gss31-sql.txt

GameSiteScript Profile$id SQL-Injection Exploit Vulnerability Discovered By: Xenduer77 ---July 7th, 2007 $id Is passed straight to the query without being filtered. SQL-INJECTION: For Version 3.1: -------...

FlashGameScript <= 1.7 (user) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ FlashGameScript = 1.7 user Remote SQL Injection Vulnerability ================================================================ FlashGameScript = 1.7 member.php$user...

PT-2006-7480 · Unknown · Phpirc Bot

Name of the Vulnerable Software and Affected Versions: PHPIrc bot version 0.2 Description: A remote file inclusion issue in the php4you.php file allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. Recommendations: For PHPIrc bot version 0.2, consider validating a...

CVE-2006-6190

SQL injection vulnerability in anna.pl in Anna^ IRC Bot before 0.30 aka caprice allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: it is possible that there are multiple issues...

CVE-2006-6190

SQL injection vulnerability in anna.pl in Anna^ IRC Bot before 0.30 aka caprice allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: it is possible that there are multiple issues...

CVE-2006-6190

CVE-2006-6190 : SQL injection in the Anna^ IRC Bot (Anna) script anna.pl, affected before version 0.30. Remote attackers can cause arbitrary SQL execution via unspecified vectors. No further exploit details are provided in the available documents; remediation guidance (e.g., patch to 0.30+) would...

Anna IRC Bot Anna.PL SQL注入漏洞

Anna IRC Bot是一款IRC的机器人程序。 Anna IRC Bot不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行sql注入攻击，获得敏感信息。 问题是由于'Anna.PL'脚本对用户提交的多个参数缺少过滤，提交恶意sql查询作为参数数据，可更改原来的sql逻辑，获得敏感信息。 Anna^ IRC Bot Anna^ IRC Bot 0.20 Anna^ IRC Bot Anna^ IRC Bot 0.10 升级到Anna IRC Bot 0.30版本：...

EnergyMech IRC bot DoS

Crash on empty CTCP NOTICE message...

Targeted attack: experience from the trenches

Targeted attack: experience from the trenches Published: 2006-05-19, Last Updated: 2006-05-19 17:36:01 UTC by Chris Carboni Version: 2click to highlight changes Learning lessons from incidents is a very important part of incident handling. Yet with targeted attacks it is very hard as you need to...

CVE-2006-2399

Stack-based buffer overflow in the ServerNetworking::incomingclientdata function in servnet.cpp in Outgun 1.0.3 bot 2 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a datafilerequest command with a long 1 type or 2 name...

CVE-2006-2400

The leetnet functions leetnet/rudp.cpp in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service game interruption via large packets, which cause an exception to be thrown...

IRC bot detection

This host seems to be running an ident server, but before any request is sent, the server gives an answer about a connection to port 6667. SPDX-FileCopyrightText: 2005 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

IRC bot ident server detection

This host seems to be running an ident server, but the ident server responds to an empty query with a random userid. This behavior may be indicative of an irc bot, worm, and/or virus infection. It is very likely this system has been compromised. OpenVAS Vulnerability Test $Id: identbackdoor.nasl...

IRC bot ident server detection

This host seems to be running an ident server, but the ident server responds to an empty query with a random userid. This behavior may be indicative of an irc bot, worm, and/or virus infection. It is very likely this system has been compromised. SPDX-FileCopyrightText: 2005 Brian Smith-Sweeney So...

MediaWiki < 1.3.17 / 1.4.11 / 1.5.0 Multiple Vulnerabilities

According to its version number, the version of MediaWiki running on the remote host is affected by multiple vulnerabilities : - A denial of service vulnerability exists due to an unspecified flaw in 'edit submission handling' that causes the corruption of the previous submission. A remote attack...

IRC Bot Detection

This host seems to be running an ident server, but before any request is sent, the server gives an answer about a connection to port 6667. It is very likely this system has been compromised by an IRC bot and is now a 'zombie' that can participate in 'distributed denial of service' DDoS attacks...

phpBB 2.0.10 - ssh.D.Worm Bot Install Altavista

phpBB 2.0.10 - ssh.D.Worm Bot Install Altavista !/usr/bin/perl ------------------------------------------------------------------------ Severino Honorato - /server irc.priv8crew.info Priv8crew - ssh.D.Worm use IO::Socket; use LWP::Simple; my $processo = "/usr/local/apache/bin/httpd -DSSL";...

phpBB <= 2.0.10 Bot Install (Altavista) (ssh.D.Worm)

Exploit for unknown platform in category web applications ==================================================== phpBB / $ae= s//$1/; $uber=$1; $uber = s/ //g; $uber = s///g; $uber = s///g; $uber = s/wb...

Sanity.b - phpBB <= 2.0.10 Bot Install (AOL/Yahoo Search)

Exploit for unknown platform in category web applications ========================================================= Sanity.b - phpBB newPeerAddr="$site",PeerPort="80",Proto="tcp" or next; print $sock "GET /aolcom/search?q=$procura&Stage=0&page=$n HTTP/1.0\n\n"; @resu = ; close$sock; $ae = "@resu"...

CVE-2004-0274

Share.mod in Eggheads Eggdrop IRC bot 1.6.10 through 1.6.15 can mistakenly assign STATOFFERED status to a bot that is not a sharebot, which allows remote attackers to use STATOFFERED to promote a bot to a sharebot and conduct unauthorized activities...