ita-forum 5.1.32 - SQL Injection

ita-forum 5.1.32 - SQL Injection / + Homepage : www.1923turk.biz / EXPLOIT : http://server/index.php?cat=-89+union+select+1,2,3,concatusername,0x3a,userpass,5,6,7,8,9,0,1,2,3,4,5+from+itafuser-- ----------------------------------------------- Manas58 Delibey Tiamo...

CVE-2009-4104

SQL injection vulnerability in Lyften Designs LyftenBloggie comlyftenbloggie component 1.0.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the author parameter to index.php...

Sql injection

SQL injection vulnerability in the JoomClip comjoomclip component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a thumbs action to index.php...

Sql injection

SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a browse action, a different vector than CVE-2008-5629...

Sql injection

SQL injection vulnerability in index.php in PHP Dir Submit aka WebsiteSubmitter or Submitter Script allows remote authenticated users to execute arbitrary SQL commands via the aid parameter in a showarticle action...

CVE-2009-3973

The CVE relates to a SQL injection in index.php of Turnkey Arcade Script. The vulnerability is triggered via the id parameter in actions (play or browse) and allows remote attackers to execute arbitrary SQL commands, reflecting a classic server-side injectable vector. The connected data confirms ...

CVE-2009-3973

SQL injection vulnerability in index.php in Turnkey Arcade Script allows remote attackers to execute arbitrary SQL commands via the id parameter in a browse action, a different vector than CVE-2008-5629...

CVE-2009-3970

The CVE-2009-3970 entry describes a SQL injection in index.php of PHP Dir Submit (also WebsiteSubmitter/Submitter Script). The vulnerability is triggered by the aid parameter in a showarticle action, allowing remote authenticated users to execute arbitrary SQL commands. Affected software is PHP D...

CVE-2009-3975

The CVE-2009-3975 entry concerns Moa Gallery (versions 1.1.0 and 1.2.0). The vulnerability is a SQL injection in index.php, exploitable via the gallery_view action’s gallery_id parameter, allowing remote attackers to execute arbitrary SQL commands. Severity in NVD is Medium (CVSS v2: AV:N/AC:M/Au...

Bitrix Site Manager Remote File Inclusion

Author : Don Tukulesto [email protected] + Date : November 13, 2009 + Homepage : http://www.indonesiancoder.com + Vendor : http://www.bitrixsoft.com/ + Method : Remote File Inclusion + Location : INDONESIA Notes : I know this is an old bugs, but i just write this exploit under perl module...

Shoutbox 1.0 HTML / Xss Injection

Exploit for unknown platform in category web applications ================================= Shoutbox 1.0 HTML / Xss Injection ================================= Vulnerable Code in index.php : : Shoutbox 1.0 HTML / Xss inejction exploit AuTh0r : SKuLL-HacKeR Vendor: http://www.plohni.com exploit:...

Shoutbox 1.0 - HTML Cross-Site Scripting Injection

Shoutbox 1.0 - HTML Cross-Site Scripting Injection Vulnerable Code in index.php : : Shoutbox 1.0 HTML / Xss inejction exploit AuTh0r : SKuLL-HacKeR H0ME : Sec-Best & SaudiHack & S3curity-Art Email : [email protected] Vendor: http://www.plohni.com exploit: site.com/Shoutbox/index.php in the select you...

Shoutbox 1.0 - HTML / Cross-Site Scripting Injection

Vulnerable Code in index.php : : Shoutbox 1.0 HTML / Xss inejction exploit AuTh0r : SKuLL-HacKeR H0ME : Sec-Best & SaudiHack & S3curity-Art Email : [email protected] Vendor: http://www.plohni.com exploit: site.com/Shoutbox/index.php in the select your name and your text put this code '"alert'XSS skh'...

kalimat new system 1.0 - index.php SQL Injection

kalimat new system 1.0 - index.php SQL Injection ===================================== | kalimat v 1.0 admin by pass index.php ===================================== Author: ProF.Code Email :[email protected] ===================================== dorkgoogle : intext:"Kalimat news system v 1.0" demo:...

kalimat new system v 1.0 (index.php) SQL Injection

No description provided by source. ===================================== | kalimat v 1.0 admin by pass index.php ===================================== Author: ProF.Code Email :[email protected] ===================================== dorkgoogle : intext:"Kalimat news system v 1.0" demo:...

kalimat new system 1.0 - 'index.php' SQL Injection

===================================== | kalimat v 1.0 admin by pass index.php ===================================== Author: ProF.Code Email :[email protected] ===================================== dorkgoogle : intext:"Kalimat news system v 1.0" demo:...

Bitrix Site Manager Multiple Remote File Include Vulnerability

No description provided by source. + Author : Don Tukulesto [email protected] + Date : November 13, 2009 + Homepage : http://www.indonesiancoder.com + Vendor : http://www.bitrixsoft.com/ + Method : Remote File Inclusion + Location : INDONESIA Notes : I know this is an old bugs, but i just...

Oscailt CMS 3.3 Local File Inclusion

Exploit for unknown platform in category web applications ==================================== Oscailt CMS 3.3 Local File Inclusion ==================================== 0 Oscailt 3.3 CMS 0 Download: http://sourceforge.net/projects/oscailt/ 0 Bug: Local File Inclusion in index.php file ! 0 Poc:...

Oscailt CMS 3.3 Local File Inclusion

No description provided by source. 0 Oscailt 3.3 CMS 0 Download: http://sourceforge.net/projects/oscailt/ 0 Bug: Local File Inclusion in index.php file ! 0 Author: [email protected] 0 Team: Fatal Error 0 Poc: http://www.site.com/index.php?objid=/../../../../../../../../../../proc/self/environ%00 0...

Sql injection

SQL injection vulnerability in index.php in OpenDocMan 1.2.5 allows remote attackers to execute arbitrary SQL commands via the frmpass aka Password parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...