CVE-2010-4808

The provided documents confirm a SQL injection vulnerability in Webmatic’s index.php exploitable via the p parameter, enabling remote execution of arbitrary SQL commands. Affected software/component: Webmatic (index.php). Root cause: improper handling of the p parameter leading to SQL injection. ...

CVE-2010-4809

CVE-2010-4809 concerns a SQL injection in DBSite 1.0, specifically in index.php where the ID parameter can be manipulated to execute arbitrary SQL commands. The vulnerability is evidenced across multiple sources (NVD, CVE lists) and indicates remote exploitation potential with no authentication r...

HUGE-inc Portal SQL Injection

+Title : HUGE Sql Injection vulnerability +Vender : http://www.hugeinc.com +Auther : Bl4ck.Viper Turkish Hacker +Email : [email protected] +Date : 05/07/2011 +Home : www.skote-vahshat.com +MyArchive : www.xpl.skote-vahshat.com Err0r 0n : index.php Exploit : http://target.com/index.php?ID=SQL...

Emanage1.5.2 (index.php) sql Injection Vulnerability

Exploit for php platform in category web applications Exploit Title:Emanage1.5.2index.phpsql Injection Vulnerability Date: 7/7/2011 Author: Angel Injection home Page: http://www.club-h.co.cc , http://dev-point.com , http://alqobor.com Email: Angel-Injectionathotmail.com Google Dork:...

Alphabit Online SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Open-Realty 3.1.5 Cross Site Scripting / SQL Injection

Vulnerability ID: HTB23023 Reference: http://www.htbridge.ch/advisory/multiplevulnerabilitiesinopenrealty.html Product: Open-Realty Vendor: Transparent Technologies, Inc. http://www.open-realty.org/ Vulnerable Version: 3.1.5 and probably prior Tested on: 3.1.5 Vendor Notification: 07 June 2011...

Lombego Systems CMS SQL Injection

Title : Lombego Systems CMS Blind SQLI Author: Codeine Vendor: Lombego Systems http://www.lombego.de/ Email : f3codeineatyahoodotcom Date : 06/25/2011 Dork : intext:"Powered by Lombego Systems" inurl:index.php?pageid= Cat : PHP SQli Injecton Point: http://www.site.com/frontend/index.php?pageid='...

Joomla Component 'com_jresearch' Local File Inclusion Vulnerability

This host is running Joomla and is prone to local file inclusion vulnerability. OpenVAS Vulnerability Test $Id: secpodjoomlacomjresearchlfivuln.nasl 7577 2017-10-26 10:41:56Z cfischer $ Joomla Component 'comjresearch' Local File Inclusion Vulnerability Authors: Madhuri D Copyright: Copyright c 20...

If-CMS 2.07 Local File Inclusion

$Id: if-cms.rb 2011-03-15 20:28:10 tecr0c $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ -- coding:...

German AD-Free Blog SQL Injection

+Title : German AD-Free Blog Sql Injection +Vender : http://www.adfreeblog.org/ +Auther : Bl4ck.Viper Turkish Hacker +Email : [email protected] +Date : 15/06/2011 +Home : www.skote-vahshat.com Err0r 0n : index.php Exploit : http://target.eu/index.php?cat=SQL Demo :...

cubecart 2.0.7 - Multiple Vulnerabilities

cubecart 2.0.7 - Multiple Vulnerabilities Exploit Title: CubeCart 2.0.7 XSS && Remote SQL Injection = Multiple Vulnerabilities Date: June, 14th 2011 GMT +7 Author: Shamus Software Link: http://www.cubecart.com/ Version : CubeCart 2.0.7 Tested on: windows 7, ubuntu 11.04 CVE : -...

Pacer Edition CMS 2.1 Remote XSS POST Injection Vulnerability

Summary The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pacer Edition CMS was based from Website baker core and has been completely redesigned with a whole new look and feel along with many new advanced features to allow you to build sit...

Radiant Infotech Nepal 2.x.x Multiple Vulnerability

Exploit for php platform in category web applications +Title :.......Radiant Infotech Nepal 2.x.x Multiple Vulnerability +Author :......Net.Edit0r +Tested on :...Linux/PHP --------------------------------------------------------------------------- Founded by Net.Edit0r Team: Black Hat Group BHG...

Rocketmedia Blind SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Joomla! Component com_jmsfileseller - Local File Inclusion

Joomla! Component comjmsfileseller - Local File Inclusion Exploit Title: Joomla Component comjmsfileseller Local File Inclusion Vulnerability Date: 28.05.2011 Author: Valentin Category: webapps/0day Version: 1.0 Tested on: CVE : Code : :::::::::::::::::::::::::::::::::::::: 0x1...

Joomla Component com_aist SQL Injection Vulnerability

This host is running Joomla! and is prone to SQL injection vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlacomaistsqlinjvuln.nasl 7019 2017-08-29 11:51:27Z teissa $ Joomla Component 'comaist' SQL Injection Vulnerability Authors: Madhuri D Copyright: Copyright c 2011 Greenbone Networks GmbH...

Media In Spot CMS Local File Inclusion Vulnerability

Exploit for php platform in category web applications Name : Media In Spot LFI Vulnerability Date : May,16 2011 Vendor Url :http:http://www.mediainspot.com/ Dork:" "Powred By Media In Spot"" Author : wlhaan haker Exploit:...

CVE-2010-4794

Multiple cross-site scripting XSS vulnerabilities in the JoomlaSeller JS Calendar comjscalendar component 1.5.1 and 1.5.4 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the 1 month and 2 year parameters in a jscalendar action to index.php. NOTE: some of these detail...

CVE-2010-4794

Multiple cross-site scripting XSS vulnerabilities in the JoomlaSeller JS Calendar comjscalendar component 1.5.1 and 1.5.4 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the 1 month and 2 year parameters in a jscalendar action to index.php. NOTE: some of these detail...

Syctel Design Local File Inclusion

=========================================================================== Syctel Design Local File Inclusion Vulnerability =========================================================================== Name: Syctel Design Local File Inclusion Vulnerability Vendor: www.Syctel.Com Date: 2011-04-21...