432 matches found
Moodle < 1.9.6 / 1.8.10 Multiple Vulnerabilities
The version of Moodle installed on the remote host is prior to 1.9.6 / 1.8.10. It is, therefore, affected by multiple vulnerabilities : - Email addresses are not escaped properly in email change confirmation codes. MDL-20295 - When upgrading from a version older than 1.9.0, certain tags are not...
Wind news site management system API_Response. asp page there is unauthorized vulnerability-vulnerability warning-the black bar safety net
FoosunCMS is a powerful feature of based on ASP+ACCESS/MSSQL architecture of content management software. In the file\API\ APIResponse. asp: If Request. QueryString"" Then //paragraph 1 Line 6 SaveUserCookie Else Set XmlDoc = Server. CreateObject"msxml2. FreeThreadedDOMDocument" & amp; MsxmlVersi...
DMXReady Online Notebook Manager SQL Injection
Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: Online Notebook Manager SQLi Vulnerability Version:1.0 Price:$149.97 Vendor url:http://dmxready.com/?product=online-notebook-manager Published: 2010-06-09 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue®, S1ayer,d3c0d3r and to al...
Online Notebook Manager - SQL Injection
Online Notebook Manager - SQL Injection Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: Online Notebook Manager SQLi Vulnerability Version:1.0 Price:$149.97 Vendor url:http://dmxready.com/?product=online-notebook-manager Published: 2010-06-09 Greetz to:Sid3^effects, MaYur, M4n0...
Online Notebook Manager SQL Injection Vulnerability
Exploit for php platform in category web applications =================================================== Online Notebook Manager SQL Injection Vulnerability =================================================== Author: L0rd CrusAd3r aka VSN email protected Exploit Title: Online Notebook Manager SQ...
MSSQL Database Client Detection
Binary data 5552.prm...
AutoDealer 1.02.0 - MSSQL Injection
AutoDealer 1.02.0 - MSSQL Injection vendor :http://www.aspsiteware.com/Auto.asp Date: 30 apr,2010 Dork:Copyright © 2010 ASP SiteWare. All rights reserved. -------------------------------------------------------------------------------------- Sid3^effects aKa HaRi Greetz to all Andhra Hackers and...
AutoDealer 1.0/2.0 - MSSQL Injection
vendor :http://www.aspsiteware.com/Auto.asp Date: 30 apr,2010 Dork:Copyright © 2010 ASP SiteWare. All rights reserved. -------------------------------------------------------------------------------------- Sid3^effects aKa HaRi Greetz to all Andhra Hackers and ICW MemebersIndian Cyber Warriors...
Thousand Bo enterprise website management system Oday-vulnerability warning-the black bar safety net
Program have joined the anti-injection code, in NoSql. asp file 7kccopyd-code % If EnableStopInjection = True Then Dim FyPost, FyGet, FyIn, FyInf, FyXh, Fydb, Fydbstr FyIn = "’|;|and|exec|insert|select|delete|update|count||%|chr|mid|master|truncate|char|declare" FyInf = SplitFyIn, "|" If Request...
ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection
ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection Advisory Name: SQL injection in Manage Engine Service Desk Plus 7.6 Vulnerability Class: SQL injection Release Date: 03-18-2010 Affected Applications: Confirmed in version 7.6. Other versions may also be affected. Affected Platforms: Multiple...
Manage Engine Service Desk Plus 7.6 woID SQL Injection Vulnerability
Exploit for jsp platform in category web applications ==================================================================== Manage Engine Service Desk Plus 7.6 woID SQL Injection Vulnerability ==================================================================== Advisory Name: SQL injection in Mana...
ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection
Advisory Name: SQL injection in Manage Engine Service Desk Plus 7.6 Vulnerability Class: SQL injection Release Date: 03-18-2010 Affected Applications: Confirmed in version 7.6. Other versions may also be affected. Affected Platforms: Multiple Local / Remote: Remote Severity: High – CVSS: 9...
mssql hash password cracking method-vulnerability warning-the black bar safety net
mssql hash stored in the table master. dbo. sysxlogins, with select name,password from master. dbo. sysxlogins can extract the user hash. 0x01004E04BE46023057E323AF27269E5b7ddca140c98d225bdd3d06e8efe8cfaec02985b27b38059fa3b18349612b Decomposition: Constant part: 0×0 1 0 0 Salt part: 4E04BE46 Mixi...
MS09-004 Microsoft SQL Server sp_replwritetovarbin Memory Corruption
A heap-based buffer overflow can occur when calling the undocumented "spreplwritetovarbin" extended stored procedure. This vulnerability affects all versions of Microsoft SQL Server 2000 and 2005, Windows Internal Database, and Microsoft Desktop Engine MSDE without the updates supplied in MS09-00...
CreateLive CMS 3.1 injection vulnerability-vulnerability warning-the black bar safety net
Inadvertently see the Black hands 1 2 The month of the books, saw the CreateLive CMS 4.2 injection vulnerability, the author is Chaoyang it. Just have a CreateLive CMS system, but version is 3. 1, I think it should be also the presence of this hole! The website is open for registration. Start now...
Microsoft SQL Server Hello Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Microsoft SQ...
TDS Protocol Login Request Username Fuzzer
This module sends a series of malformed TDS login requests. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TDS Protocol Login Request Username Fuzzer', 'Description' = %q This module sends a...
TDS Protocol Login Request Corruption Fuzzer
This module sends a series of malformed TDS login requests. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TDS Protocol Login Request Corruption Fuzzer', 'Description' = %q This module sends a...
PsTools in the penetration of little application-vulnerability warning-the black bar safety net
Author:zero soulzerosoul Blog: Recent bad luck, take down a network, Server area all not even outside, no rally socks out, cause penetration of the network within other segments of the time very hard. One of the MSSQL and Web are separated, the server although the take down, but sometimes up to...
BPHolidayLettings 1.0 Blind SQL Injection
No description provided by source. x========================================================================================================================================x | AntiSecuritydotorg |...