143 matches found
CVE-2007-0372
Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 7.9 allow remote attackers to execute arbitrary SQL commands via 1 the active parameter in admin/modules/modules.php; the 2 adclass, 3 imageurl, 4 clickurl, 5 adcode, or 6 position parameter in modules/Advertising/admin/index.php;...
mxBB Module WebLinks <= 2.05 Remote Inclusion Vulnerability
No description provided by source. Title : mxBB Module WebLinks = 2.05mxrootpath Remote File Include Vulnerability Author : ajann Contact : : S.Page : http://www.mx-system.com Dork : /modules/mxlinks/ ERROR------------------------------------------------------ .... .. includeonce $mxrootpath...
mxBB Module WebLinks <= 2.05(mx_root_path) Remote File Include Vulnerability
Title : mxBB Module WebLinks = 2.05mxrootpath Remote File Include Vulnerability Author : ajann Contact : : S.Page : http://www.mx-system.com Dork : /modules/mxlinks/ ERROR------------------------------------------------------ .... .. includeonce $mxrootpath...
mxBB Module WebLinks 2.05 - Remote File Inclusion
mxBB Module WebLinks 2.05 - Remote File Inclusion Title : mxBB Module WebLinks = 2.05mxrootpath Remote File Include Vulnerability Author : ajann Contact : : S.Page : http://www.mx-system.com Dork : /modules/mxlinks/ ERROR------------------------------------------------------ .... .. includeonce...
mxBB Module WebLinks <= 2.05 Remote Inclusion Vulnerability
Exploit for unknown platform in category web applications =========================================================== mxBB Module WebLinks = 2.05 Remote Inclusion Vulnerability =========================================================== Title : mxBB Module WebLinks = 2.05mxrootpath Remote File...
mxBB Module WebLinks 2.05 - Remote File Inclusion
Title : mxBB Module WebLinks = 2.05mxrootpath Remote File Include Vulnerability Author : ajann Contact : : S.Page : http://www.mx-system.com Dork : /modules/mxlinks/ ERROR------------------------------------------------------ .... .. includeonce $mxrootpath...
CVE-2006-4969
Multiple PHP remote file inclusion vulnerabilities in WAHM E-Commerce Pie Cart Pro allow remote attackers to execute arbitrary PHP code via a URL in the IncDir parameter in 1 affiliates.php, 2 orders.php, 3 events.php, 4 index.php, 5 articles.php, 6 faqs.php, 7 guestbook.php, 8 catalog.php, 9...
Pie Cart Pro (Inc_Dir) Remote File Include Vulnerabilities
No description provided by source. ==================================================================== Pie Cart Pro = IncDir Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By SnIpErSA http://www.doodlebabies.com/...
Pie Cart Pro (Inc_Dir) Remote File Include Vulnerabilities
Exploit for unknown platform in category web applications ========================================================== Pie Cart Pro IncDir Remote File Include Vulnerabilities ==========================================================...
Pie Cart Pro - 'Inc_Dir' Remote File Inclusion
==================================================================== Pie Cart Pro = IncDir Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By SnIpErSA http://www.doodlebabies.com/...
CVE-2006-3481
Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the 1 "Remember Me" function, 2 "Related Items" module, and the 3 "Weblinks submission"...
CVE-2006-3481
Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the 1 "Remember Me" function, 2 "Related Items" module, and the 3 "Weblinks submission"...
CVE-2006-3262
SQL injection vulnerability in the Weblinks module weblinks.php in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter...
CVE-2006-3263
SQL injection vulnerability in the Weblinks module weblinks.php in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter...
CVE-2006-3262
The CVE-2006-3262 entry describes an SQL injection in the Weblinks module (weblinks.php) of Mambo 4.6rc1 and earlier. The vulnerability allows remote attackers to execute arbitrary SQL commands via the title parameter. Affected: Mambo 4.6rc1 and earlier (Weblinks component). Root cause: lack of i...
CVE-2006-3263
SQL injection vulnerability in the Weblinks module weblinks.php in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter...
CVE-2006-3262
SQL injection vulnerability in the Weblinks module weblinks.php in Mambo 4.6rc1 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter...
CVE-2006-3263
The CVE-2006-3263 issue is a SQL injection in the Weblinks module (weblinks.php) of Mambo 4.6rc1 and earlier. The root cause is unsanitized input through the catid parameter, enabling remote attackers to execute arbitrary SQL commands. Affected product: Mambo Weblinks component; affected version ...
mambo_46rc1_sql.txt
!/usr/bin/php -q -d shortopentag=on mysqld --log=mambo.txt now login, go to "Submit Weblink" feature, in "Name: " field type: 99999' UNION SELECT IF ASCIISUBSTRINGpassword,1,1=0 & 1, benchmark200000000,CHAR0,0 FROM mosusers WHERE usertype='Super Administrator'/ in mambo.txt we have: 13 Query SELE...
Joomla -- multiple vulnerabilities
Joomla Site reports: Secured "Remember Me" functionality against SQL injection attacks Secured "Related Items" module against SQL injection attacks Secured "Weblinks" submission against SQL injection attacks Secured SEF from XSS vulnerability Hardened frontend submission forms against spoofing...