AuraCMS 1.5rc Multiple Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications =========================================================== AuraCMS 1.5rc Multiple Remote SQL Injection Vulnerabilities =========================================================== AuraCMS version 1.5rc - Multiple Remote SQL Injection...

RunCMS < 1.5.3 debug_show.php Multiple Vulnerabilities

The installed version of RunCMS fails to validate input to the 'class/debug/debugshow.php' script. An unauthenticated attacker may be able to leverage this issue to manipulate SQL queries or to determine information about local files on the affected host. %NASLMINLEVEL 70300 C Tenable Network...

Project Server 2003 - Credential Disclosure

============================================================== Project Server 2003 - Credential Disclosure [email protected] ============================================================== Microsoft Project server 2003 implements a thick client for some of the functionality. The...

XennoBB.txt

--------------------- SUMMARY --------------------- Name: XennoBB "birthday" SQL Injection 6/8/2006 Vendor / Product: XennoBB Group http://www.xennobb.com/ Description: The world's most revolutionary and easy to use bulletin board. Revolutionary because it redefines the boundaries of usability an...

Design/Logic Flaw

fusionZONE couponZONE 4.2 allows remote attackers to obtain the full path of the web server, and other sensitive information, via invalid values, as demonstrated using manipulations associated with SQL...

CVE-2006-1432

fusionZONE couponZONE 4.2 allows remote attackers to obtain the full path of the web server, and other sensitive information, via invalid values, as demonstrated using manipulations associated with SQL...

CVE-2006-1432

The CVE-2006-1432 entry concerns fusionZONE couponZONE 4.2, where remote attackers can disclose server file paths and other sensitive info through manipulated inputs that trigger SQL-based inference. Root cause: improper input handling allowing SQL manipulation leading to information disclosure. ...

Geeklog 1.3.7sr1 and below multiple vulnerabilities.

Products: Geeklog 1.3.7sr1 and below http://www.geeklog.net Date: 29 May 2003 Author: pokleyzz pokleyzzatscan-associates.net Contributors: skatscan-associates.net shaharilatscan-associates.net muniratscan-associates.net URL: http://www.scan-associates.net Summary: Geeklog 1.3.7sr1 and below...

geeklog.txt

Products: Geeklog 1.3.7sr1 and below http://www.geeklog.net Date: 29 May 2003 Author: pokleyzz Contributors: skatscan-associates.net shaharilatscan-associates.net muniratscan-associates.net URL: http://www.scan-associates.net Summary: Geeklog 1.3.7sr1 and below multiple vulnerabilities. Descripti...

Voxel Dot Net CBms 0.x - Multiple Code Injection Vulnerabilities

source: https://www.securityfocus.com/bid/4957/info It has been reported that multiple vulnerabilities exist in CBMS. Reportedly, it is possible to inject both JavaScript and SQL code into the system. It may be possible to execute script code within the context of the site as an authenticated...

Snitz Forums 2000 remote SQL query manipulation vulnerability

vulnerable ---------- Product : Snitz Forums 2000 Version : 3.3 3.3.01 3.3.02 3.3.03 last stable version Object : members.asp Class : Input validation error remote SQL query manipulation vulnerability Vendor-URL : http://forum.snitz.com/ Vendor-Status : informed, not patched Remote-Exploit : yes...