webalbum-xss.txt

================================================================ WEBAlbum XSS Vulnerabilities POST Variable: id POST Variable: category Greetz: ZeQ3uL, BAD $ectors, Snapter, Conan, Win7dos, JabAv0C...

Wordpress Malicious File Execution Vulnerability

========================================================== Wordpress Malicious File Execution Vulnerability ========================================================== AUTHOR : CWH Underground DATE : 18 May 2008 SITE : www.citecclub.org APPLICATION : Wordpress Blog VERSION : = 2.5.1 VENDOR :...

Sql injection

SQL injection vulnerability in the sections Section module in RunCMS allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle action...

CVE-2008-1462

SQL injection vulnerability in the sections Section module in RunCMS allows remote attackers to execute arbitrary SQL commands via the artid parameter in a viewarticle action...

CVE-2008-1462

RunCMS is affected in the sections (Section) module where an SQL injection via the artid parameter in a viewarticle action allows remote attackers to execute arbitrary SQL commands. This is evidenced across multiple sources (NVD/NVD mirror and CVE records) describing a SQL injection vulnerability...

RunCMS Module section (artid) Remote SQL Injection Vulnerability

No description provided by source. Cr@zyKing [email protected] / hackshow.us Grtz : CrackersChild - str0ke - 3php - AleminKrali - Eno7 - DreamTurk - TheBekir - Mhzr91 Runcms Module Section artid Remote Sql Ä°nj. Vuln. Example : - modules/sections/index.php?op=viewarticle&artid=Sql - Sql :...

RunCMS Module section - artid SQL Injection

RunCMS Module section - artid SQL Injection Cr@zyKing [email protected] / hackshow.us Grtz : CrackersChild - str0ke - 3php - AleminKrali - Eno7 - DreamTurk - TheBekir - Mhzr91 Runcms Module Section artid Remote Sql Ä°nj. Vuln. Example : - modules/sections/index.php?op=viewarticle&artid=Sql ...

RunCMS Module section (artid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ RunCMS Module section artid Remote SQL Injection Vulnerability ================================================================ email protectedKing Grtz : CrackersChild -...

CVE-2008-0105

Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability."...

Unfixed XSS vulnerability at www.iadb.org

Security researcher Stacker, has submitted on 02/11/2008 a cross-site-scripting XSS vulnerability affecting www.iadb.org, which at the time of submission ranked 89873 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/07/2009. It is currently...

Unfixed XSS vulnerability at emo.ru

Security researcher THEMILLER, has submitted on 02/08/2008 a cross-site-scripting XSS vulnerability affecting emo.ru, which at the time of submission ranked 975569 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/01/2009. It is currently...

webmin1390-xss.txt

Aria-Security Team Persian Security Network http://Aria-Security.Net ---------------------------------- Tested on Webmin 1.390 Cross Site Scripting This vuln was tested on Webmin as an administrator account root and it has worked on the search section file of the system. Value Inserted:...

Tested on Webmin 1.390

Aria-Security Team Persian Security Network http://Aria-Security.Net ---------------------------------- Tested on Webmin 1.390 Cross Site Scripting This vuln was tested on Webmin as an administrator account root and it has worked on the search section file of the system. Value Inserted:...

Sql injection

Multiple SQL injection vulnerabilities in PacerCMS 0.6 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to 1 siteadmin/article-edit.php; and unspecified parameters to 2 submitted-edit.php, 3 page-edit.php, 4 section-edit.php, 5 staff-edit.php, and 6...

Gradman 0.1.3 - 'info.php' Local File Inclusion

Software: Gradman = 0.1.3 HomePage: http://gradman.xe1ido.com.mx/ Software: Gradman = 0.1.3 Exploit: Local File Inclusion High Dork: "powered by Gradman" Bug Found By: Syndr0me! site: www.remoteexecution.es Where: info.php?tabla= Greetz: S4nt0!, Yubix, Xarnuz, Chame, Electr0cbax, komtec1, f34r +...

Integer overflow

Multiple buffer overflows in ACD products allow user-assisted remote attackers to execute arbitrary code via a long section string in a 1 XBM or 2 XPM file to a IDX.apl or b IDEACDStd.apl. NOTE: the PSP and LHA vectors are already covered by CVE-2007-4344 and CVE-2007-6007. NOTE: these might be...

Cross site scripting

Cross-site scripting XSS vulnerability in Fenriru 1 Sleipnir 2.5.17 R2 and earlier and 2 Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field in a search for additions to the Favorites section...

CVE-2007-6002

Cross-site scripting XSS vulnerability in Fenriru 1 Sleipnir 2.5.17 R2 and earlier and 2 Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field in a search for additions to the Favorites section...

CVE-2007-6002

Cross-site scripting XSS vulnerability in Fenriru 1 Sleipnir 2.5.17 R2 and earlier and 2 Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field in a search for additions to the Favorites section...

CVE-2007-6002

CVE-2007-6002 describes a cross-site scripting (XSS) vulnerability in Fenriru Sleipnir (≤ 2.5.17 R2) and Grani (≤ 3.0). The flaw allows remote attackers to inject arbitrary web script or HTML via the Search field when performing a search for additions to the Favorites section. The connected docum...