EUVD-2005-4007

Malware in sbrugna...

CVE-2017-9764

Cross-site scripting XSS vulnerability in MetInfo 5.3.17 allows remote attackers to inject arbitrary web script or HTML via the Client-IP or X-Forwarded-For HTTP header to /include/stat/stat.php in a para action...

CVE-2014-9453

The CVE-2014-9453 entry concerns multiple cross-site scripting (XSS) flaws in the Simple visitor stat WordPress plugin, specifically in simple-visitor-stat.php. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML through the HTTP User-Agent or HTTP Referer headers. T...

Code injection

stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows remote attackers to inject arbitrary PHP code into online.db.txt via the X-Forwarded-For HTTP header in a stat action to index.php, and execute online.db.txt via a certain request to index.php...

CVE-2008-0390

CVE-2008-0390 affects AuraCMS 1.62 and Mod Block Statistik for AuraCMS. The vulnerability is a remote code-injection via the X-Forwarded-For header in a stat action to index.php, allowing an attacker to inject arbitrary PHP code into online.db.txt and later execute online.db.txt through a crafted...

AuraCMS 1.62 - 'stat.php' Remote Code Execution

!/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 1.62 - stat.php Remote Code Execution Exploit Waktu : Jan 16 2008 10:00PM Software : AuraCMS 1.62 AuraCMS Mod Block Statistik | http://iwan.or.id/download/lihat/1/2-1-6.html Vendor :...

auracms-exec.txt

!/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 1.62 - stat.php Remote Code Execution Exploit Waktu : Jan 16 2008 10:00PM Software : AuraCMS 1.62 AuraCMS Mod Block Statistik | http://iwan.or.id/download/lihat/1/2-1-6.html Vendor :...

AuraCMS 1.62 (stat.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 1.62 - stat.php Remote Code Execution Exploit Waktu : Jan 16 2008 10:00PM Software : AuraCMS 1.62 ...

AuraCMS 1.62 (stat.php) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ===================================================== AuraCMS 1.62 stat.php Remote Code Execution Exploit ===================================================== !/usr/bin/perl Indonesian Newhack Security Advisory...

CVE-2005-3959

CVE-2005-3959 affects FreeWebStat 1.0 rev37. It describes multiple cross-site scripting (XSS) vulnerabilities where user-supplied input in the (1) site, (2) jsref, (3) jsres, (4) jscolor parameters to pixel.php and (5) the search key to stat.php are echoed into logdb.html without sanitization. Th...

CVE-2005-3959

Multiple cross-site scripting XSS vulnerabilities in FreeWebStat 1.0 rev37 allow remote attackers to inject arbitrary web script or HTML via the 1 site, 2 jsref, 3 jsres, and 4 jscolor parameters to pixel.php, which are not sanitized before being included in the logdb.html file, and 5 the search...

CVE-2005-3959

Multiple cross-site scripting XSS vulnerabilities in FreeWebStat 1.0 rev37 allow remote attackers to inject arbitrary web script or HTML via the 1 site, 2 jsref, 3 jsres, and 4 jscolor parameters to pixel.php, which are not sanitized before being included in the logdb.html file, and 5 the search...