40 matches found
CVE-2008-6950
CVE-2008-6950 describes multiple SQL injection vulnerabilities in the login.asp of Bankoi WebHosting Control Panel 1.20. The issues allow remote attackers to inject SQL via the (1) username or (2) password fields, potentially leading to arbitrary SQL execution. Affected component is the login han...
kloxo 5.75 - Multiple Vulnerabilities
kloxo 5.75 - Multiple Vulnerabilities Who : http://lxlabs.com What : kloxo "Kloxo Previously Lxadmin The most flexible software on this planet. From Kloxo HostInaBox, World's lightest and the most efficient webhosting platform, to Kloxo Enterprise, which can manage 100s of thousands of domains on...
kloxo 5.75 - Multiple Vulnerabilities
Who : http://lxlabs.com What : kloxo "Kloxo Previously Lxadmin The most flexible software on this planet. From Kloxo HostInaBox, World's lightest and the most efficient webhosting platform, to Kloxo Enterprise, which can manage 100s of thousands of domains on hundreds of servers. Kloxo is a fully...
CVE-2008-6653
SQL injection vulnerability in webhosting.php in the Webhosting Component comwebhosting module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php...
Sql injection
SQL injection vulnerability in webhosting.php in the Webhosting Component comwebhosting module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php...
CVE-2008-6653
SQL injection vulnerability in webhosting.php in the Webhosting Component comwebhosting module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php...
TurnkeyForms Web Hosting Directory - Multiple Vulnerabilities
TurnkeyForms Web Hosting Directory - Multiple Vulnerabilities ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
menalto gallery: Session hijacking vulnerability, CVE-2008-3662
menalto gallery: Session hijacking vulnerability, CVE-2008-3662 References https://vulners.com/cve/CVE-2008-3662 http://int21.de/cve/CVE-2008-3662-gallery.html http://gallery.menalto.com/gallery2.2.6released http://enablesecurity.com/2008/08/11/surf-jack-https-will-not-save-you/...
Unfixed XSS vulnerability at www.webhosting.info
Security researcher BizaRRo, has submitted on 18/08/2008 a cross-site-scripting XSS vulnerability affecting www.webhosting.info, which at the time of submission ranked 19264 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 19/06/2009. It is...
Unfixed Redirect vulnerability at ads.webhosting.info
Security researcher SeYMeN, has submitted on 31/05/2008 a Redirect vulnerability affecting ads.webhosting.info, which at the time of submission ranked 34793 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/06/2008. It is currently unfixed. If...
Joomla Component Webhosting (catid) Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl eSploit Framework - Inphex use Digest::MD5 qwmd5 md5hex md5base64; use LWP::UserAgent; use HTTP::Cookies; use Switch; $host = shift; $path = shift; $id = shift; $nonfind = shift; choose anything thats inside the article of id $column = "username";...
Joomla! Component Webhosting - catid Blind SQL Injection
Joomla! Component Webhosting - catid Blind SQL Injection !/usr/bin/perl eSploit Framework - Inphex use Digest::MD5 qwmd5 md5hex md5base64; use LWP::UserAgent; use HTTP::Cookies; use Switch; $host = shift; $path = shift; $id = shift; $nonfind = shift; choose anything thats inside the article of id...
Joomla! Component Webhosting - 'catid' Blind SQL Injection
!/usr/bin/perl eSploit Framework - Inphex use Digest::MD5 qwmd5 md5hex md5base64; use LWP::UserAgent; use HTTP::Cookies; use Switch; $host = shift; $path = shift; $id = shift; $nonfind = shift; choose anything thats inside the article of id $column = "username"; change if needet $table =...
Horde Webmail file inclusion proof of concept & patch.
Horde 3.1.6 arbitrary file inclusion vulnerability, proof of concept & patch. A severe security vulnerability affects any unix distribution running version 3.1.6 of the Horde webmail client included in most popular webhosting control panels. All previous versions are also affected and it is...
phb10-xss.txt
Application: PHP HOSTING BILLER Web Site: http://www.jnshosts.com/phphostingbiller.php Versions: 1.0 Platform: linux, windows, freebsd, sun Bug: Cross site Scripting XSS Fix Available: No ------------------------------------------------------- 1 Introduction 2 Bug 3 The Code 4 Fix 5 About Serapis...
PHP hosting Biller
Application: PHP HOSTING BILLER Web Site: http://www.jnshosts.com/phphostingbiller.php Versions: 1.0 Platform: linux, windows, freebsd, sun Bug: Cross site Scripting XSS Fix Available: No ------------------------------------------------------- 1 Introduction 2 Bug 3 The Code 4 Fix 5 About Serapis...
Unfixed XSS vulnerability at ihre-webhosting-domain.de
Security researcher KaBuS, has submitted on 05/03/2007 a cross-site-scripting XSS vulnerability affecting ihre-webhosting-domain.de, which at the time of submission ranked 8072937 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 05/03/2007. It i...
[Full-disclosure] WMH AutoPilot: Unauthorized hosting account cancellation request
Title: WMH AutoPilot: Unauthorized hosting account cancellation request Access: Remote Product: WHM AutoPilot http://www.whmautopilot.com Severity: Moderately Low Synopsis: A vulnerability has been identified that allows the unauthorized filing of hosting account cancellation requests. Vulnerable...
compozitSQL.txt
Date: 18:15 05/05/05 Subject: "Compozit Webhosting Panel Administration Vulnerability" Vulnerable version: Compozit 1.0 Description: Compozit is a France Webhosting that use Administration Panel to setup their website online.Have an Control Panel to upload,make a new directory,and modify web page...
PSOFT H-Sphere Cross Site Scripting Vulnerabilities
-------------------- Product: PSOFT H-Sphere Hosting Control Panel Vendor: PSOFT Positive Software Corporation Versions: VULNERABLE - 2.3.x - 2.2.x - 2.1.x - 2.0.x NOT VULNERABLE - ? --------------------- Description: H-Sphere is a scalable multiserver webhosting control panel, which provides...