CVE-2008-7029

The CVE-2008-7029 entry concerns an unrestricted file upload in AlilG Application AliBoard Beta, specifically in usercp.php. A remote authenticated user could upload a file with an executable extension as an avatar via uploads/avatars/ and access it directly to execute arbitrary code. The vulnera...

saba-xss.txt

Saba 2.0 Cross Site Scripting JS Injection http://Aria-Security.com --------------------------------------------------------------- Saba 2.0 is a Persian Forum Script Dork: Powered by Saba 2.0 Vulnerable file: usercp.php usercp.php?username=YourUserName The above script can be inserted as Locatio...

CVE-2008-3191

Multiple SQL injection vulnerabilities in usercp.php in mForum 0.1a, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 City, 2 Interest, 3 Email, 4 Icq, 5 msn, or 6 Yahoo Messenger field in an editprofile action...

CVE-2008-3191

CVE-2008-3191 affects mForum 0.1a. Multiple SQL injection vulnerabilities exist in usercp.php when magic_quotes_gpc is disabled, allowing remote attackers to inject arbitrary SQL via the edit_profile fields (City, Interest, Email, Icq, msn, Yahoo Messenger). The root cause is improper handling of...

mForum 'usercp.php' SQL注入漏洞

BUGTRAQ ID: 30214 CNCAN ID：CNCAN-2008071504 mForum是一款基于PHP的WEB应用程序。 mForum不正确处理用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可能获得敏感信息或操作数据库。 问题由于'usercp.php'脚本对用户提交给WEB参数缺少过滤，构建恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 mForum 0.1a 目前没有解决方案提供： http://sourceforge.net/projects/marcioforum/...

CVE-2008-0371

Multiple SQL injection vulnerabilities in aliTalk 1.9.1.1, when magicquotesgpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via 1 the mohit parameter to a inc/receivertwo.php; and allow remote attackers to execute arbitrary SQL commands via 2 the id parameter to...

Sql injection

Multiple SQL injection vulnerabilities in aliTalk 1.9.1.1, when magicquotesgpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via 1 the mohit parameter to a inc/receivertwo.php; and allow remote attackers to execute arbitrary SQL commands via 2 the id parameter to...

CVE-2007-5985

Multiple cross-site scripting XSS vulnerabilities in BtiTracker before 1.4.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to 1 account.php, 2 moresmiles.php, or 3 recover.php; or 4 the "to" parameter to usercp.php...

CVE-2007-5985

Multiple cross-site scripting XSS vulnerabilities in BtiTracker before 1.4.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to 1 account.php, 2 moresmiles.php, or 3 recover.php; or 4 the "to" parameter to usercp.php...

Promise NAS NS4300N GUI bug

List, There is a bug in the Promise NAS NS4300N web GUI firmware version 1.1.0.5 which allows an authenticated admin user to change the password of the 'root' account. The user management portion of the web interface allows the admin user to change user's passwords. The PHP script that handles th...

EUVD-2007-1546

Unrestricted file upload vulnerability in usercp.php in MetaForum 0.513 Beta restricts file types based on the MIME type in the Content-type HTTP header, which allows remote attackers to upload and execute arbitrary scripts via an image MIME type with a filename containing an executable extension...

MetaForum <= 0.513 Beta Remote File Upload Exploit

Exploit for unknown platform in category web applications ================================================== MetaForum = 0.513 Beta Remote File Upload Exploit ================================================== ?php /---------------------------------------------------------\ MetaForum = 0.513 Beta...

Innovate Portal &lt;= 2.0 (acp.php) Remote Code Execution Exploit

No description provided by source. ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...

Innovate Portal 2.0 - &#039;acp.php&#039; Remote Code Execution

DEVIL TEAM IRC: 72.20.18.6:6667 devilteam ======== Contact: [email protected] or http://www.rahim.webd.pl/ cod3d by Kacper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Greetings DragonHeart and all DEVIL TEAM Patriots : - Leito & Leon TomZen, Gelo, Ramzes, DMX,...

[KAPDA::#53] MYBB XSS and Dir Traversal in usercp.php

Vulnerable products : MYBB 1.x Vendor: http://www.mybboard.net Risk: Low Vulnerabilities: MYBB XSS and Dir Traversal in usercp.php Date : -------------------- Found : Feb 22 2006 Vendor Contacted : N/A Release Date : N/A About : -------------------- MyBB is a powerful, efficient and free forum...

CVE-2006-3954

Directory traversal vulnerability in usercp.php in MyBB aka MyBulletinBoard 1.x allows remote attackers to read arbitrary files via a .. dot dot in the gallery parameter in a 1 avatar or 2 doavatar action...

CVE-2006-3953

Cross-site scripting XSS vulnerability in usercp.php in MyBB aka MyBulletinBoard 1.x allows remote attackers to inject arbitrary web script or HTML via the gallery parameter...

CVE-2006-3953

CVE-2006-3953 is a cross-site scripting (XSS) vulnerability in MyBB (MyBulletinBoard) 1.x, exposed via the gallery parameter of the file usercp.php. The issue allows remote attackers to inject arbitrary web script or HTML, with the vulnerability rooted in improper handling of input. The NVD lists...

CVE-2006-3954

Directory traversal vulnerability in usercp.php in MyBB aka MyBulletinBoard 1.x allows remote attackers to read arbitrary files via a .. dot dot in the gallery parameter in a 1 avatar or 2 doavatar action...

CVE-2006-3953

Cross-site scripting XSS vulnerability in usercp.php in MyBB aka MyBulletinBoard 1.x allows remote attackers to inject arbitrary web script or HTML via the gallery parameter...