1114 matches found
MyBulletinBoard (MyBB) 1.2.2 - CLIENT-IP SQL Injection
MyBulletinBoard MyBB 1.2.2 - CLIENT-IP SQL Injection !/usr/bin/perl LOGO Mybb = 4.1 wwork: blind sql-inj ggoogle: Powered By MyBB coded by Elekt antichat.ru Coments ОпиÑание: Работа ÑкÑплойта оÑнована на sql-инъекции в HTTPCLIENTIP...
PHPCC 4.2 Beta - nickpage.php?npid SQL Injection
PHPCC 4.2 Beta - nickpage.php?npid SQL Injection !/usr/bin/perl Script Name: phpCC Beta : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User : "; $ID = ; chop $ID; if $ID = /exit/ print...
Easy File Sharing Web Server protection bypass
By using alternative NTFS-streams it's possible to retrieve protected data, including accounts and passwords...
more.groupware <= 0.74 (new_calendarid) Remote SQL Injection Exploit
No description provided by source. ? errorreportingEERROR; function exploitinit if !extensionloaded'phpcurl' && !extensionloaded'curl' if !dl'curl.so' && !dl'phpcurl.dll' die "oo error - cannot load curl extension!"; function exploitheader echo...
EShoppingPro 1.0 - 'Search_Run.asp' SQL Injection
source: https://www.securityfocus.com/bid/20089/info EShoppingPro is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. An attacker may be able to exploit this issue to modify the logic of SQL queries...
Ultimate PHP Board <= 1.9.6 GOLD users.dat Password Decryptor
Exploit for unknown platform in category web applications ============================================================= Ultimate PHP Board = 1.9.6 GOLD users.dat Password Decryptor ============================================================= !/usr/bin/perl Passwords Decrypter for UPB = 1.9.6...
Woltlab Burning Board SQL Injection Vulnerability
GulfTech Security Research May 16th, 2005 Vendor : Woltlab GmbH URL : http://www.woltlab.de/ Version : Burning Board 2. And Earlier Risk : SQL Injection Vulnerabilities Description: Burning Board is a popular, multi purpose forum / community software offered by WoltLab GmbH. There is an SQL...
phpBB206.txt
phpBB v2.06 searchid sql injection exploit -Hat-Squad Security Team- Using this query you will get MD5 password hash for useruid as highlight variable for viewtopic.php in search results page.Works with mysql4. http://site.com/search.php?searchid=1%20union%20select%20concatchar...
Several Mambo 4.0.14 Stable Exploits
Product : Mambo 4.0.14 Stable Website : http://www.mamboserver.com/ Status : Vendor notified via email Imapct : Search for "Mambo Open Source is Free Software released under the GNU/GPL License." with quotes returned more than 500 results. Credit : lifofifo, hackingzone.org Originally posted at :...
SimpleChat Information Disclosure
It is possible to retrieve list of users currently connected to the remote SimpleChat server by requesting the file 'data/usr'. An attacker may use this flaw to obtain the IP address of every user currently connected. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date: 20 Mar 2003...
CVE-2001-0327
iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server...
@stake Security Advisory: iPlanet Web Server 4.x Response Header Overflow (A041601-1)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Notification Advisory Name: iPlanet Web Server Enterprise Edition 4.0, 4.1 Response Header Overflow Release Date: 04/16/2001 Application: iPlanet Web Server Enterprise Edition 4.0, 4.1 Platform: Solaris...
ALERT: Remote Retrieval Of Authentication Data From Internet Explorer
=====BEGIN-ACROS-REPORT===== ========================================================================= ACROS Security Problem Report 2000-07-22-2-PUB ------------------------------------------------------------------------- Remote Retrieval Of Authentication Data From Internet Explorer...
CVE-2000-0058
CVE-2000-0058 affects HotSync Manager (Handsᴘʀᴛ Visor ecosystem). The OpenVAS NASL entry describes a Denial of Service: sending garbage to TCP port 14238 can crash HotSync Manager. CVSS 2.0 base score 5.0 (Network, low complexity, no authentication). The NVD/CVE records cite an authentication iss...