pSys 0.7.0 Alpha - chatbox.php SQL Injection

pSys 0.7.0 Alpha - chatbox.php SQL Injection '/ -.- ---------------------oOO------OOo-------------------- | pSys v0.7.0 Alpha chatbox.php Remote SQL Injection | | works only with magic quotes = off | | coded by DNX | -------------------------------------------------------- ! Discovered.: DNX !...

pSys v0.7.0 Alpha (chatbox.php) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== pSys v0.7.0 Alpha chatbox.php Remote SQL Injection Vulnerability ================================================================== '/ -.-...

myphpcms-sql.txt

=============================================================== MyPHP CMS page.php pid Remote SQL Injection Vulnerability =============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

MyPHP CMS 0.3.1 - pid SQL Injection

MyPHP CMS 0.3.1 - pid SQL Injection =============================================================== MyPHP CMS page.php pid Remote SQL Injection Vulnerability =============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH...

MyPHP CMS 0.3.1 - 'pid' SQL Injection

=============================================================== MyPHP CMS page.php pid Remote SQL Injection Vulnerability =============================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

CVE-2008-2813

Directory traversal vulnerability in index.php in WallCity-Server Shoutcast Admin Panel 2.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter...

MyBlog: PHP and MySQL BlogCMS software - SQL Injection Cross-Site Scripting

MyBlog: PHP and MySQL BlogCMS software - SQL Injection Cross-Site Scripting ===================================================================================== MyBlog: PHP and MySQL Blog/CMS software SQL/XSS Multiple Remote Vulnerabilities...

MyBlog: PHP and MySQL Blog/CMS software - SQL Injection / Cross-Site Scripting

===================================================================================== MyBlog: PHP and MySQL Blog/CMS software SQL/XSS Multiple Remote Vulnerabilities ===================================================================================== ,--^----------,--------,-----,-------^--, |...

cauposhop-sql.txt

!/usr/bin/perl CaupoShop Classic 1.3 Remote Exploit Bug by: h0yt3r Dork: inurl:cscarticledetails.php Couldnt find a stable dork for this specific Version. Exploit will only work on correct version. I found this long time ago but never actually shared it. As the userid's are a bit messy you will...

CaupoShop Classic 1.3 - 'saArticle[ID]' SQL Injection

!/usr/bin/perl CaupoShop Classic 1.3 Remote Exploit Bug by: h0yt3r Dork: inurl:cscarticledetails.php Couldnt find a stable dork for this specific Version. Exploit will only work on correct version. I found this long time ago but never actually shared it. As the userid's are a bit messy you will...

CVE-2008-2754

SQL injection vulnerability in toplists.php in eFiction 3.0 and 3.4.3, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the list parameter...

CVE-2008-2772

The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly related to a missing "whitelist of callbacks."...

CVE-2008-2770

SQL injection vulnerability in index.php in MycroCMS 0.5, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the entryid parameter...

Design/Logic Flaw

The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly related to a missing "whitelist of callbacks."...

CVE-2008-2772

The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly related to a missing "whitelist of callbacks."...

CVE-2008-2772

The Magic Tabs module 5.x before 5.x-1.1 for Drupal allows remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly related to a missing "whitelist of callbacks."...

CVE-2008-2772

CVE-2008-2772 describes a vulnerability in the Magic Tabs module for Drupal, where versions 5.x prior to 5.x-1.1 allow remote attackers to execute arbitrary PHP code via unspecified URL arguments, possibly due to a missing whitelist of callbacks. The affected software is the Magic Tabs module ver...

WebChamado 1.1 Arbitrary Add Admin Exploit

No description provided by source. !/usr/bin/perl ============================================ WebChamado 1.1 Arbitrary Add Admin Exploit ============================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

WebChamado 1.1 Arbitrary Add Admin Exploit

Exploit for unknown platform in category web applications ========================================== WebChamado 1.1 Arbitrary Add Admin Exploit ========================================== !/usr/bin/perl ============================================ WebChamado 1.1 Arbitrary Add Admin Exploit...

GLLCTS2 - 'sort' Blind SQL Injection

!/usr/bin/perl gllcTS2 listing.php $sort Remote Blind SQL Injection Exploit Bug by: h0yt3r This one shows another vulnerability in the gllcTS2. Thera are many with simple injections Same Versions are affected. Also shows the conecpt of how to inject an ORDER BY statement via Blind Injection and...