19 matches found
Membership Management System 1.1 SQL Injection
==================================================================================================================================== | Title : Membership Management System 1.1 Auth By Pass Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0.0 64...
CVE-2024-23258
An out-of-bounds read was addressed with improved input validation. This issue is fixed in visionOS 1.1, macOS Sonoma 14.4. Processing an image may lead to arbitrary code execution...
Client Management System 1.1 Cross Site Scripting
Exploit Title: Client Management System 1.1 - 'cname' Stored Cross-site scripting XSS Date: 2021-08-04 Exploit Author: Mohammad Koochaki Vendor Homepage: https://phpgurukul.com/client-management-system-using-php-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10841...
Client Management System 1.1 - 'cname' Stored Cross-site scripting (XSS)
Exploit Title: Client Management System 1.1 - 'cname' Stored Cross-site scripting XSS Date: 2021-08-04 Exploit Author: Mohammad Koochaki Vendor Homepage: https://phpgurukul.com/client-management-system-using-php-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=10841...
Client Management System 1.1 - 'username' Stored Cross-Site Scripting (XSS)
Exploit Title: Client Management System 1.1 - 'username' Stored Cross-Site Scripting XSS Date: 14 June 2021 Exploit Author: BHAVESH KAUL Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/client-management-system-using-php-mysql/ Version: 1.1 Tested on: Server: XAMPP...
CVE-2012-3791
Multiple SQL injection vulnerabilities in Simple Web Content Management System 1.1 allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 itemdelete.php, 2 itemstatus.php, 3 itemdetail.php, 4 itemmodify.php, or 5 itemposition.php in admin/; or 6 status parameter to...
CVE-2012-3791
CVE-2012-3791 affects Simple Web Content Management System 1.1. The vulnerability is a set of SQL injection flaws exploitable via the id parameter to admin/item_delete.php, admin/item_status.php, admin/item_detail.php, admin/item_modify.php, admin/item_position.php, and the status parameter to ad...
CVE-2008-6111
The CVE-2008-6111 entry concerns a SQL injection in NetArt Media Vlog System 1.1, exploitable via the note parameter in blog.php. Affected component: blog.php within NetArt Media Vlog System 1.1. Root cause: unsanitized input leading to arbitrary SQL execution. Impact per NVD: partial confidentia...
Vlog System 1.1 - SQL Injection
Viva IslaM Viva IslaM Remote SQL injection Vulnerability Vlog System V1.1 blog.php user AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM && WwW.AtsDp.CoM/f Email : [email protected] SYRIAN Arab HACkErS -: Exploite :-...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in local Calendar System 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 TEMPLATEDIR parameter to a showinvoices.php, b showmonth.php, c showevents.php, d retrieveinvoice.php, e modifyitem.php, and f lookupuserid.php; ...
CVE-2006-5426
PHP remote file inclusion vulnerability in lib/lcUser.php in LoCal Calendar System 1.1 remote attackers to execute arbitrary PHP code via a URL in the LIBDIR parameter...
CVE-2006-5426
CVE-2006-5426 affects LoCal Calendar System 1.1. A vulnerability in the file lib/lcUser.php allows remote attackers to execute arbitrary PHP code via a URL supplied to the LIBDIR parameter, due to a remote file inclusion vulnerability. The CVE entry indicates this is a PHP RFI with potential impa...
CilemNews System 1.1 - yazdir.asp haber_id SQL Injection
CilemNews System 1.1 - yazdir.asp haberid SQL Injection !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Usage: cilem.pl Original Advisory: http://www.nukedx.com/?viewdoc=10 googledork inurl:yazdir.asp?haberid= 2.140...
CVE-2005-4032
CVE-2005-4032 describes a cross-site scripting (XSS) vulnerability in search.cgi of Easy Search System 1.1 and earlier. The flaw allows remote attackers to inject arbitrary web script or HTML through the q parameter. The available connected documents confirm the existence of the vulnerability and...
Survey System 1.1 SQL inj. vuln.
Survey System 1.1 SQL inj. vuln. Vuln. dicovered by : r0t Date: 29 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/survey-system-11-sql-inj-vuln.html Vendor:http://ilyav.net/?q=node/22 affected version:1.1 and prior Product Description: This extremely detailed Survey application ha...
CVE-2002-1808
CVE-2002-1808 describes a cross-site scripting (XSS) flaw in Meunity Community System 1.1 . The vulnerability allows remote attackers to inject arbitrary web script or HTML by placing Javascript in an IMG tag during topic creation. The root cause, as stated, is insufficient input sanitization of ...
CVE-2005-1786
Summary (CVE-2005-1786): FunkyASP AD System 1.1 is affected by an SQL injection in the admin.asp file, exploitable via the password parameter to execute arbitrary SQL and gain privileges. The vulnerability is described across multiple records (CVE/NT NVD entries and PT-2005-2754). The exploitatio...
CVE-2005-1786
SQL injection vulnerability in admin.asp in FunkyASP AD System 1.1 allows remote attackers to execute arbitrary SQL commands and gain privileges via the password parameter...
PT-2005-2754 · Funkyasp · Funkyasp Ad System
Name of the Vulnerable Software and Affected Versions: FunkyASP AD System version 1.1 Description: The issue allows remote attackers to execute arbitrary SQL commands and gain privileges. This is achieved via the password parameter in the admin.asp file. Recommendations: For FunkyASP AD System...