exploit the possibilities
Showing 76 - 100 of 100 RSS Feed

Files

TorrentTrader 2.08 XSS / Directory Traversal / Bypass
Posted Sep 17, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

TorrentTrader version 2.08 suffers from authorization bypass, cross site scripting, path disclosure, and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 80f944bda396bc57c5a55368cbeda7aa

Related Files

waraxe-2004-SA029.txt
Posted May 18, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

PHP-Nuke versions 6.x to 7.3 allow for possible file inclusion.

tags | advisory, php, file inclusion
MD5 | 0103012506b8246cda5c7092c61fec41
waraxe-2004-SA028.txt
Posted May 9, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

The Nuke jokes module for PHPNuke is susceptible to path disclosure, cross site scripting, and SQL injection attacks.

tags | exploit, xss, sql injection
MD5 | d66d60d7836ef40f78ee42673d0e47b9
waraxe-2004-SA027.txt
Posted May 7, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

PHP-Nuke version 6.x through 7.2 suffer from various SQL injection and cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss, sql injection
MD5 | e6e2537ec2fd1485641bcb0bfc844659
waraxe-2004-SA026.txt
Posted May 4, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

Multiple vulnerabilities in Coppermine Photo Gallery version 1.2.2b for PhpNuke. These range from small flaws like path disclosure, cross site scripting, and arbitrary directory browsing, to remote command execution on the underlying server.

tags | advisory, remote, arbitrary, vulnerability, xss
MD5 | cd1d70aec83d6377a9d7c484457221d2
waraxe-2004-SA024.txt
Posted Apr 28, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

Network Query Tool version 1.6 suffers from a cross site scripting and full path disclosure vulnerability.

tags | advisory, xss
MD5 | d1445060688487a6f6a63d4c18dc813c
waraxe-2004-SA022.txt
Posted Apr 22, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

PostNuke 0.726 Phoenix is susceptible to multiple path disclosure and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 26c15fd38d1d3b31e7aacd5170f5c586
waraxe-2004-SA021.txt
Posted Apr 22, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

The phprofession 2.5 module for PostNuke is susceptible to path disclose, cross site scripting, and possible SQL injection attacks.

tags | exploit, xss, sql injection
MD5 | 60a7eb530f31c704d7281ef37d66a91a
waraxe-2004-SA019.txt
Posted Apr 18, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

A critical SQL injection bug exists in Phorum version 3.4.7 that allows a remote attacker to view sensitive data. The problem code lies in userlogin.php.

tags | advisory, remote, php, sql injection
MD5 | 4ae882ee3f72e33204497934edc88d09
waraxe-2004-SA016.txt
Posted Apr 15, 2004
Authored by Janek Vind aka waraxe

Cross site scripting bugs exist in PHP-Nuke versions 6.x through 7.2.

tags | advisory, php, xss
MD5 | 7abc089958e4651935025d4b9f18185b
waraxe-2004-SA018.txt
Posted Apr 12, 2004
Authored by Janek Vind aka waraxe

PHP-Nuke versions 6.x through 7.2 have a flaw that allows for administrator level authentication bypass.

tags | advisory, php
MD5 | c8bd8bb15ea321ee604706efb6b6a8e9
waraxe-2004-SA017.txt
Posted Apr 12, 2004
Authored by Janek Vind aka waraxe

PHP-Nuke versions 6.x through 7.2 have a flaw that allows for user level authentication bypass.

tags | advisory, php
MD5 | 91ab67f7fd06c5c673fbd927a8784c64
waraxe-2004-SA015.txt
Posted Apr 8, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

NukeCalendar version 1.1.a, the PHP-Nuke Calendar Module, suffers from SQL injection, cross site scripting, and full path disclosure flaws.

tags | exploit, php, xss, sql injection
MD5 | 347eabc0fa516ae07eb0e9868b897d7c
waraxe-2004-SA014.txt
Posted Apr 8, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

AzDGDatingLite version 2.1.1 is susceptible to cross site scripting attacks.

tags | advisory, xss
MD5 | bd97228c20b33ab049b77211500e8e10
waraxe-2004-SA013.txt
Posted Mar 27, 2004
Authored by Janek Vind aka waraxe

A SQL injection vulnerability in PHPBB versions 2.0.8 and below allows an attacker the ability to extract the administrator password hash.

tags | exploit, sql injection
MD5 | c316b4db1e73a0dca9df33134cbd779e
waraxe-2004-SA012.txt
Posted Mar 27, 2004
Authored by Janek Vind aka waraxe

Multiple SQL injection and cross site scripting vulnerabilities lie in XMB 1.8 Partagium SP3 and 1.9 Nexus Beta. Full exploitation syntax given.

tags | exploit, vulnerability, xss, sql injection
MD5 | 9d1f6f6943811ac0c1887925ea3d441c
waraxe-2004-SA008.txt
Posted Mar 23, 2004
Authored by Janek Vind aka waraxe

PHP-Nuke versions 6.x through 7.1.0 allow for link inclusions that can force an administrator to unknowingly add a superuser.

tags | advisory, php
MD5 | 16ed4cb0b4664693cee520faf21ab541
waraxe-2004-SA011.txt
Posted Mar 23, 2004
Authored by Janek Vind aka waraxe

MS Analysis module version 2.0 for PHP-Nuke has full path disclosure, cross site scripting, and SQL injection vulnerabilities.

tags | advisory, php, vulnerability, xss, sql injection
MD5 | 7bd49123ef6d14a8d1036985619167ff
waraxe-2004-SA010.txt
Posted Mar 18, 2004
Authored by Janek Vind aka waraxe

Multiple vulnerabilities exist in the Error Manager version 2.1 for PhpNuke 6.0. One of them allows for script injection in error logs, forcing an administrator to execute code when viewing the logs.

tags | exploit, vulnerability
MD5 | c5211d7706772572c3d0aa67c167526f
waraxe-2004-SA007.txt
Posted Mar 17, 2004
Authored by Janek Vind aka waraxe

Both cross site scripting and SQL injection vulnerabilities exist in the 4nGuestbook version 0.92 module for PHP-Nuke versions 6.5 through 6.9.

tags | exploit, php, vulnerability, xss, sql injection
MD5 | becce8a2081f9a11e8233b6d1b356fc1
waraxe-2004-SA006.txt
Posted Mar 17, 2004
Authored by Janek Vind aka waraxe

The 4nalbum module for PHP-Nuke versions 6.5 to 7.0 suffers from path disclosure, cross site scripting, remote file inclusion, and SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, xss, sql injection, file inclusion
MD5 | 369a410f953e7fff7195f32b0c5adfd7
waraxe-2004-SA005.txt
Posted Mar 17, 2004
Authored by Janek Vind aka waraxe

PHP-Nuke 7.1.0 is susceptibel to multiple cross site scripting attacks.

tags | exploit, php, xss
MD5 | 5b9ef9a1588d59a6e090331c3ad524ba
waraxe-2004-SA004.txt
Posted Feb 24, 2004
Authored by Janek Vind aka waraxe

Extreme Messageboard aka XMB version 1.8 Partagium Final SP2 is vulnerable to multiple SQL injection and cross site scripting attacks.

tags | exploit, xss, sql injection
MD5 | 5381c5e782a35b2bee530ecab38cd3d0
waraxe-2004-SA003.txt
Posted Feb 9, 2004
Authored by Janek Vind aka waraxe

PHP-Nuke versions 6.x through 7.1.0 are susceptible to SQL injection attacks.

tags | advisory, php, sql injection
MD5 | ad9f77125c5096f3d0585a34e45b6ac4
waraxe-2004-SA002.txt
Posted Feb 9, 2004
Authored by Janek Vind aka waraxe

A cross site scripting vulnerability exists in PHP-Nuke 7.1.0.

tags | advisory, php, xss
MD5 | 46a324bf1a709174db6f8b7e6e96c47e
waraxe-2004-SA001.txt
Posted Feb 3, 2004
Authored by Janek Vind aka waraxe

GBook for Php-Nuke version 1.0 fails to sanity check user input allowing for script injection and cookie theft.

tags | advisory, php
MD5 | a1641d12750185e939e6b0ac15679261
Page 4 of 4
Back1234Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    10 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close