71 matches found
Sql injection
SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter...
CVE-2010-5017
SQL injection vulnerability in stats.php in Elite Gaming Ladders 3.0 allows remote attackers to execute arbitrary SQL commands via the account parameter...
CVE-2010-5017
The CVE-2010-5017 entry describes an SQL injection vulnerability in stats.php of Elite Gaming Ladders 3.0, exploitable via the account parameter. The underlying flaw enables remote attackers to execute arbitrary SQL commands, with impact described as partial confidentiality, integrity, and availa...
HLstats 1.35 Cross Site Scripting
------------------------------------------- HLstats 1.35 XSS Exploit Contact: vhr95zw at hotmail dot com Website: http://greyhathackers.wordpress.com/ Description: HLstats 1.35 is vulnerable to XSS in stats.php. PoC:...
Elite Gaming Ladders 3.0 - SQL Injection
Elite Gaming Ladders 3.0 - SQL Injection Exploit Title: Elite Gaming Ladders v3.0 SQL Injection Exploit Date: January 3rd, 2010 Author: Sora Version: 3.0 Tested on: Windows and Linux ---------------------------------------- Elite Gaming Ladders v3.0 SQL Injection Exploit Contact: vhr95zw at hotma...
UCStats 1.1 - SQL Injection
UCStats 1.1 Remote SQL Injection Vulnerability Author: Sora Contact: vhr95zw at hotmail dot com Website: http://greyhathackers.wordpress.com/ Google Dork: "Powered by UCStats version 1.1" Vulnerability Description: UCStats version 1.1 suffers a remote SQL injection vulnerability in stats.php...
UCStats v1.1 SQL Injection Vulnerability
Exploit for unknown platform in category web applications ======================================== UCStats v1.1 SQL Injection Vulnerability ======================================== UCStats 1.1 Remote SQL Injection Vulnerability Author: Sora Google Dork: "Powered by UCStats version 1.1"...
Sql injection
SQL injection vulnerability in file/stats.php in BS Counter 2.5.3 allows remote attackers to execute arbitrary SQL commands via the page parameter...
CVE-2009-3659
SQL injection vulnerability in file/stats.php in BS Counter 2.5.3 allows remote attackers to execute arbitrary SQL commands via the page parameter...
Bs Counter 2.5.3 SQL Injection
Bs Counter 2.5.3 page Sql İnjectşon Vuln. Bgh7 Turk Bilisim Gucleri Script Downlaod http://scripti.org/indir.php?id=595 Expl0it; http://www.target.com/file/stats.php?page='insert+into+counter+countertitle+values+'HackedByBgh7 tu bi gu' Bingoo ! counter name ediT =...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to 1 admin.php, 2 index.php, 3 sess.php, 4 stats.php, 5 detail.php, 6 resize.php, and 7 show.php. NOTE: the provenance of this...
mcGallery 1.1 - 'stats.php?lang' Cross-Site Scripting
source: https://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in t...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in InterWorx Hosting Control Panel InterWorx-CP Webmaster Level SiteWorx 3.0.2 1 allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to index.php; and allow remote authenticated users to inject arbitrary web script or HT...
mcLinksCounter 1.2 Remote File Include by iNs
App Name : mcLinksCounter 1.2 HomePage: http://www.phpforums.net Vuln type : Remote File Include RFI Vuln Discovered by : iNs BUG: on file stats.php ,login.php ,detail.php : include "$langfile"; PoC: http://www.site.com/path/stats.php?langfile=sH3lLz? iNs @ uNkn0wn.eu Gr33tz t0: uNkn0wn.eu - iD -...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in EQdkp 1.3.2c and earlier allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 listmembers.php and 2 stats.php. NOTE: some of these details are obtained from third party information...
CVE-2006-4827
Multiple PHP remote file inclusion vulnerabilities in Vmist Downstat 1.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the art parameter to 1 admin.php, 2 chart.php, 3 modes.php, or 4 stats.php...
CVE-2006-3517
CVE-2006-3517 describes a PHP remote file inclusion in RW::Download, specifically for the file stats.php, where enabling register_globals allows an attacker to execute arbitrary PHP code by supplying a URL in the root_path parameter. Evidence from the NVD entry confirms the affected software comp...
RW::Download stats.php Remote File Inc.
Title : RW::Download stats.php Remote File Inc. - Site : http://www.Cyber-Warrior.org - Author : StorMBoY - Mail : [email protected] - exploit : http://target/path/stats.php?rootpath=code - Inc. Code : includeonce $ROOTPATH."functions/globalfunctions.php"; - StorMBoY 08.07.2006...
CVE-2006-2532
The CVE-2006-2532 entry concerns Destiney Rated Images Script 0.5.0. The affected component is stats.php where an invalid s parameter can cause an error message to reveal the installation path. The description notes this was initially claimed to be SQL injection, but CVE analysis attributes the i...
topsitesXSS.txt
Xtremescripts Topsites v1.1 Homepage: http://www.xtremescripts.com/topsites.php Description: Xtreme Topsites is a popular topsite PHP script for websites. Most commonly used across anime websites at the moment. The topsite will count hits/clicks in and hits out and will rank them on total hits so...