7699 matches found
Blog PixelMotion - categorie SQL Injection
Blog PixelMotion - categorie SQL Injection Blog Pixel Motion Sql Injection Vulnerability ------------------------------------------------------------------------------------------------- Author : parad0x Home : www.inso.host.sk Script : Blog PixelMotion Download :...
Blog PixelMotion - 'sauvBase.php' Arbitrary Database Backup
------------------------------------------------------------------------- -- JIKI Team JIKO + KIl1er --- ------------------------------------------------------------------------- Author : jiko jiki team email : [email protected] Home : www.no-back.org Script : Blog PixelMotion Bug : Database...
destar 0.2.2-5 Arbitrary Add New User Exploit
No description provided by source. !/usr/bin/python Exploit for destar 0.2.2-5, tested on Linux Debian Bug found and exploit coded by a non root user http://nonroot.blogspot.com Enero 2008 This is a PoC, please use it just for learning how to exploit something use: $python ./exploitcode.py...
Destar 0.2.2-5 - Arbitrary Add Admin
Destar 0.2.2-5 - Arbitrary Add Admin !/usr/bin/python Exploit for destar 0.2.2-5, tested on Linux Debian Bug found and exploit coded by a non root user http://nonroot.blogspot.com/ Enero 2008 This is a PoC, please use it just for learning how to exploit something use: $python ./exploitcode.py...
Joomla! Component d3000 1.0.0 - SQL Injection
Joomla! Component d3000 1.0.0 - SQL Injection Powered by Download 3000 AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : "Powered by Download 3000" DORK 2 : allinurl: "comd3000" EXPLOiT :...
CVE-2008-1370
PHP remote file inclusion vulnerability in index.php in wildmary Yap Blog 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
Remote file inclusion
PHP remote file inclusion vulnerability in index.php in wildmary Yap Blog 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-1370
The provided connected sources confirm CVE-2008-1370 is a remote file inclusion vulnerability in Yap Blog’s index.php. Affected software: Yap Blog 1.1 (and up to 1.1.1 per OpenVAS entry). Root cause: insufficient sanitization/validation of user-supplied input, allowing a crafted URL in the page p...
yapblog-rfi.txt
Description: Yap Blog 1.1 Remote File Include RFI Script Name: Yap Blog 1.1 Author : THEMILLER contact : themilleratlinuxmail.org Download URL : http://wildmary.net-sauvage.com/share/yap1.1.tar.gz Bug Type: Remote File Inclusion Bug In: index.php Vulnerable Code: if isset$GET'page' include...
Bloo 1.00 - Multiple SQL Injections
Bloo 1.00 - Multiple SQL Injections --==+================================================================================+==-- --==+ Bloo - Object Oriented Blog Software = v.1.00 Remote Sql Injection +==-- --==+================================================================================+==--...
Bloo 1.00 - Multiple SQL Injections
--==+================================================================================+==-- --==+ Bloo - Object Oriented Blog Software = v.1.00 Remote Sql Injection +==-- --==+================================================================================+==-- Author: MhZ91 Title: Bloo - Object...
Bloo <= 1.00 Multiple Remote SQL Injection Vulnerabilities
No description provided by source. --==+================================================================================+==-- --==+ Bloo - Object Oriented Blog Software = v.1.00 Remote Sql Injection +==-- --==+================================================================================+==--...
Sun JDK image parsing vulnerabilities
Hi, A couple more JPEG ICC parsing bugs were fixed in the latest JDK updates. Full technical details: http://scary.beasts.org/security/CESA-2007-005.html The most interesting part is the faulty code: Limit = SpGetUInt32 Buf; ... UInt16Ptr = KpUInt16t SpMalloc Limit KpInt32tsizeof UInt16Ptr; ... f...
Yap Blog 1.1 - index.php Remote File Inclusion
Yap Blog 1.1 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/28120/info Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and...
Yap Blog 1.1 - 'index.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/28120/info Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also...
WordPress Plugin Recipes Blog - 'id' SQL Injection
source: https://www.securityfocus.com/bid/27856/info The WordPress Recipes Blog plugin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
WordPress Plugin Recipes Blog - id SQL Injection
WordPress Plugin Recipes Blog - id SQL Injection source: https://www.securityfocus.com/bid/27856/info The WordPress Recipes Blog plugin is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue...
Cross site scripting
Cross-site scripting XSS vulnerability in search.php in A-Blog 2 allows remote attackers to inject arbitrary web script or HTML via the words parameter...
CVE-2008-0676
Cross-site scripting XSS vulnerability in search.php in A-Blog 2 allows remote attackers to inject arbitrary web script or HTML via the words parameter...
Sql injection
SQL injection vulnerability in blog.php in A-Blog 2 allows remote attackers to execute arbitrary SQL commands via the id parameter in a news action...