pointer bug."...

CVE-2008-2818

Directory traversal vulnerability in Easy-Clanpage 3.0 b1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the section parameter to the default URI...

NiTrO Web Gallery <= 1.4.3 (section) Remote SQL Injection Vulnerability

No description provided by source. Viva IslaM Viva IslaM Remote SQL Injection Vulnerability NiTrO Web Gallery V1.3 - V1.4- V1.41 - 1.42 - V1.43 albums.php section AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM Email : [email protected] !! SYRIAN HaCkErS !! Script : NiTrO Web Gallery Versions : V1.3 - V1....

Nitro Web Gallery 1.4.3 - section SQL Injection

Nitro Web Gallery 1.4.3 - section SQL Injection Viva IslaM Viva IslaM Remote SQL Injection Vulnerability NiTrO Web Gallery V1.3 - V1.4- V1.41 - 1.42 - V1.43 albums.php section AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM Email : [email protected] !! SYRIAN HaCkErS !! Script : NiTrO Web Gallery Versions...

Family Connections CMS 1.4 - Multiple SQL Injections

Family Connections CMS 1.4 - Multiple SQL Injections ========================================================================== Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities ==========================================================================...

Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities

No description provided by source. ========================================================================== Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities ========================================================================== ,--^----------,--------,-----,-------^-...

Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ======================================================================== Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities ========================================================================...

Family Connections CMS 1.4 - Multiple SQL Injections

========================================================================== Family Connections CMS 1.4 Multiple Remote SQL Injection Vulnerabilities ========================================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...

CVE-2008-2698

Multiple cross-site scripting XSS vulnerabilities in photoadd-c.php aka the "add comment" section in WEBalbum 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 comment, 2 id, or 3 category parameter...