Lucene search
K

1116 matches found

myhack58
myhack58
added 2009/12/11 12:0 a.m.23 views

How to use the database to crack the md5-vulnerability warning-the black bar safety net

Why password the number of bits short of MD5 unsafe? A length of 4 pure lowercase letters to generate passwords in the database with the help of Can in 0. 005s is cracked. This time also includes a connection to the database the time, the running environment is in my 900MHZ personal PC. Note that...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2009/02/26 12:0 a.m.42 views

Apache Tomcat information leak

Under some conditions it's possible to retrieve data from previous POST request...

2.6CVSS2.5AI score0.03914EPSS
Exploits2References1Affected Software1
seebug.org
seebug.org
added 2009/02/10 12:0 a.m.42 views

BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV102$2009 ----------------------------------------------------------------------------------------- ECHOADV102$2009 BusinessSpace = 1.2 id Remote SQL Injection Vulnerability...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/11/20 12:0 a.m.21 views

PHP-Fusion 7.00.1 - messages.php SQL Injection

PHP-Fusion 7.00.1 - messages.php SQL Injection \n" . " php $argv0 localhost /php-fusion/ user s3cret "SELECT database"\n". " php $argv0 localhost / user s3cret "SELECT loadfile0x2F6574632F706173737764"\n\n"; die; echo "Logging into system..."; //login to php-fusion using login and pass...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/11/19 12:0 a.m.21 views

ethiclinks-sql.txt

----------------------------------------------------------------------------------------------------------------------------------------------------- Ethiclinks link.php?catid linkdirectory.php?catid directory-links.php?catid Remote SQL Injection Vulnerability http://www.ethiclinks.com/...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/09/28 12:0 a.m.32 views

Pro Chat Rooms 3.0.3 - SQL Injection

Author: !DoktOR! Date found: 28.09.08 Product: Pro Chat Rooms Version: 3.0.3 Price: $55 URL: www.prochatrooms.com Vulnerability Class: SQL Injection Condition: magicquotesgpc = Off Exploit 1:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/06/25 12:0 a.m.21 views

PHPmotion 2.0 - update_profile.php Arbitrary File Upload

PHPmotion 2.0 - updateprofile.php Arbitrary File Upload = $limitsize 269. // Display file size error 270. // /////////////////////// 271. $show = 1; 272. $messagetype = $config"notificationsuccess";//the messsage displayed at t...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/11 12:0 a.m.28 views

JAMM CMS - 'id' Blind SQL Injection

!/usr/bin/perl JAMM CMS id Blind SQL Injection Vulnerability Bug by: h0yt3r Dork: "powered by JAMM" http://www.site.de/cms/?id=blah Ok when we give $id an unexpected value like this we get an SQL Error. Unfortunately the script is so rude that it doesn't want to show us any data when we UNION...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/04/04 12:0 a.m.22 views

Comdev News Publisher 4.1.2 - SQL Injection

Comdev News Publisher 4.1.2 - SQL Injection --==+================================================================================+==-- --==+ Comdev News Publisher SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- Discovere...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2008/02/27 12:0 a.m.14 views

eazyPortal 1.0 - cookie SQL Injection

eazyPortal 1.0 - cookie SQL Injection !/usr/bin/perl Vendor url: http://www.eazyportal.com/ by Iron - http://www.randombase.com exploit goes through $COOKIE use LWP::UserAgent; use MIME::Base64; print " EazyPortal ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .=...

0.6AI score
Exploits0
0day.today
0day.today
added 2008/01/22 12:0 a.m.36 views

Invision Gallery <= 2.0.7 Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ====================================================== Invision Gallery "r57ig207" ; $mw-geometry '420x510' ; $mw-resizable0,0; $mw-Label-text = '!', -font = 'Webdings 22'-pack; $mw-Label-text = 'Invision Gallery 'Verdana 7...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2008/01/06 12:0 a.m.122 views

INVISION POWER BOARD 2.1.7 ACTIVE XSS/SQL INJECTION EXPLOIT

---- INVISION POWER BOARD 2.1.7 EXPLOIT ... ITDefence.ru Antichat.ru INVISION POWER BOARD 2.1.7 ACTIVE XSS/SQL INJECTION Eugene Minaev [email protected] / / . / /// // / / // / / / /// / / / / / // / / / / / / / / / / / / / / / / / // / / / / // / // / / / // 2007 //// // // // // / . -...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2007/07/03 12:0 a.m.79 views

[Full-disclosure] POWER PHLOGGER v.2.2.5 &#40;username&#41; SQL Injection

POWER PHLOGGER v.2.2.5 username SQL Injection Author: Attila Gerendi Darkz Date: June 25, 2007 Package: POWER PHLOGGER http://www.phpee.com/ Versions Affected: v.2.2.5 Other versions may also be affected Severity: SQL Injection Description: Input passed to the "username" parameter in "login.php"...

0.6AI score
Exploits0
seebug.org
seebug.org
added 2007/06/13 12:0 a.m.21 views

Fuzzylime Forum 1.0 (low.php topic) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w Fuzzylime Forum 1.0 SQL Injection Exploit Discovered by: Silentz Payload: Admin Username & Hash Retrieval Website: http://www.w4ck1ng.com Vulnerable Code low.php: $gettopicid = mysqlquery"SELECT FROM $tableprefixthreads WHERE...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/06/01 12:0 a.m.33 views

RevokeBB 1.0 RC4 - Blind SQL Injection / Hash Retrieve

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love ------------------------------------------------------------- "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.="...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/05/25 12:0 a.m.15 views

My Little Forum 1.7 - user.php?id SQL Injection

My Little Forum 1.7 - user.php?id SQL Injection !/usr/bin/perl -w My Little Forum = 1.7 SQL Injection Exploit Discovered by: Silentz Payload: Admin Username & Hash Retrieval Website: http://www.w4ck1ng.com Vulnerable Code user.php: if isset$GET'id' $id = $GET'id'; switch $action case "get...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2007/05/25 12:0 a.m.28 views

My Little Forum 1.7 - &#039;user.php?id&#039; SQL Injection

!/usr/bin/perl -w My Little Forum = 1.7 SQL Injection Exploit Discovered by: Silentz Payload: Admin Username & Hash Retrieval Website: http://www.w4ck1ng.com Vulnerable Code user.php: if isset$GET'id' $id = $GET'id'; switch $action case "get userdata": if empty$id $id = $userid; else $result =...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/05/11 12:0 a.m.16 views

SimpleNews &lt;= 1.0.0 FINAL (print.php news_id) SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w SimpleNews = 1.0.0 FINAL SQL Injection Exploit Discovered by: Silentz Payload: Admin Username & Hash Retrieval Website: http://www.w4ck1ng.com Vulnerable Code print.php: $newsid = $GET'newsid'; $query = "SELECT FROM simplenewsarticles WHERE...

7.1AI score
Exploits0
Prion
Prion
added 2007/04/30 11:19 p.m.25 views

Design/Logic Flaw

The jQuery framework exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and captures the data using other...

5CVSS9.1AI score0.02771EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2007/04/30 11:19 p.m.23 views

CVE-2007-2383

The Prototype prototypejs framework before 1.5.1 RC3 exchanges data using JavaScript Object Notation JSON without an associated protection scheme, which allows remote attackers to obtain the data via a web page that retrieves the data through a URL in the SRC attribute of a SCRIPT element and...

5CVSS6AI score0.02374EPSS
Exploits0References2
Rows per page
Query Builder