3744 matches found
CVE-2008-2678
Multiple SQL injection vulnerabilities in Telephone Directory 2008, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 code parameter in a confirmdata action to edit1.php and the 2 id parameter to viewmore.php...
jammcms-sql.txt
!/usr/bin/perl JAMM CMS id Blind SQL Injection Vulnerability Bug by: h0yt3r Dork: "powered by JAMM" http://www.site.de/cms/?id=blah Ok when we give $id an unexpected value like this we get an SQL Error. Unfortunately the script is so rude that it doesn't want to show us any data when we UNION...
Clever Copy 3.0 (results.php) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ========================================================== Clever Copy 3.0 results.php Remote SQL Injection Exploit ========================================================== !/usr/bin/perl Clever Copy results.php Remote SQL Injection...
Clever Copy 3.0 - 'results.php' SQL Injection
!/usr/bin/perl Clever Copy results.php Remote SQL Injection Exploit Bug by: h0yt3r Dork: "powered by Clever Copy" This simple Exploit will give you Admin Username and md5Password Pls don't use this to crack sites :P Gr33tz go to: thund3r, ramon, b!zZ!t, Free-Hack, Sys-Flaw and of course the...
SA-2008-032 - Magic Tabs - Arbitrary code execution
Magic Tabs provides an implementation of tabs filled via AJAX requests. Malicious users are able to run arbitrary PHP code via URL arguments to Magic Tabs as it does not provide a whitelist of callbacks. Versions affected Magic Tabs for Drupal 5.x prior to Magic Tabs 5.x-1.1 Drupal core is not...
smeweb-sqlxss.txt
======================================================= SMEweb 1.4b SQL/XSS Multiple Remote Vulnerabilities ======================================================= ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...
revokebbrc11-sql.txt
!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This is a public Exploit...
AJ Classifieds 2008 (index.php) Remote SQL Injection Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ AJ Classifieds 2008 index.php Remote SQL Injection Vulnerability +==-- --==+================================================================================+==--...
ajclassifieds-sql.txt
--==+================================================================================+==-- --==+ AJ Classifieds 2008 index.php Remote SQL Injection Vulnerability +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz Discovered On:...
Sql injection
SQL injection vulnerability in searchresult.php in Softbiz Web Host Directory Script, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the hostid parameter, a different vector than CVE-2005-3817...
[ECHO_ADV_91$2008] Online Rental Property Script <= 4.5 (pid) Blind Sql Injection Vulnerability
ECHOADV91$2008 ----------------------------------------------------------------------------------------- ECHOADV91$2008 Online Rental Property Script = 4.5 pid Blind Sql Injection Vulnerability ----------------------------------------------------------------------------------------- Author :...
BackLinkSpider 1.1 - cat_id SQL Injection
BackLinkSpider 1.1 - catid SQL Injection \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV95$2008 ----------------------------------------------------------------------------------------- ECHOADV95$2008 BackLinkSpider catid Blind Sql Injection Vulnerability...
PostNuke Module pnEncyclopedia <= 0.2.0 SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV90$2008 ----------------------------------------------------------------------------------------- ECHOADV90$2008 PostNuke Module pnEncyclopedia = 0.2.0 id Blind Sql Injection...
adv88-K-159-2008.txt
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV88$2008 ----------------------------------------------------------------------------------------- ECHOADV88$2008 Prozilla Hosting Index directory.php catid Blind Sql Injection Vulnerability...
Softbiz Web Host Directory Script (host_id) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ======================================================================= Softbiz Web Host Directory Script hostid SQL Injection Vulnerability ======================================================================= \ /\ \ / | \ \ | / \ // /...
Softbiz Web Host Directory Script - host_id SQL Injection
Softbiz Web Host Directory Script - hostid SQL Injection \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV89$2008 ----------------------------------------------------------------------------------------- ECHOADV89$2008 Softbiz Web Host Directory Script...
Prozilla Hosting Index - 'cat_id' SQL Injection
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV88$2008 ----------------------------------------------------------------------------------------- ECHOADV88$2008 Prozilla Hosting Index directory.php catid Blind Sql Injection Vulnerability...
PHP-Fusion submit.php文件SQL注入漏洞
BUGTRAQ ID: 28855 PHP-Fusion是一款基于PHP的内容管理系统。 PHP-Fusion的submit.php文件没有正确地过滤对submitinfo参数的输入便在SQL查询中使用,远程攻击者可能利用此漏洞执行SQL注入攻击。 相关代码: 1. if $stype == "l" 2. 3. if isset$POST'submitlink' 4. 5. if $POST'linkname' != "" && $POST'linkurl' != "" && $POST'linkdescription' != "" 6. $submitinfo'linkcategory...
CVE-2008-1911
SQL injection vulnerability in includes/system.php in 1024 CMS 1.4.2 beta and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via a cookpass cookie...
PHP-Fusion 6.01.14 - Blind SQL Injection
!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This was a priv8 Exploit...