7698 matches found
sphpblog多个输入验证漏洞
Simple PHP Blog是一款无需数据库支持的简单Blog程序。 sphpblog中存在多个漏洞,起因是应用程序没有正确的验证用户输入。远程攻击者可以利用这些漏洞获取敏感信息或执行任意代码。 A. 完整路径泄漏 http://Url/sphpblog/scripts/sbfunctions.php Ex: Warning: mainscripts/sbfileio.php: failed to open stream: No such file or directory in /var/www/sphpblog/scripts/sbfunctions.php on line 52...
Php5 GPC bypass flaw-vulnerability warning-the black bar safety net
In the discussion of specific defects before we start to learn a little about php security aspect of small things. magicquotesgpc option is php one of the important security settings, when the option is ON that is open at the time, all from GET, POST, COOKie is passed over the data in the'," and,...
Light Blog Multiple Vulnerabilities Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "\r\n"; echo "Light Blog Multiple Vulnerabilities Exploit\r\n"; echo "by BlackHawk [email protected]\r\n"; echo "Thanks to rgod for the php code and Marty for the Love\r\n\r\n"; if $argc4 echo "Usage: php ".$argv0."...
Light Blog Remote Multiple Vulnerabilities Exploit
Exploit for unknown platform in category web applications ================================================== Light Blog Remote Multiple Vulnerabilities Exploit ================================================== !/usr/bin/php -q -d shortopentag=on \r\n"; echo "Thanks to rgod for the php code and...
Light Blog Remote Multiple Vulnerabilities Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "\r\n"; echo "Light Blog Multiple Vulnerabilities Exploit\r\n"; echo "by BlackHawk [email protected]\r\n"; echo "Thanks to rgod for the php code and Marty for the Love\r\n\r\n"; if $argc4 echo "Usage: php ".$argv0."...
Light Blog Remote - Multiple Vulnerabilities
!/usr/bin/php -q -d shortopentag=on \r\n"; echo "Thanks to rgod for the php code and Marty for the Love\r\n\r\n"; if $argc Related: Title Post\r\n"; echo " |- Es: php ".$argv0." localhost /blog/ 1 Hacked I Got You\r\n\r\n"; echo " 2 - Deface Blog With XSS\r\n"; echo " |- Related: WebPage\r\n"; ec...
Light Blog Remote - Multiple Vulnerabilities
Light Blog Remote - Multiple Vulnerabilities !/usr/bin/php -q -d shortopentag=on \r\n"; echo "Thanks to rgod for the php code and Marty for the Love\r\n\r\n"; if $argc Related: Title Post\r\n"; echo " |- Es: php ".$argv0." localhost /blog/ 1 Hacked I Got You\r\n\r\n"; echo " 2 - Deface Blog With...
SQL Injection simplog
Softare: Simplog www.simplog.org version:0.9.3.1 i assume others as well There are a few sql injections available with this software. This one is in preview.php eg. http://site/preview.php?blogid=2&adm=tem&tid=-120union20select20passw ord20from20blogusers20where20name='insert username here'...
Simplog0.9.3.1.txt
// http://www.w4cking.com CREDIT: w4ck1ng.com PRODUCT: Simplog 0.9.3.1 http://www.simplog.org/ VULNERABILITY: SQL Injection NOTES: - SQL injection can be used to obtain password hash - requires at least one blog entry POC:...
Simplog 0.9.3.1 SQL Injection
// http://www.w4cking.com CREDIT: w4ck1ng.com PRODUCT: Simplog 0.9.3.1 http://www.simplog.org/ VULNERABILITY: SQL Injection NOTES: - SQL injection can be used to obtain password hash - requires at least one blog entry POC: host/path/comments.php?op=edit&cid=120union20select209,9,9,login,...
CVE-2006-5383
SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter...
CVE-2006-5383
SQL injection vulnerability in comadd.php in Def-Blog 1.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the article parameter...
CVE-2006-5383
The CVE-2006-5383 entry describes an SQL injection in Def-Blog 1.0.1 and earlier, exploitable via the article parameter in comadd.php. Affected software is Def-Blog (version 1.0.1 and earlier). Root cause: improper handling of user-supplied input in the article parameter leading to SQL command ex...
Simplog <= 0.9.3.1 comments.php Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ============================================================ Simplog = 0.9.3.1 comments.php Remote SQL Injection Exploit ============================================================ !/usr/bin/php ?php / Simplog 0.9.3.1 Remote SQL Injection...
Def-Blog <= v1.0.1 (article) Remote SQL Injection Exploit
============================================================================================== Def-Blog = v1.0.1 article Remote SQL Injection Exploit =============================================================================================== Critical Level : Dangerous Venedor site :...
Simplog 0.9.3.1 - comments.php SQL Injection
Simplog 0.9.3.1 - comments.php SQL Injection !/usr/bin/php input type=text name=c...
Def-Blog 1.0.3 - comadd.php SQL Injection
Def-Blog 1.0.3 - comadd.php SQL Injection ============================================================================================== Def-Blog = v1.0.1 article Remote SQL Injection Exploit =============================================================================================== Critical...
Def-Blog <= 1.0.3 (comadd.php) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================= Def-Blog = 1.0.3 comadd.php Remote SQL Injection Vulnerability =================================================================...
Def-Blog <= 1.0.3 (comadd.php) Remote SQL Injection Vulnerability
No description provided by source. ============================================================================================== Def-Blog = v1.0.1 article Remote SQL Injection Exploit =============================================================================================== Critical Level :...
Def-Blog 1.0.3 - 'comadd.php' SQL Injection
============================================================================================== Def-Blog = v1.0.1 article Remote SQL Injection Exploit =============================================================================================== Critical Level : Dangerous Venedor site :...