Lucene search
+L

132 matches found

Exploit DB
Exploit DB
added 2008/04/28 12:0 a.m.56 views

Softbiz Web Host Directory Script - 'host_id' SQL Injection

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV89$2008 ----------------------------------------------------------------------------------------- ECHOADV89$2008 Softbiz Web Host Directory Script searchresult.php hostid Blind Sql Injection Vulnerability...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2007/02/08 12:0 a.m.19 views

whm-rfi.txt

name : web host manager vendor : cpanel.net by : s3rv3rhack3r ali at hackerz dot ir web-site : www.hackerz.ir - ali.hackerz.ir exploit: http://domain.com:2086/scripts2/objcache?obj=http://www.hackerz.ir/?...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/02/08 12:0 a.m.57 views

remote file include in whm (all version)

name : web host manager vendor : cpanel.net by : s3rv3rhack3r ali at hackerz dot ir web-site : www.hackerz.ir - ali.hackerz.ir exploit: http://domain.com:2086/scripts2/objcache?obj=http://www.hackerz.ir/?...

1.6AI score
Exploits0
NVD
NVD
added 2006/12/29 11:28 a.m.14 views

CVE-2006-6818

AlstraSoft Web Host Directory allows remote attackers to bypass authentication and change the admin password via a direct request to admin/config...

7.5CVSS7.1AI score0.01511EPSS
Exploits0References3
NVD
NVD
added 2006/12/29 11:28 a.m.17 views

CVE-2006-6817

AlstraSoft Web Host Directory allows remote attackers to obtain sensitive information by requesting any invalid URI, which reveals the path in an error message, a different vulnerability than CVE-2006-2617...

5CVSS6AI score0.01076EPSS
Exploits0References1
NVD
NVD
added 2006/12/29 11:28 a.m.15 views

CVE-2006-6819

AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup database via a direct request for admin/backup/db...

6.4CVSS6.3AI score0.01816EPSS
Exploits0References2
CVE
CVE
added 2006/12/29 11:0 a.m.47 views

CVE-2006-6817

The CVE-2006-6817 issue affects AlstraSoft Web Host Directory (also listed as HyperStop WebHost Directory 1.2). Affected component: login/URI handling that, when an invalid URI is requested, exposes the installation path in the error message, enabling a remote attacker to obtain sensitive informa...

5CVSS6.1AI score0.01076EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2006/12/29 11:0 a.m.20 views

CVE-2006-6818

AlstraSoft Web Host Directory allows remote attackers to bypass authentication and change the admin password via a direct request to admin/config...

7.1AI score0.01511EPSS
Exploits0References3
Cvelist
Cvelist
added 2006/12/29 11:0 a.m.18 views

CVE-2006-6819

AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup database via a direct request for admin/backup/db...

6.3AI score0.01816EPSS
Exploits0References2
Cvelist
Cvelist
added 2006/12/29 11:0 a.m.25 views

CVE-2006-6817

AlstraSoft Web Host Directory allows remote attackers to obtain sensitive information by requesting any invalid URI, which reveals the path in an error message, a different vulnerability than CVE-2006-2617...

6AI score0.01076EPSS
Exploits0References1
CVE
CVE
added 2006/12/29 11:0 a.m.54 views

CVE-2006-6819

CVE-2006-6819 concerns AlstraSoft Web Host Directory, where sensitive information is stored under the web root due to insufficient access control. The vulnerability allows remote attackers to download a backup database by issuing a direct request to admin/backup/db. The public records indicate th...

6.4CVSS6.7AI score0.01816EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2006/12/29 11:0 a.m.47 views

CVE-2006-6818

CVE-2006-6818 affects AlstraSoft Web Host Directory. The vulnerability allows remote attackers to bypass authentication and change the admin password via a direct request to /admin/config. CVSS v2 base score 7.5 (HIGH) with network attack vector and no authentication required; impact includes par...

7.5CVSS7.5AI score0.01511EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2006/05/26 1:6 a.m.12 views

CVE-2006-2616

SQL injection vulnerability in the search script in 1 AlstraSoft Web Host Directory 1.2, aka 2 HyperStop WebHost Directory 1.2, allows remote attackers to execute arbitrary SQL commands via the uri parameter...

7.5CVSS8.3AI score0.01413EPSS
Exploits0References8
Prion
Prion
added 2006/05/26 1:6 a.m.13 views

Sql injection

1 AlstraSoft Web Host Directory 1.2, aka 2 HyperStop WebHost Directory 1.2, allows remote attackers to obtain the installation path via an invalid entry in the Username field on the login page, which causes the path to be displayed in an SQL error. NOTE: this issue might be resultant from SQL...

5CVSS7.9AI score0.01654EPSS
Exploits0References9Affected Software1
Prion
Prion
added 2006/05/26 1:6 a.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in 1 AlstraSoft Web Host Directory 1.2, aka 2 HyperStop WebHost Directory 1.2, might allow remote attackers to inject arbitrary web script or HTML via the "write a review" box. NOTE: since user reviews do not require administrator privileges, and an...

4.3CVSS6.1AI score0.0118EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2006/05/26 1:0 a.m.42 views

CVE-2006-2618

The CVE-2006-2618 entry describes a cross-site scripting (XSS) vulnerability in AlstraSoft Web Host Directory 1.2 and HyperStop WebHost Directory 1.2, exploitable via the "+write a review" box. The flaw allows remote attackers to inject arbitrary web script or HTML, with the issue arising because...

4.3CVSS5.6AI score0.0118EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2006/05/26 1:0 a.m.56 views

CVE-2006-2617

Affected products: AlstraSoft Web Host Directory 1.2 (aka HyperStop WebHost Directory 1.2). Root cause: an invalid entry in the Username field on the login page can produce an SQL error that reveals the installation path, potentially due to SQL injection. Impact: partial disclosure of installatio...

5CVSS7.5AI score0.01654EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2006/05/26 1:0 a.m.19 views

CVE-2006-2618

Cross-site scripting XSS vulnerability in 1 AlstraSoft Web Host Directory 1.2, aka 2 HyperStop WebHost Directory 1.2, might allow remote attackers to inject arbitrary web script or HTML via the "write a review" box. NOTE: since user reviews do not require administrator privileges, and an...

5.6AI score0.0118EPSS
Exploits0References5
Cvelist
Cvelist
added 2006/05/26 1:0 a.m.19 views

CVE-2006-2616

SQL injection vulnerability in the search script in 1 AlstraSoft Web Host Directory 1.2, aka 2 HyperStop WebHost Directory 1.2, allows remote attackers to execute arbitrary SQL commands via the uri parameter...

8.3AI score0.01413EPSS
Exploits0References8
CVE
CVE
added 2006/05/26 1:0 a.m.46 views

CVE-2006-2616

The CVE-2006-2616 entry describes an SQL injection in the search script of AlstraSoft Web Host Directory 1.2 (also listed as HyperStop WebHost Directory 1.2). The vulnerability allows remote attackers to execute arbitrary SQL commands via the uri parameter, enabling potential data exposure or mod...

7.5CVSS8.3AI score0.01413EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder