Secunia Security Advisory - Some vulnerabilities have been reported in cpCommerce, which can be exploited by malicious people to conduct cross-site scripting attacks.
2e01dab4166ddd6f8427c93cca968e7025cff77bef5a6824a6f393b72250802bsqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific DBMS tables/columns, run his own SQL SELECT statement, read specific files on the file system and much more.
d6b7e45015e2226774d298a56d321bed91d79bc32fb419ae257be2f1063f03ebrGallery version 1.09 remote blind SQL injection exploit.
87dbbe0f935c4ace1a011a85735384150ce3e0952de48f41bbdaa86b49f11927Wysi Wiki Wyg version 1.0 suffers from local file inclusion, cross site scripting, and phpinfo disclosure vulnerabilities.
013c42d3ee825198749b805710b7e8c0d7083031f736ae79f699b1ee969d1f08PassWiki versions 0.9.17 and below suffer from a local file inclusion vulnerability. This is a five month old vulnerability that remains unpatched as new versions come out. Consumer beware!
8c02bbaa5018efa02295c143cae09f3f5d92e2b4db38cc33d72126868b1316d4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed