what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 25 of 100

Files

Photo Video Album Transfer 1.0 Local File Inclusion / Shell Upload

Posted Dec 12, 2013

Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Photo Video Album version 1.0 suffers from local file inclusion and remote shell upload vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, file inclusion

SHA-256 | f3876755c36f7ac9243e6f8a55d654c919116bcd7078c7115015dc4c737dd532

Download | Favorite | View

Related Files

phAlbum PHP Gallery Script Cross Site Scripting

Posted May 21, 2012

Authored by Eyup CELIK

phAlbum PHP Gallery Script suffers from a cross site scripting vulnerability.

tags | exploit, php, xss

SHA-256 | 723c6ef6661ac7169ced0e8dd7d0c1a433062a8a9b5a6efd4ad00d031c7e04c4

Download | Favorite | View

AZ Photo Album Script Cross Site Scripting

Posted May 20, 2012

Authored by Eyup CELIK

AZ Photo Album Script suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 67c1f4e7e765e2ef1004814e8c609e03928e2d5b01480f844ec760aa7baca03a

Download | Favorite | View

Secunia Security Advisory 49153

Posted May 16, 2012

Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the GRAND Flash Album Gallery plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss

SHA-256 | a77f72d8f4a087f9be527dbc521bf9a33d690daa4863add41ff2e6016964b40e

Download | Favorite | View

WordPress GRAND Flash Album Gallery 1.71 Cross Site Scripting

Posted May 15, 2012

Authored by Heine Pedersen, Torben Jensen

WordPress GRAND Flash Album Gallery plugin version 1.71 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | f8e3ad655366ed8334d5ad7319016080824fd78ae0389fe892dab384e5401686

Download | Favorite | View

Dalbum 144 Build 174 Cross Site Request Forgery

Posted Mar 30, 2012

Authored by Ahmed Elhady Mohamed

Dalbum version 144 build 174 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | 00db7898e4448ebb13cb644498d530d22f039f12896633da126ec0a6476a7296

Download | Favorite | View

Ez Album Blind SQL Injection

Posted Jan 31, 2012

Authored by Red Security TEAM

Ez Album suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | 86ab2ada6506babeabdfbd62d8142f04453bcb2e820296718e246a63c0acd478

Download | Favorite | View

WordPress Flash Album Gallery Cross Site Scripting

Posted Nov 30, 2011

Authored by Am!r | Site irist.ir

The WordPress flash-album-gallery plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | c688bb0b8f202c7a6bc310458f0bf58c3de2ea24bb5ddaaaa3c66c574d93f542

Download | Favorite | View

PHP Photo Album 0.4.1.16 Cross Site Scripting / Disclosure

Posted Oct 29, 2011

Authored by BHG Security Center

PHP Photo Album version 0.4.1.16 suffers from cross site scripting and local file disclosure vulnerabilities.

tags | exploit, local, php, vulnerability, xss, info disclosure

SHA-256 | 9eff1e5176c1596c336a40be56eb0e5eb102b38a0edc5861694345c87a39bc1c

Download | Favorite | View

Secunia Security Advisory 46467

Posted Oct 19, 2011

Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the WP Photo Album Plus plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection

SHA-256 | a7f4b3fb5706c63dc7640c1609a7529b3581bb852de12c94248812f29f214298

Download | Favorite | View

WordPress Photo Album Plus 4.1.1 SQL Injection

Posted Oct 15, 2011

Authored by Skraps

WordPress Photo Album Plus versions 4.1.1 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | bf3ea8918c7de9782e264e2d6b05ec45720b07a5c20144302c4a8eed53b6c5d3

Download | Favorite | View

Lava SQL Injection

Posted Jul 26, 2011

Authored by Ehsan_Hp200

Lava suffers from a remote SQL injection vulnerability in news_item.php, album.php, and basket.php.

tags | exploit, remote, php, sql injection

SHA-256 | ca455bae22c08a2def4b87882405127bfed3a0a4f8e0a66f5d22e734d387e2d1

Download | Favorite | View

WP Photo Album WordPress Plugin 1.5.1 Cross Site Scripting

Posted Apr 28, 2011

Authored by High-Tech Bridge SA | Site htbridge.com

WP Photo Album WordPress plugin version 1.5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | a8836eafacba3a9faa51ea0de462b5618a7fb80f46ff27f72fde7b2339bd4e16

Download | Favorite | View

Secunia Security Advisory 44351

Posted Apr 28, 2011

Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in the WP Photo Album plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss

SHA-256 | b312c13692dcd4c27af3fd63da62cf83cbb52e70aaf57182a8a1a8eeda435c19

Download | Favorite | View

Max's PHP Photo Album 2008-04-01 Cross Site Scripting

Posted Apr 26, 2011

Authored by High-Tech Bridge SA | Site htbridge.com

Max's PHP Photo Album version 2008-04-01 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss

SHA-256 | 865f9eeda078f67afc8df04cb115c4931e94a7f03dace5abc17c21b09e53d610

Download | Favorite | View

Secunia Security Advisory 44249

Posted Apr 20, 2011

Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered two vulnerabilities in DAlbum, which can be exploited by malicious people to conduct cross-site request forgery and cross-site scripting attacks.

tags | advisory, vulnerability, xss, csrf

SHA-256 | 7f37a7ec3c14a8a75272a3dfa83d14510e625cd241145e51c09141ff37a29c00

Download | Favorite | View

Dalbum 1.43 XSRF / XSS / Path Disclosure

Posted Apr 19, 2011

Authored by High-Tech Bridge SA | Site htbridge.com

Dalbum version 1.43 suffers from cross site request forgery, cross site scripting, and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf

SHA-256 | 09372ad70aa1abc41f8aa4a481a03890c923d2e52985bf88da28c1730df43db1

Download | Favorite | View

Secunia Security Advisory 44078

Posted Apr 15, 2011

Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered multiple vulnerabilities in PHP Album, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks and compromise a vulnerable system.

tags | advisory, php, vulnerability, xss, csrf

SHA-256 | 250551d6477eec634d672bf9afe15cb68288d5564a7dce79a3407a31e4e608cc

Download | Favorite | View

phpAlbum.net 0.4.1-14_fix06 XSS / XSRF / Command Execution

Posted Apr 14, 2011

Authored by High-Tech Bridge SA | Site htbridge.com

phpAlbum.net version 0.4.1-14_fix06 suffers from cross site request forgery, cross site scripting, and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability, xss, csrf

SHA-256 | d3b3b2fe24c513488e371d057b26f458e7b0f4c91bfcc64d6293c28262d7bbbb

Download | Favorite | View

GRAND Flash Album Gallery 0.55 SQL Injection / File Disclosure

Posted Mar 8, 2011

Authored by High-Tech Bridge SA | Site htbridge.com

GRAND Flash Album Gallery WordPress plugin version 0.55 suffers from remote SQL injection and file disclosure vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure

SHA-256 | 2e380e18f2ca3a4c01a87b1b6c137237d8ca4b642dc12ce6c0f32975a86bf800

Download | Favorite | View

Secunia Security Advisory 43648

Posted Mar 8, 2011

Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered two vulnerabilities in the GRAND Flash Album Gallery plugin for WordPress, which can be exploited by malicious people to disclose sensitive information and conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection

SHA-256 | d6f5af5200cd032d07abe6c20ce45e1582698a4bd2094773b362616b2cb816ad

Download | Favorite | View

EasyPhpAlbum 1.4.4 Remote File Inclusion

Posted Jan 26, 2011

Authored by DIES3L

EasyPhpAlbum version 1.4.4 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion

SHA-256 | 2bae0999d88f5244b8451e4077620bf50cbb209654f694efb49c8232a4aaaeee

Download | Favorite | View

Various Software DLL Hijacking

Posted Oct 28, 2010

Authored by APA IUTCERT

ACDSee Photo Manager, FlipAlbum Vista Pro, Internet Download Manager, Nessus Client, Orbit Downloader, Secunia PSI and WinMerge all suffer from an insecure library loading / DLL hijacking vulnerability.

tags | advisory

SHA-256 | e351ec50286cc84d95d4590ed5d70f3ce2de0cae42c7aa135fc7c39567db4ff9

Download | Favorite | View

Secunia Security Advisory 41752

Posted Oct 17, 2010

Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the MG User-Fotoalbum module for PHP-Fusion, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, php, sql injection

SHA-256 | ee0d7aadc857fa09007ced60f0f4a1a08d454cf3ae49924f30eae915d393e485

Download | Favorite | View

PHP-Fusion MG User-Fotoalbum SQL Injection

Posted Oct 11, 2010

Authored by Easy Laster

PHP-Fusion MG User-Fotoalbum suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection

SHA-256 | 967edeb547e4adc6c8736fb937e8dd20c1d1f59017d026dd6a61d5841e1d277c

Download | Favorite | View

Atomic Photo Album 1.0.2 SQL Injection / Cross Site Scripting

Posted Aug 27, 2010

Authored by sh00t0ut

Atomic Photo Album version 1.0.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection

SHA-256 | 0c2bcceba9439a45aac31417029510fb1f5f4fdc4a980e61123922f07f5c5f8e

Download | Favorite | View