18 matches found
CVE-2019-11078
MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI...
EUVD-2009-0879
Malware in sbrugna...
Cross site request forgery (csrf)
MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI...
CVE-2019-11078
MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI...
CVE-2019-11078
MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI...
深澜软件漏洞SrunDisk注入漏洞三
简要描述: RT 详细说明: 文件:\userinfo.php includeonce"kernel/eidolon.class.php"; $eidolon=new Eidolon"templets/userinfo.html"; includeonce"kernel/member.class.php"; $member=new Member; if$res=$member-searchByName$GET"username",0,"" foreach$res as $v extract$v,EXTROVERWRITE; $eidolon-parseBlock"main";...
Claroline e-Learning <= 1.6 - Remote Hash SQL Injection Exploit
No description provided by source. ?php T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m Vulnerable: Claroline E-Learning Application Exploit By : MHp0rtal Discovered By: Sieg Fried Gr33tz To == Alphaprogrammer , Oilkarchack , DrCephaleX , Str0ke And Iranian Hacking & Security Teams :...
nForum 1.5 - Multiple Remote SQL Injection Vulnerabilities
No description provided by source. Salvatore drosophila Fresta + Application: nForum + Version: 1.5 + Website: http://sourceforge.net/projects/nforum/ + Bugs: A Multiple SQL Injection + Exploitation: Remote + Date: 06 Mar 2009 + Discovered by: Salvatore drosophila Fresta + Author: Salvatore...
phpplanner - Cross-Site Scripting / SQL Injection
================================== phpplanner XSS / SQL Vulnerability ================================== Script: php planner Date: 12-06-2010 Author: anT!-Tr0J4n My Home : www.Dev-PoinT.com Software Link:http://phpplanner.sourceforge.net/ Tested on: Win7/Linux DorK :...
Sql injection
Multiple SQL injection vulnerabilities in nForum 1.5 allow remote attackers to execute arbitrary SQL commands via the 1 id parameter to showtheme.php and the 2 user parameter to userinfo.php...
nForum 1.5 Multiple Remote SQL Injection Vulnerabilities
No description provided by source. Salvatore "drosophila" Fresta + Application: nForum + Version: 1.5 + Website: http://sourceforge.net/projects/nforum/ + Bugs: A Multiple SQL Injection + Exploitation: Remote + Date: 06 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore...
nForum 1.5 - Multiple SQL Injections
nForum 1.5 - Multiple SQL Injections Salvatore "drosophila" Fresta + Application: nForum + Version: 1.5 + Website: http://sourceforge.net/projects/nforum/ + Bugs: A Multiple SQL Injection + Exploitation: Remote + Date: 06 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore...
nForum 1.5 Multiple Remote SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications ======================================================== nForum 1.5 Multiple Remote SQL Injection Vulnerabilities ======================================================== Salvatore "drosophila" Fresta + Application: nForum + Version: 1.5 +...
Unfixed XSS vulnerability at www.missinternet.lt
Security researcher F3nix, has submitted on 03/03/2008 a cross-site-scripting XSS vulnerability affecting www.missinternet.lt, which at the time of submission ranked 330299 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/03/2008. It is...
CVE-2007-2084
CVE-2007-2084 affects MobilePublisherphp version 1.1.2 and is described as a PHP remote file inclusion vulnerability in the admin directory. The issue permits an attacker to supply a URL in the auth_method parameter to any of the admin PHP files (index.php, list.php, postreview.php, reindex.php, ...
Claroline E-Learning 1.6 - Remote Hash SQL Injection (1)
Alphaprogrammer , Oilkarchack , DrCephaleX , Str0ke And Iranian Hacking & Security Teams : IHS TeaM , alphaST , Shabgard Security Team , Emperor Hacking Team , Crouz Security Team & Simorgh-ev Security Team Config : please replace your address : $url = "http:///www.example.com"; Please replace yo...
Claroline E-Learning 1.51.6 - userInfo.php Multiple SQL Injections
Claroline E-Learning 1.51.6 - userInfo.php Multiple SQL Injections source: https://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied...
Xoops SQL fragment disclosure and SQL injection vulnerability
-- Xoops SQL fragment disclose and SQL injection vulnerability -- Discovered on 27/01/2002 Vendor: http://xoops.sourceforge.net -- Overview -- XOOPS is an open source portal script written extensively in object-oriented PHP. Backed with MySQL Database. There is 2 security issues : - Xoops disclos...