EUVD-2009-1509

Malware in sbrugna...

EUVD-2009-1505

Malware in sbrugna...

Discuz! X 跨站脚本漏洞

Discuz! X is a forum platform. A cross-site scripting vulnerability exists in version 3.4-20200818 and prior versions of Discuz! X. The vulnerability stems from the fact that incorrect manipulation of the uchidden parameter can lead to cross-site scripting...

X-Forum 0.6.2 - Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl Web App: X-Forum 0.6.2 Link : http://freefr.dl.sourceforge.net/sourceforge/x-forum/xforum-0.6.2.tar.gz Bug : Auth Bypass via Cookie Handling : There are also other SQL Injections Remote Command Execution Exploit Credits to Giovanni Buzzin, Osirys...

CVE-2009-1512

Static code injection vulnerability in X-Forum 0.6.2 allows remote authenticated administrators to inject arbitrary PHP code into Config.php via the adminEMail parameter to SaveConfig.php...

Code injection

Static code injection vulnerability in X-Forum 0.6.2 allows remote authenticated administrators to inject arbitrary PHP code into Config.php via the adminEMail parameter to SaveConfig.php...

CVE-2009-1512

CVE-2009-1512 - Affected: X-Forum 0.6.2. Description: static code injection vulnerability where remote authenticated administrators can inject arbitrary PHP code into Config.php via the adminEMail parameter to SaveConfig.php. Impact: enables code execution under the attacker’s PHP context as auth...

CVE-2009-1512

Static code injection vulnerability in X-Forum 0.6.2 allows remote authenticated administrators to inject arbitrary PHP code into Config.php via the adminEMail parameter to SaveConfig.php...

Sql injection

SQL injection vulnerability in the xforumvalidateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookieusername parameter to Configure.php...

CVE-2009-1508

CVE-2009-1508 affects X-Forum 0.6.2. The vulnerability is an SQL injection in the function xforum_validateUser in Common.php , allowing remote attackers to execute arbitrary SQL commands via the cookie_username parameter to Configure.php. The NVD entry and related records confirm the issue and im...

CVE-2009-1508

SQL injection vulnerability in the xforumvalidateUser function in Common.php in X-Forum 0.6.2 allows remote attackers to execute arbitrary SQL commands, as demonstrated via the cookieusername parameter to Configure.php...

X-Forum 0.6.2 Authentication Bypass

!/usr/bin/perl Web App: X-Forum 0.6.2 Link : http://freefr.dl.sourceforge.net/sourceforge/x-forum/xforum-0.6.2.tar.gz Bug : Auth Bypass via Cookie Handling : There are also other SQL Injections Remote Command Execution Exploit Credits to Giovanni Buzzin, "Osirys" Mail osirysatautisticidotorg It...

X-Forum 0.6.2 - Remote Command Execution

X-Forum 0.6.2 - Remote Command Execution !/usr/bin/perl Web App: X-Forum 0.6.2 Link : http://freefr.dl.sourceforge.net/sourceforge/x-forum/xforum-0.6.2.tar.gz Bug : Auth Bypass via Cookie Handling : There are also other SQL Injections Remote Command Execution Exploit Credits to Giovanni Buzzin,...

X-Forum 0.6.2 - Remote Command Execution

!/usr/bin/perl Web App: X-Forum 0.6.2 Link : http://freefr.dl.sourceforge.net/sourceforge/x-forum/xforum-0.6.2.tar.gz Bug : Auth Bypass via Cookie Handling : There are also other SQL Injections Remote Command Execution Exploit Credits to Giovanni Buzzin, "Osirys" Mail osirysatautisticidotorg It...

X-Forum 0.6.2 Remote Command Execution Exploit

Exploit for unknown platform in category web applications ============================================== X-Forum 0.6.2 Remote Command Execution Exploit ============================================== !/usr/bin/perl Web App: X-Forum 0.6.2 Link :...