hackerbinhphuoc

CVE-2007-5776 EXPLOITDB text WRITEUP

i-Gallery 3.4 - Path Traversal via Encoded Backslash Sequences in d Parameter

Directory traversal vulnerability in igallery.asp in Blue-Collar Productions i-Gallery 3.4 allows remote attackers to read arbitrary files via encoded backslash sequences in the d parameter, as demonstrated by a "%5c../../%5c" sequence.

View Code

CVE-2008-5222 EXPLOITDB text WORKING POC

dvbbs 8.2.0 - SQL Injection via login.asp Username Parameter

SQL injection vulnerability in login.asp in Dvbbs 8.2.0 allows remote attackers to execute arbitrary SQL commands via the username parameter.

View Code