TT Guest Post Submit 1.0.0 - tt-guest-post-submit-submit.php rootpath Parameter Remote File Inclusion

The TT Guest Post Submit WordPress plugin was affected by a tt-guest-post-submit-submit.php rootpath Parameter Remote File Inclusion security vulnerability...

WordPress TT Guest Post Submit Plugin <= 1.0.0 - Remote File Inclusion

This plugin is prone to a tt-guest-post-submit-submit.php rootpath parameter remote file inclusion vulnerability. Solution Upgrade this plugin...

CVE-2014-5109

SQL injection vulnerability in maint/modules/endpointcfg/endpointgeneric.php in Fonality trixbox allows remote attackers to execute arbitrary SQL commands via the mac parameter in a Submit action...

CVE-2014-4194

SQL injection vulnerability in zerotransactarticle.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a Submit Comment action...

Sql injection

SQL injection vulnerability in zerotransactarticle.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a Submit Comment action...

CVE-2014-4194

SQL injection vulnerability in zerotransactarticle.php in ZeroCMS 1.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a Submit Comment action...

Basit 1.0 Submit Module Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7139/info A cross-site scripting vulnerability has been reported for Basit. This vulnerability occurs due to insufficient sanitization of some user-supplied input. As a result of this deficiency an attacker may exploit th...

PHPSelect Submit-A-Link HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17348/info Submit-A-Link is prone to an HTML-injection vulnerability. The script fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML and script code woul...

LoveCMS 1.6.2 - CSRF Code Injection Vulnerability

No description provided by source. Exploit Title : LoveCMS 1.6.2 - CSRF Code Injection Vulnerability Script : LoveCMS 1.6.2 Language : PHP Download : http://sourceforge.net/project/showfiles.php?groupid=168535 Date : 2010/12/27 Dork : Powered by LoveCMS Found : by hiphop contact me...

Cpanel 11.x - Edit E-mail Cross Site Request Forgery exploit

No description provided by source. Exploit Title: Cpanel 11.X Edit E-mail Cross Site Request Forgery exploit Date: 22 - 10 - 2010 Author: Mon7rF Mail : [email protected] Tested on: Windows 7 -------------------------------------------------------------------------------------- form onsubmit=return...

Maxwebportal <= 1.36 password.asp Change Password Exploit (2 - php)

No description provided by source. ?php / ------Trap-Set Underground Hacking Team-----------------mhp0rtal---------------------- Greetz to : Alphaprogrammer , Oilkarchack , Str0ke And Iranian Hacking & Security Teams : Alphast , IHS Team , Shabgard Security Team , Emperor Hacking TEam , CrouZ...

2DayBiz Matrimonial Script SQL Injection and Cross Site Scripting

No description provided by source. $------------------------------------------------------------------------------------------------------------------- $ 2daybiz Matrimonial Script SQL Injection and Cross Site Scripting Vulnerabilities $ Author : Sangteamtham $ Home : Hcegroup.net $ Download :...

Mambo com_koesubmit 1.0.0 - Remote File Inclusion

No description provided by source. Mambo comkoesubmit 1.0.0 Remote File Inclusion Author : Don Tukulesto rootatindonesiancoderdotcom Homepage : http://www.indonesiancoder.com Date : Friday, Semptember 18, 2009...

e107 0.7.5 Subject field HTML injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18560/info The e107 CMS is prone to an HTML-injection vulnerability. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site whe...

Wordpress all_in_one_carousel Plugin /XSS/CSRF/ Vuln

Exploit : centerbWordpress allinonecarousel Plugin Xss & Csrf Vulnerability /centerbrbr html head titleWordpress allinonecarousel Plugin Xss & Csrf Vulnerability IeDb TeaM/title /headbody form action="http://YourTarget.Com" id="formid" method="post" input name="name"...

WiFiles HD v1.3 iOS - File Include Web Vulnerability

Document Title: =============== WiFiles HD v1.3 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1214 Release Date: ============= 2014-02-21 Vulnerability Laboratory ID VL-ID: ==================================== 1214...

shopex ctl. member. php file SQL injection vulnerability-vulnerability warning-the black bar safety net

Issql injectionvulnerability testing version: shopex-singel-4.8.5.78660 File:\core\shop\controller\ctl.member.php function delTrackMsg if! empty$POST'deltrack' $oMsg = &$this-system-loadModel'resources/msgbox'; $oMsg-delTrackMsg$POST'deltrack'; $this-splash'success',...

Social Site Generator 2.2 - CSRF Add Admin Exploit

Exploit for php platform in category web applications Exploit Title: social generator Remote Add Admin Exploit Date: 02/05/2013 Author: Fallaga Script url:www.socialsitegeneratorscript.com Version: 2.2 Tested on: Windows CVE : Dork: inurl:myprofile.php?userid=MTM= Username: Password:...

Social Site Generator 2.2 - Cross-Site Request Forgery (Add Admin)

Exploit Title: social generator Remote Add Admin Exploit Date: 02/05/2013 Author: Fallaga Script url:www.socialsitegeneratorscript.com Version: 2.2 Tested on: Windows CVE : Dork: inurl:myprofile.php?userid=MTM= Username: Password:...

Multiple Vulnerabilities in KrisonAV CMS

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in KrisonAV CMS, which can be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-Site Scripting XSS vulnerability in KrisonAV CMS: CVE-2013-2712 The vulnerability exists due to...