7 matches found
Cross-Site Scripting (XSS)
Phpbb is vulnerable to cross-site scripting XSS attacks. The attacks are possible because includes/startup.php does not sanitize the user-supplied input which allows trailing paths to be injected through "Relative Path Overwrite."...
Stylemotion WEB//NEWS 1.4 startup.php Cookie SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/14776/info WEB//NEWS is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitatio...
txtSQL 2.2 Final - startup.php Remote File Inclusion
txtSQL 2.2 Final - startup.php Remote File Inclusion ??????????????????????????????????????????????????????????????????????????????? ?? C r a C k E r ?? ?? T H E C R A C K O F E T E R N A L M I G H T ?? ?????????????????????????????????????????????????????????????????????????????? ????? From The...
txtsql-rfi.txt
┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...
CVE-2007-2774
Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to 1 connect.php or 2 modules/startup.php...
PHPGiggle 12.08 (CFG_PHPGIGGLE_ROOT) File Include Vulnerability
No description provided by source. Title : Php Giggle = 12.08 Remote File Include Vulnerability Author : ajann Vuln; File startup.php /File Code,1 startup.php Error: .. .... include$CFGPHPGIGGLEROOT . $CFGMODULEROOT . "/kernel/system/modregistry.inc.php"; include$CFGPHPGIGGLEROOT . $CFGMODULEROOT...
[NewAngels Advisory #5] Stylemotion WEB//NEWS 1.4 Vulnerabilities
NewAngels Advisory 5 Stylemotion WEB//NEWS 1.4 ============================================================================= Software: WEB//NEWS 1.4 Type: SQL Injections, Path Disclosure Risk: High Date: Sep. 1 2005 Vendor: Stylemotion Credit: ======= Robin 'onkelfisch' Verton...