Cyberoam - Blind SQL Injection

Description The username field in the captive portal of Cyberoam NG firewall is vulnerable to SQL Injection and can be exploited to execute sql commands on the database. The username field is vulnerable to the following types of SQL Injections a Boolean-based blind sql injection b Stacked...

freeSSHd 1.3.1 Denial Of Service

Exploit title: freesshd 1.3.1 denial of service vulnerability Date: 28-8-2015 Vendor homepage: http://www.freesshd.com Software Link: http://www.freesshd.com/freeSSHd.exe Version: 1.3.1 Author: 3unnym00n Details: ---------------------------------------------- byte SSHMSGCHANNELREQUEST uint32...

ResourceSpace CMS 7.3.7009 SQL Injection Vulnerability

ResourceSpace CMS versions 7.3.7009 and below suffer from a remote SQL injection vulnerability. Title: Blind boolean sql injection vulnerability in ResourceSpace CMS Author: William F. Reyor III Contact: email protected Published: August 22 2015 Vendor: Montala Limited Vendor url:...

Wordpress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress cp-multi-view-calendar.1.1.7 Unauthenticated SQL injection vulnerabilities Date: 2015-07-10 Google Dork: Index of /wordpress/wp-content/plugins/cp-multi-view-calendar Exploit Author: Joaquin Ramirez Martinez i0akiN...

ApPHP Hotel Site 3.x.x SQL Injection Vulnerability

ApPHP Hotel Site version 3.x.x suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data. ApPHP Hotel site SQLi Vulnerability ApPHP Hotel Site is an Hotel application programs using PHP Language. title : ApPHP Hotel Site v.3.x.x. godork : ".php?pid=" "ApP...

Amazon Product In a Post Plugin - SQL Injection

amazon-product-in-a-post.php - this plugin takes raw user values and uses it delete from the database. This query can be manipulated to perform SQL injection attacks. Line 40: $tempswe = $wpdb-query"DELETE FROM $wpdb-prefixamazoncache WHERE Cacheid ='$wp-queryvars'appip-cache-id'' LIMIT 1;"; sqlm...

OracleVM 3.3 : openssl (OVMSA-2015-0039)

The remote OracleVM system is missing necessary patches to address critical security updates : - update fix for CVE-2015-0287 to what was released upstream - fix CVE-2015-0209 - potential use after free in d2iECPrivateKey - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix...

openssl security update

1.0.1e-30.7 - update fix for CVE-2015-0287 to what was released upstream 1.0.1e-30.6 - fix CVE-2015-0209 - potential use after free in d2iECPrivateKey - fix CVE-2015-0286 - improper handling of ASN.1 boolean comparison - fix CVE-2015-0287 - ASN.1 structure reuse decoding memory corruption - fix...

OpenSSL 'ASN1_TYPE_cmp' Function Denial of Service Vulnerability

OpenSSL is an open source implementation of SSL used to enable strong encryption of network communications and is now widely used in a variety of web applications. A denial of service vulnerability exists in the 'ASN1TYPEcmp' function of OpenSSL 'crypto/asn1/atype.c'. Due to the program failing t...

Ubuntu 14.04 LTS : OpenSSL vulnerabilities (USN-2537-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2537-1 advisory. It was discovered that OpenSSL incorrectly handled malformed EC private key files. A remote attacker could possibly use this issue to cause OpenSSL to...

USN-2537-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled malformed EC private key files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or execute arbitrary code. CVE-2015-0209 Stephen Henson discovered that OpenSSL incorrectly handled...

Joomla! Component ECommerce-WD 1.2.5 - SQL Injection

Version 1.2.5 of the ECommerce-WD plugin for Joomla! has multiple unauthenticated SQL injections available via the advanced search functionality. http://extensions.joomla.org/extension/ecommerce-wd The vulnerable parameters are searchcategoryid, sortorder, and filtermanufacturerids within the...

UBUNTU-CVE-2015-0286

The ASN1TYPEcmp function in crypto/asn1/atype.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not properly perform boolean-type comparisons, which allows remote attackers to cause a denial of service invalid read operation and application crash...

53KF某处一个注入点

简要描述： 某处的一个注入 详细说明： 存在注入的地址: http://www10.53kf.com/zdydbgg2.php?styleid=106098168&companyid=72067196&dbggtype=2 sqlmap identified the following injection points with a total of 0 HTTPs requests: --- Place: GET Parameter: styleid Type: boolean-based blind Title: AND boolean-based blind - WHERE or...

Cart Engine 3.0 - Multiple Vulnerabilities

=== Details === Quantum Leap Advisory: http://www.quantumleap.it/cart-engine-3-0-multiple-vulnerabilities-sql-injection-reflected-xss-open-redirect/ Affected Product: Cart Engine Version: 3.0 === Executive Summary === SQL Injection: Using a specially crafted HTTP request, it is possible to exploi...

Cart Engine 3.0 XSS / Open Redirect / SQL Injection

=== Details === Quantum Leap Advisory: http://www.quantumleap.it/cart-engine-3-0-multiple-vulnerabilities-sql-injection-reflected-xss-open-redirect/ Affected Product: Cart Engine Version: 3.0 === Executive Summary === SQL Injection: Using a specially crafted HTTP request, it is possible to exploi...

@CMS 2.1.1 SQL Injection

SQL Injection on @CMS 2.1.1 Stable Risk: High CWE number: CWE-89 Date: 22/08/2014 Vendor: www.atcode.net Author: Felipe " Renzi " Gabriel Contact: [email protected] Tested on: Linux Mint Vulnerable File: articles.php Exploit: http://host/articles.php?catid=SQLI PoC:...

Raritan PowerIQ Unauthenticated SQL Injection

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Raritan PowerIQ Unauthenticated SQL Injection", 'Description' = %q This module will exploit an unauthenticated SQL injection in order...

Microsoft MSN HBE - TB Blind SQL Injection Vulnerability

Document Title: =============== Microsoft MSN HBE - TB Blind SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1183 Video: http://www.vulnerability-lab.com/getcontent.php?id=1282 Vulnerability Magazine:...

InvGate Service Desk 4.2.36 SQL Injection Vulnerability

InvGate Service Desk version 4.2.36 suffers from multiple remote SQL injection vulnerabilities. InvGate Service Desk v4.2.36 multiple vulnerabilities http://www.invgate.com/en/service-desk/ http://www.invgate.com/en/service-desk/on-premise-trial/ Invgate Service Desk suffers from many SQL...