157 matches found
pyorahuolto.com XSS vulnerability
Vulnerable URL: http://www.pyorahuolto.com/taulu/show.php?n=11%22--%3E%3C/script%3E%3Csvg/onload=%27;alert%28/OPENBUGBOUNTY/%29;%27%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank...
mcGallery 'lang' Parameter Multiple Cross Site Scripting Vulnerabilities
背景: PhpForums.net mcGallery是一款网站图片管理脚本工具。 类型: xss 影响: 可注入任意web脚本或HTML 分析: PhpForums.net mcGallery 1.1版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助对 1admin.php, 2index.php, 3sess.php, 4stats.php, 5detail.php, 6resize.php, 7show.php的lang参数,注入任意web脚本或HTML。...
tsmim Lessons Library (show.php) SQL Injection
No description provided by source. =================================================================================== tsmim lessons library sql injection Vulnerabilities =================================================================================== Exploit Title: tsmim lessons library sql...
68kb multi remote file include
No description provided by source. =========================================================================== Topic : 68kb Bug type : multi remote file include Download : http://68kb.googlecode.com/files/68kb-v1.0.0rc2.zip Advisory :...
FaScript FaPhoto 1.0 - (show.php id) SQL Injection Vulnerability
No description provided by source. AUTHOR : IRCRASH Dr.Crash Script Download : http://en.fascript.com/en.faphoto.zip Injection Adress : http://Sitename/faname/show.php?id=SqL Code Help : In This Script Admin Username and Password Save in ./admin/pconfig.php You can open this file with loadfile...
gencms 2006 Multiple Vulnerabilities
No description provided by source. GenCMS http://gencms.berlios.de/ eLwauxc2009 LFI /show.php ---------------------------------------------------------------------------------------------------- 18: $param = $GET'p'; 19: ifempty$param $param = 'news'; 20: //get right page 21: //$page =...
FaScript FaPersianHack 1.0 - (show.php) SQL Injection Vulnerability
No description provided by source. FaScript FaPersianHack v1 Remote Sql Injection BY IRCRASH AUTHOR : IRCRASH Dr.Crash Script Download : http://fascript.com/fapersianhack.zip Injection Adress : http://Sitename/ph/show.php?id=SqL Code Help : In This Script Admin Username and Password Save in...
phpaaCms 0.3.1 - (show.php?id=) SQL Injection Vulnerability
No description provided by source...
FaScript FaMp3 1.0 - (show.php) Remote SQL Injection Vulnerability
No description provided by source...
GeeCarts - show.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28470/info GeeCarts is prone to multiple input-validation vulnerabilities, including remote file-include and cross-site scripting issues, because it fails to sufficiently sanitize user-supplied data. Exploiting these issu...
Palms 3.6 SQL Injection
1010101010101010101010101010101010101010101010101 0 0 1 /'\ /' /\ \ 1 0 /\ \ \ /, \ \ \ 0 1 //\ Dr.3v1l 0 1 0WebSecurity.IR 1 0 0 1 + E-Mail : [email protected] 1 0 + Y! : Doctor.3v1l 0 1 1 0 0 1 I'm 3v1l member from BlackDevils B0ys Team 1 0 0 1 1...
CVE-2012-3997
Multiple cross-site scripting XSS vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to inject arbitrary web script or HTML via the 1 pasteuser or 2 pastelang parameter to a list.php or b show.php...
Kolifa Haber Script 1.3 SQL Injection
Exploit Title: Kolifa Haber Script 1.3 SQL Date: 08.10.2011 - 20:36 Author: Mr.PaPaRoSSe Download Script: http://scripti.org/demo.php?id=97 Tested On: BackTrack 5 - Windows xp sp3 Platform: Php Vunl file : show.php Exploit: http://localhost/haberpro/kategorigoster.php?katid=SQL injection Panel:...
Tsmim Lessons Library - show.php SQL Injection
Tsmim Lessons Library - show.php SQL Injection =================================================================================== tsmim lessons library sql injection Vulnerabilities =================================================================================== Exploit Title: tsmim lessons...
tsmim Lessons Library (show.php) SQL Injection
Exploit for php platform in category web applications =================================================================================== tsmim lessons library sql injection Vulnerabilities =================================================================================== Exploit Title: tsmim...
Information disclosure
DoceboLMS 4.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by views/dummy/show.php and certain other files...
eWRC.cz Portal SQL Injection
======================================================= eWRC.cz Portal Exploit database separated by exploit 3 3 type local, remote, DoS, etc. 3 7 7 1 + Site : 1337db.com 1 3 + Support e-mail : submitat1337db.com 3 3 3 7 7 1 I'm KnocKout 1337 Member from 1337 DataBase 1 3 3 3 3...
68KB 1.0.0rc4 - Remote File Inclusion
68KB 1.0.0rc4 - Remote File Inclusion ==================================================== 68KB v1.0.0rc4 Remote File Include Vulnerability ==================================================== Vendor: http://68kb.com download: http://github.com/68designs/68KB/downloads Author: eidelweiss Contact:...
Sql injection
SQL injection vulnerability in show.php in phpaaCms 0.3.1 UTF-8, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the id parameter...
CVE-2010-2719
In the provided documents, phpaaCMS shows a SQL injection in show.php via the id parameter (version 0.3.1 UTF-8; potentially other versions). The root cause is improper input handling that allows remote attackers to execute arbitrary SQL commands. The OpenVAS entry explicitly notes multiple SQL i...