422 matches found
CVE-2009-4624
CVE-2009-4624 affects Nicecoder iDesk via a SQL injection in download.php that is exploitable through the cat_id parameter. The vulnerability is in the application layer where user-supplied cat_id can cause arbitrary SQL execution, with impact described as arbitrary SQL commands being run by an a...
phpbb 1.2.4RC3 download.php 远程文件包含漏洞
No description provided by source...
iDesk (download.php cat_id) SQL Injection Vulnerability
No description provided by source. SQL Injection Vulnerability download.php catid iDesk AuTh0r : Manas58 H0ME : www.1923turk.biz Exploit download.php?catid=3+UNION+SELECT+0,0,0,0,concatws0x3a,username,password,lastlogin,0,0,0,0+from+ideskuser-- http://www.site.com/download.php?catid=sql DEMO...
iDesk download.php cat_id SQL Injection Vulnerability
iDesk download.php catid SQL Injection Vulnerability. CVE-2009-4624. Webapps exploit for php platform SQL Injection Vulnerability download.php catid iDesk AuTh0r : Manas58 H0ME : www.1923turk.biz Exploit...
iDesk (download.php cat_id) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ======================================================= iDesk download.php catid SQL Injection Vulnerability ======================================================= SQL Injection Vulnerability download.php catid iDesk Exploit...
ISPworker Download.PHP Multiple Directory Traversal Vulnerabilities
ISPworker is prone to multiple directory-traversal vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to obtain sensitive information that could aid in further attacks. These issues affect ISPworker 1.21 and 1.23; other...
ISPworker <= 1.23 Remote File Disclosure exploit
No description provided by source. Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg ISPworker = 1.23 Remote File Disclosure exploit Download Script : http://www.ispware.de/files/ispworker-1.23.tar.gz Dork : die"lamers attempt"; :P Vuln : ./ispworker-1.23/files/ispworker/module/ticket/download.php...
phpCMS 2008 - 'download.php' Information Disclosure
source: https://www.securityfocus.com/bid/42514/info PHPCMS2008 is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attacker can exploit this issue to download local files in the context of the webserver process. This may allow the...
iDesk SQL Injection
Viva IslaM Viva IslaM Remote SQL Injection Vulnerability download.php catid iDesk http://www.nicecoder.com AuTh0r : Mr.SQL H0ME : WwW.55a.NeT Email : [email protected] -: ExploiteS :- www.TraGeT.CoM/download.php?catid=-1+UNION+SELECT+0,0,0,@@VERSION,0,0,0,0,0-- -:: !Gr3E3E3E3E3E3E3TzZ! ::- ::...
iDesk (download.php cat_id) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================== iDesk download.php catid Remote SQL Injection Vulnerability ============================================================== Remote SQL Injection Vulnerability download.php catid...
iDesk - 'download.php?cat_id' SQL Injection
Viva IslaM Viva IslaM Remote SQL Injection Vulnerability download.php catid iDesk http://www.nicecoder.com AuTh0r : Mr.SQL H0ME : WwW.55a.NeT Email : [email protected] -: ExploiteS :- www.TraGeT.CoM/download.php?catid=-1+UNION+SELECT+0,0,0,@@VERSION,0,0,0,0,0-- -:: !Gr3E3E3E3E3E3E3TzZ! ::- ::...
CVE-2009-3040
Multiple SQL injection vulnerabilities in Open Computer and Software OCS Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands via the 1 N, 2 DL, 3 O and 4 V parameters to download.php and the 5 SYSTEMID parameter to groupshow.php...
UBUNTU-CVE-2009-3040
Multiple SQL injection vulnerabilities in Open Computer and Software OCS Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands via the 1 N, 2 DL, 3 O and 4 V parameters to download.php and the 5 SYSTEMID parameter to groupshow.php...
Sql injection
Multiple SQL injection vulnerabilities in Open Computer and Software OCS Inventory NG 1.02 for Unix allow remote attackers to execute arbitrary SQL commands via the 1 N, 2 DL, 3 O and 4 V parameters to download.php and the 5 SYSTEMID parameter to groupshow.php...
CVE-2008-6960
download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 through 1.6 allows remote attackers to read arbitrary files via an encoded url parameter, as demonstrated by obtaining database credentials from includes/constants.php...
QuickDev 4 - download.php File Disclosure
QuickDev 4 - download.php File Disclosure + QuickDev 4 Php download.php file Arbitrary File Download + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/quickdev4php/files/ + Arbitrary File Download - Vulnerable code in download.php...
QuickDev 4 - 'download.php' File Disclosure
QuickDev 4 Php download.php file Arbitrary File Download + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Download : http://sourceforge.net/projects/quickdev4php/files/ + Arbitrary File Download - Vulnerable code in download.php...
Vopak Local File Inclusion
============================================================== ===================¦¦¦¦TeamQuarantine¦¦¦¦=================== =====================¦¦¦¦ 7-15-2009 ¦¦¦¦==================== ============¦¦¦¦[email protected]¦¦¦¦============= ===============¦¦¦¦ Author: St00pidMnky...
Admin News Tools 2.5 (fichier) Remote File Disclosure Vulnerability
Exploit for unknown platform in category web applications =================================================================== Admin News Tools 2.5 fichier Remote File Disclosure Vulnerability ===================================================================...
Php AdminPanel Free version 1.0.5 Remote File Disclosure Vuln
No description provided by source. Php AdminPanel Free version 1.0.5 Remote File Disclosure AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://ircrash.com My Official WebSite : http://r3dw0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina...