266 matches found
MOTIONBORG Web Real Estate <= 2.1 SQL Injection Vulnerability
No description provided by source. Title : MOTIONBORG Web Real Estate = v2.1 Remote SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.motionborg.com $$ : Unlimited Agents- $1,475.00 ajann SQL Injector Beta= Script Tables & Columns -dtproperties- id objectid property value...
easy notes manager sql injection and authentication bypass
easy notes manager eNM version 0.0.1, available at http://217.172.179.216/evandor/html/index.php?id=103 is affected by multiple sql injection vulnerability due to a missing check of the user supplied input. An attacker can bypass the authentication procedure and get a full dump of the database...
webSPELL 4.01.01 - 'getsquad' SQL Injection
WebSPELL = 4.01.01 getsquad Remote SQL Injection Exploit by: Kiba EXPLOIT: http://PAGE/PATH/index.php?site=squads&getsquad=Where+1=0+Union+Select+1,1,username,1,password,1+from+PREFIXuser/ REPLACE: if the website is http://yourwebsite.de/webspell/index.php PAGE with "yourwebsite.de" PATH with...
Invision Power Board 2.1 < 2.1.6 - SQL Injection (1)
!/usr/bin/perl Invision Power Board v2.1 "r57ipb216gui" ; $mw-geometry '420x550' ; $mw-resizable0,0; $mw-Label-text = '!', -font = 'Webdings 22'-pack; $mw-Label-text = 'Invision Power Board 2.1. 'Verdana 7 bold',-foreground='red'-pack; $mw-Label-text = ''-pack; $fleft=$mw-Frame-pack -side = 'left...
Oracle views fail to enforce table security settings
Overview A vulnerability in the way Oracle handles views may allow an attacker to modify privileged database information. Description Database Views A view is a queryable aggregation of data from one or more tables that is stored and maintained. The Problem A vulnerability in the way that Oracle...
CVE-2004-1828
Vcard 2.9 and possibly other versions does not require authorization to run uninstall.php, which could allow remote attackers to uninstall Vcard and delete database tables via a direct request to uninstall.php...