Lucene search
K

738 matches found

securityvulns
securityvulns
•added 2005/05/20 12:0 a.m.•63 views

[EXPL] Invision Power Board SQL Injection Vulnerability (member_id, Exploit)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

0.1AI score
Exploits0
Exploit DB
Exploit DB
•added 2005/04/26 12:0 a.m.•89 views

MetaCart E-Shop V-8 - 'IntProdID' SQL Injection

source: https://www.securityfocus.com/bid/13376/info An SQL injection vulnerability affects MetaCart e-Shop V-8. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An attacker may exploit this issue to manipulate SQL...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
•added 2005/04/08 12:0 a.m.•42 views

PunBB profile.php id Parameter SQL Injection

According to its banner, the version of PunBB installed on the remote host fails to properly sanitize user input to the script 'profile.php' through the 'changeemail' parameter prior to using it in a SQL query. Once authenticated, an attacker can exploit this flaw to manipulate database queries,...

6.5CVSS5.8AI score0.02068EPSS
Exploits1References2
Exploit DB
Exploit DB
•added 2005/01/25 12:0 a.m.•20 views

MercuryBoard 1.1 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/12359/info Multiple input validation vulnerabilities affect MercuryBoard. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it in critical functionality. An attacker may leverage these issues to...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2004/09/27 12:0 a.m.•20 views

FreezingCold Broadboard - 'search.asp' SQL Injection

source: https://www.securityfocus.com/bid/11250/info Reportedly BroadBoard Message Board is affected by multiple SQL injection vulnerabilities. These issues are due to a failure of the application to properly sanitize user supplied URI input prior to using it in an SQL query. An attacker may...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2004/07/29 12:0 a.m.•44 views

Jaws 0.2/0.3/0.4 - 'ControlPanel.php' SQL Injection

source: https://www.securityfocus.com/bid/10826/info JAWS is reportedly affected by a remote SQL injection vulnerability. This issue occurs in the controlpanel.php script due to a failure of the application to properly sanitize user-supplied URI parameter input before using it in an SQL query...

7.4AI score
Exploits0
exploitpack
exploitpack
•added 2004/01/12 12:0 a.m.•9 views

PHPGedView 2.52.6 - Timeline.php SQL Injection

PHPGedView 2.52.6 - Timeline.php SQL Injection source: https://www.securityfocus.com/bid/11925/info It is reported that PhpGedView is susceptible to a remote SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to including ...

0.6AI score
Exploits0
Exploit DB
Exploit DB
•added 2003/11/08 12:0 a.m.•30 views

phpBB 2.0.x - 'profile.php' SQL Injection

source: https://www.securityfocus.com/bid/8994/info A SQL injection vulnerability has been reported for phpBB systems. phpBB, in some cases, does not sufficiently sanitize user-supplied input, which is used when constructing SQL queries to execute on the underlying database. As a result, it is...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2003/05/28 12:0 a.m.•32 views

pnews.txt

Admin Access Vulnerability in P-News 1.6 Url: http://www.ppopn.net It is possible to gain admin access if you possess a 'Member' account due to a flaw in the 'p-news.php' file. You can inject an entire arbitrary account, including all the fields, into the 'Name' field, which will push all the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2003/03/25 12:0 a.m.•26 views

PHP-Nuke 6.0/6.5 Forum Module - 'viewtopic.php' SQL Injection

source: https://www.securityfocus.com/bid/7193/info It has been reported that an input validation error exists in the 'viewtopic.php' script included with PHPNuke as part of the Forum module. Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2003/03/23 12:0 a.m.•29 views

PHP-Nuke 5.6/6.x News Module - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/7173/info It has been reported that an input validation error exists in the index.php file included with PHPNuke as part of the News module. Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker to...

7AI score
Exploits0
exploitpack
exploitpack
•added 2003/03/23 12:0 a.m.•15 views

PHP-Nuke 5.66.x News Module - index.php SQL Injection

PHP-Nuke 5.66.x News Module - index.php SQL Injection source: https://www.securityfocus.com/bid/7173/info It has been reported that an input validation error exists in the index.php file included with PHPNuke as part of the News module. Because of this, an attacker could send a malicious string...

0.2AI score
Exploits0
exploitpack
exploitpack
•added 2003/03/22 12:0 a.m.•11 views

PHP-Nuke 5.66.x - banners.php Banner Manager Password Disclosure

PHP-Nuke 5.66.x - banners.php Banner Manager Password Disclosure source: https://www.securityfocus.com/bid/7170/info It has been reported that an input validation error exists in the banners.php file included with PHPNuke. Because of this, an attacker could send a malicious string through PHPNuke...

7.4AI score
Exploits0
Exploit DB
Exploit DB
•added 2003/03/22 12:0 a.m.•22 views

PHP-Nuke 5.6/6.x - 'banners.php' Banner Manager Password Disclosure

source: https://www.securityfocus.com/bid/7170/info It has been reported that an input validation error exists in the banners.php file included with PHPNuke. Because of this, an attacker could send a malicious string through PHPNuke that would allow the attacker to manipulate the database, and...

7.4AI score
Exploits0
securityvulns
securityvulns
•added 2002/08/15 12:0 a.m.•30 views

Multiple Vulnerabilities in CafeLog Weblog Package

Security Advisory: Multiple Vulnerabilities in CafeLog Weblog Package Additional Details: http://www.murphy.101main.net/vulns/2002-26.txt Issue: Multiple vulnerabilities -- the most serious could allow malicious users to execute commands against a web server running the vulnerable package. Risk:...

1.3AI score
Exploits0
securityvulns
securityvulns
•added 2002/04/12 12:0 a.m.•34 views

IBM Informix Web DataBlade: SQL injection

IBM Informix Web DataBlade: SQL injection By Simon Lodal, Denmark Vendor status: Notified months ago, said they would be working on updates, never heard anything. Software: Web DataBlade 4.12, IDS 9.20/9.21, Linux 2.2/2.4, SunOS 5.7 OS, IDS and WDB versions seem to be irrelevant. Impact: SQL code...

7.8AI score
Exploits0
securityvulns
securityvulns
•added 2001/12/25 12:0 a.m.•29 views

GOBBLES CGI MARATHON #001

PRODUCT AdRotate Pro http://www.vanbrunt.com/adrotate/ This is used by a lot of sites out there in the wild. DESCRIPTION AdRotate is ad rotating software written in Perl language, which uses DBI with mysql driver to access database. Included with software is module adrotate.pm which contains...

1AI score
Exploits0
securityvulns
securityvulns
•added 2000/09/05 12:0 a.m.•44 views

UNIX locale format string vulnerability

CORE SDI http://www.core-sdi.com UNIX locale format string vulnerability Date Published: September 4th, 2000 early release Advisory ID: CORE-090400 Bugtraq ID: 1634 CVE CAN: None currently assigned. Title: UNIX locale format string vulnerability Class: Input Validation Error Remotely Exploitable:...

0.1AI score
Exploits0
Rows per page
Query Builder