432 matches found
BPLawyerCaseDocuments - SQL Injection
BPLawyerCaseDocuments - SQL Injection x========================================================================================================================================x | AntiSecuritydotorg |...
BPHolidayLettings SQL Injection
x========================================================================================================================================x | AntiSecuritydotorg |...
BPHolidayLettings 1.0 - Blind SQL Injection
BPHolidayLettings 1.0 - Blind SQL Injection x========================================================================================================================================x | AntiSecuritydotorg |...
BPHolidayLettings 1.0 - Blind SQL Injection
x========================================================================================================================================x | AntiSecuritydotorg |...
BPLawyerCaseDocuments - SQL Injection
x========================================================================================================================================x | AntiSecuritydotorg |...
BPHolidayLettings 1.0 Blind SQL Injection
Exploit for unknown platform in category web applications ========================================= BPHolidayLettings 1.0 Blind SQL Injection =========================================...
BPLawyerCaseDocuments SQL Injection
No description provided by source. x========================================================================================================================================x | AntiSecuritydotorg |...
BPLawyerCaseDocuments SQL Injection
Exploit for unknown platform in category web applications =================================== BPLawyerCaseDocuments SQL Injection ====================================...
BPLawyerCaseDocument 1.0 SQL Injection
x========================================================================================================================================x | AntiSecuritydotorg |...
The tips provided right lianliankan-vulnerability warning-the black bar safety net
author:4lert Now on the network on the mention of the right methods varied, in fact, simply summarized, is the overflow, the third-party software bugs, social engineering, mention right. And today we want to discuss is the mention of the right to process some of the skills, master these skills ca...
Hack SA under the purview of the idea of adaptation-vulnerability warning-the black bar safety net
Last time already got this station of the SHELL, but the back door has long been K, today inadvertently and got the injection. D detection soon came out gratifying information, the SA permissions, go to the NB inside can list the directory but not the execution, telnet each other 1 4 3 3 can not ...
Modify the packet to get WebShell-vulnerability warning-the black bar safety net
Recorded about this time is how to capture-on change pack-of uploaded-of to get to the WEBSHELL. After careful analysis, this website from either the main station or sub-Station does not exist any injection vulnerability is, of course, this site needless to say use MSSQL Data, and also cannot fin...
Use a low-privileged Oracle database accounts give the OS access permissions-bug warning-the black bar safety net
Author:Mickey These days look at the article called"Penetration: from application down to OS Oracle"of the document,feel quite interesting,the document probably means that is,if the ORACLE service is using the administrator account to start,as long as you have a have resource and connect privileg...
Crack the MSSQL SA password-vulnerability warning-the black bar safety net
The code demonstrates the violence to crack the MSSQL account and password, including the administrator account sa password. Saw today online there is such an article“a SQL Server Sa password stored procedure”: a, the method is violence to crack the MSSQL account and password, including the...
Hack how to Access to access MSSQL Data-vulnerability warning-the black bar safety net
First of all note that, this method have long had, but with time probably in my head quiet for too long, it has been in the oblivion state. Thanks for the Trace information. Often encounter arbitrary File Download vulnerability, the General processing method is to put the database connection file...
SASPCMS 0.9 XSS / SQL Injection / Disclosure
www.BugReport.ir AmnPardaz Security Research Team Title: SASPCMS Multiple Vulnerabilities Vendor: http://www.lgasoft.com Vulnerable Version: 0.9 prior versions also may be affected Exploitation: Remote with browser Fix: N/A - Description: SASPCMS is an ASP Content Management System . SASPCMS witc...
saspcms 0.9 - Multiple Vulnerabilities
saspcms 0.9 - Multiple Vulnerabilities www.BugReport.ir AmnPardaz Security Research Team Title: SASPCMS Multiple Vulnerabilities Vendor: http://www.lgasoft.com Vulnerable Version: 0.9 prior versions also may be affected Exploitation: Remote with browser Fix: N/A - Description: SASPCMS is an ASP...
saspcms 0.9 - Multiple Vulnerabilities
www.BugReport.ir AmnPardaz Security Research Team Title: SASPCMS Multiple Vulnerabilities Vendor: http://www.lgasoft.com Vulnerable Version: 0.9 prior versions also may be affected Exploitation: Remote with browser Fix: N/A - Description: SASPCMS is an ASP Content Management System . SASPCMS witc...
Yxbbs3.0 20090225版 Usersetup.asp SQL注入
在Usersetup.asp中,有一个数字类型的变量,被当成文本检验过滤了,从而造成了一个SQL注入漏洞。 问题出在 Sex=yxbbs.Fun.GetStr"Sex" ,在YxCls.asp里定义了GetStr这个方法,里面其实对于通常注入来说,有效的只是过滤了单引号。而在下面没有再对Sex进行任何检验,就参与SQL语句执行了: YxBBs.execute"update YXUser set...
Microsoft SQL Server Command Execution
This module will execute a Windows command on a MSSQL/MSDE instance via the xpcmdshell default or the spoacreate procedure more opsec safe, no output, no temporary data table. A valid username and password is required to use this module. This module requires Metasploit:...