Lucene search
K

1114 matches found

exploitpack
exploitpack
added 2007/04/12 12:0 a.m.36 views

MyBulletinBoard (MyBB) 1.2.2 - CLIENT-IP SQL Injection

MyBulletinBoard MyBB 1.2.2 - CLIENT-IP SQL Injection !/usr/bin/perl LOGO Mybb = 4.1 wwork: blind sql-inj ggoogle: Powered By MyBB coded by Elekt antichat.ru Coments Описание: Работа эксплойта основана на sql-инъекции в HTTPCLIENTIP...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2007/02/13 12:0 a.m.15 views

PHPCC 4.2 Beta - nickpage.php?npid SQL Injection

PHPCC 4.2 Beta - nickpage.php?npid SQL Injection !/usr/bin/perl Script Name: phpCC Beta : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User : "; $ID = ; chop $ID; if $ID = /exit/ print...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2006/10/31 12:0 a.m.41 views

Easy File Sharing Web Server protection bypass

By using alternative NTFS-streams it's possible to retrieve protected data, including accounts and passwords...

3.2AI score
Exploits0Affected Software1
seebug.org
seebug.org
added 2006/09/19 12:0 a.m.22 views

more.groupware <= 0.74 (new_calendarid) Remote SQL Injection Exploit

No description provided by source. ? errorreportingEERROR; function exploitinit if !extensionloaded'phpcurl' && !extensionloaded'curl' if !dl'curl.so' && !dl'phpcurl.dll' die "oo error - cannot load curl extension!"; function exploitheader echo...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/09/18 12:0 a.m.27 views

EShoppingPro 1.0 - 'Search_Run.asp' SQL Injection

source: https://www.securityfocus.com/bid/20089/info EShoppingPro is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. An attacker may be able to exploit this issue to modify the logic of SQL queries...

7.4AI score
Exploits0
0day.today
0day.today
added 2005/06/16 12:0 a.m.40 views

Ultimate PHP Board <= 1.9.6 GOLD users.dat Password Decryptor

Exploit for unknown platform in category web applications ============================================================= Ultimate PHP Board = 1.9.6 GOLD users.dat Password Decryptor ============================================================= !/usr/bin/perl Passwords Decrypter for UPB = 1.9.6...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2005/05/17 12:0 a.m.110 views

Woltlab Burning Board SQL Injection Vulnerability

GulfTech Security Research May 16th, 2005 Vendor : Woltlab GmbH URL : http://www.woltlab.de/ Version : Burning Board 2. And Earlier Risk : SQL Injection Vulnerabilities Description: Burning Board is a popular, multi purpose forum / community software offered by WoltLab GmbH. There is an SQL...

8.4AI score
Exploits0
Packet Storm
Packet Storm
added 2003/12/01 12:0 a.m.26 views

phpBB206.txt

phpBB v2.06 searchid sql injection exploit -Hat-Squad Security Team- Using this query you will get MD5 password hash for useruid as highlight variable for viewtopic.php in search results page.Works with mysql4. http://site.com/search.php?searchid=1%20union%20select%20concatchar...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/09/19 12:0 a.m.29 views

Several Mambo 4.0.14 Stable Exploits

Product : Mambo 4.0.14 Stable Website : http://www.mamboserver.com/ Status : Vendor notified via email Imapct : Search for "Mambo Open Source is Free Software released under the GNU/GPL License." with quotes returned more than 500 results. Credit : lifofifo, hackingzone.org Originally posted at :...

7.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/03/25 12:0 a.m.24 views

SimpleChat Information Disclosure

It is possible to retrieve list of users currently connected to the remote SimpleChat server by requesting the file 'data/usr'. An attacker may use this flaw to obtain the IP address of every user currently connected. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date: 20 Mar 2003...

5.5AI score
Exploits0References1
NVD
NVD
added 2001/07/02 4:0 a.m.16 views

CVE-2001-0327

iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server...

5CVSS6.7AI score0.0312EPSS
Exploits0References4
securityvulns
securityvulns
added 2001/04/20 12:0 a.m.31 views

@stake Security Advisory: iPlanet Web Server 4.x Response Header Overflow &#40;A041601-1&#41;

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Notification Advisory Name: iPlanet Web Server Enterprise Edition 4.0, 4.1 Response Header Overflow Release Date: 04/16/2001 Application: iPlanet Web Server Enterprise Edition 4.0, 4.1 Platform: Solaris...

5CVSS0.0312EPSS
Exploits0
securityvulns
securityvulns
added 2000/10/16 12:0 a.m.32 views

ALERT: Remote Retrieval Of Authentication Data From Internet Explorer

=====BEGIN-ACROS-REPORT===== ========================================================================= ACROS Security Problem Report 2000-07-22-2-PUB ------------------------------------------------------------------------- Remote Retrieval Of Authentication Data From Internet Explorer...

0.1AI score
Exploits0
CVE
CVE
added 2000/02/04 5:0 a.m.57 views

CVE-2000-0058

CVE-2000-0058 affects HotSync Manager (Handsᴘʀᴛ Visor ecosystem). The OpenVAS NASL entry describes a Denial of Service: sending garbage to TCP port 14238 can crash HotSync Manager. CVSS 2.0 base score 5.0 (Network, low complexity, no authentication). The NVD/CVE records cite an authentication iss...

5CVSS6.7AI score0.01409EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder