21 matches found
EUVD-2007-2085
Malware in sbrugna...
TuMusika Evolution 1.6 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23452/info TuMusika Evolution is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code i...
CVE-2007-6221
TuMusika Evolution 1.7R5 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Information disclosure
TuMusika Evolution 1.7R5 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-6221
The vulnerability CVE-2007-6221 affects TuMusika Evolution 1.7R5. A direct request to phpinfo.php calls phpinfo, enabling remote attackers to disclose configuration information. No remediation details are provided in the connected documents. The exact root cause is exposure of PHP configuration d...
CVE-2007-6221
TuMusika Evolution 1.7R5 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2007-6188
Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 languagesn.php, 2 languagesf.php, or 3 languages.php in inc/; and 4 allow remote attackers to read arbitrary...
Directory traversal
Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 languagesn.php, 2 languagesf.php, or 3 languages.php in inc/; and 4 allow remote attackers to read arbitrary...
CVE-2007-6188
TuMusika Evolution 1.7R5 is affected by multiple directory traversal flaws enabling remote attackers to include/execute arbitrary local files via ".." in language parameters (languages_n.php, languages_f.php, languages.php in inc/) and to read local files via ".." in the uri parameter to frames/n...
CVE-2007-6188
Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 languagesn.php, 2 languagesf.php, or 3 languages.php in inc/; and 4 allow remote attackers to read arbitrary...
TuMusika Evolution 1.7R5 - Remote File Disclosure
TuMusika Evolution 1.7R5 - Remote File Disclosure TuMusika Evolution 1.7R5 Remote File Disclosure Vulnerability Script : http://sourceforge.net/project/platformdownload.php?groupid=186000 /frames/nogui/scdownload.php Exploit:...
TuMusika Evolution 1.7R5 Remote File Disclosure Vulnerability
No description provided by source. TuMusika Evolution 1.7R5 Remote File Disclosure Vulnerability Script : http://sourceforge.net/project/platformdownload.php?groupid=186000 /frames/nogui/scdownload.php ? $file = $GET'uri' ;---xxx $title = $GET'title' ; header'HTTP/1.1 200 OK';...
TuMusika Evolution 1.7R5 Remote File Disclosure Vulnerability
Exploit for unknown platform in category web applications ============================================================= TuMusika Evolution 1.7R5 Remote File Disclosure Vulnerability ============================================================= TuMusika Evolution 1.7R5 Remote File Disclosure...
TuMusika Evolution 1.7R5 - Remote File Disclosure
TuMusika Evolution 1.7R5 Remote File Disclosure Vulnerability Script : http://sourceforge.net/project/platformdownload.php?groupid=186000 /frames/nogui/scdownload.php Exploit: /Evolution1.7/frames/nogui/scdownload.php?uri=../../../../../../etc/passwd TuMusika Evolution 1.7R5 Local File Inclusion...
CVE-2007-2090
Cross-site scripting XSS vulnerability in index.php in TuMusika Evolution 1.6 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2007-2090
Cross-site scripting XSS vulnerability in index.php in TuMusika Evolution 1.6 allows remote attackers to inject arbitrary web script or HTML via the msg parameter...
CVE-2007-2090
CVE-2007-2090 is a Cross-site scripting (XSS) vulnerability in TuMusika Evolution 1.6, fixed by abusing index.php via the msg parameter to inject arbitrary script/HTML. The vulnerability’s CVSS v2 base score is 6.8 (Medium) with partial impact on confidentiality, integrity, and availability, and ...
TuMusika Evolution 1.6 Cross Site Scripting Vulnerabilitiy
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...
TuMusika Evolution 1.6 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/23452/info TuMusika Evolution is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting...
tumushika-xss.txt
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...