176 matches found
Sql injection
Multiple SQL injection vulnerabilities in member.php in PHP Web Scripts Easy Banner Free 2009.05.18, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password parameters...
CVE-2010-4522
Multiple cross-site scripting XSS vulnerabilities in MyBB aka MyBulletinBoard 1.4.14, and 1.6.x before 1.6.1, allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 editpost.php, 2 member.php, and 3 newreply.php...
CVE-2010-4628
member.php in MyBB aka MyBulletinBoard before 1.4.12 makes a certain superfluous call to the SQL COUNT function, which allows remote attackers to cause a denial of service resource consumption by making requests to member.php that trigger scans of the entire users table...
CVE-2010-4628
member.php in MyBB aka MyBulletinBoard before 1.4.12 makes a certain superfluous call to the SQL COUNT function, which allows remote attackers to cause a denial of service resource consumption by making requests to member.php that trigger scans of the entire users table...
CVE-2010-4522
MyBB versions 1.4.14 and 1.6.x before 1.6.1 contain multiple XSS vulnerabilities that allow remote attackers to inject arbitrary script/HTML via editpost.php, member.php, and newreply.php. Root cause is improper input handling in those endpoints leading to stored/reflected input being executed in...
MyPHP Forum SQL injection vulnerability-vulnerability warning-the black bar safety net
Affected system: MyPHP. ws MyPHP Forum v3. 0 Final Description: BUGTRAQ ID: 2 7 1 1 8 MyPHP Forum is an easy to erect and easy to use based on MySQL with PHP Forum. MyPHP Forum process user requests data when there is an input validation vulnerability, a remote attacker could exploit this...
Oxygen2PHP 1.1.3 - 'member.php' SQL Injection
!/usr/bin/perl 0-Day Oxygen2PHP 'Mozilla/5.0', maxredirect = 0, cookiejar = $Cookies, or die $!; my $Get = $UserAgent-get$HostName.SQLInjection$UserName; if$Get-content = /0-91,5 : a-zA-Z0-9-.2,15 : a-f0-932/i refresh$HostName, $1, $2, $3; print " Exploit Successfully Executed \n"; print "...
phpcms 2 0 0 7 site management system Member. php page SQL injection vulnerability-vulnerability warning-the black bar safety net
Affected version: phpcms 2 0 0 7 GBK Vulnerability description: In the member/member. php line 4, The code is as follows: 1. .............. 2. $m = $db-getone SELECT FROM . TABLEMEMBER. m , . TABLEMEMBERINFO. i WHERE m. userid=i. userid AND m. username= 3. $username 4. , CACHE ,8 6 4 0 0; 5...
phpcms 2007网站管理系统Member.php页面SQL注入漏洞
在member/member.php的第4行,代码如下: 1. .............. 2. $m = $db-getone SELECT FROM .TABLEMEMBER. m , .TABLEMEMBERINFO. i WHERE m.userid=i.userid AND m.username= 3. $username 4. , CACHE ,86400; 5. .............. username变量未经过过滤就进入查询了,我们在其包含的include/common.inc.php文件中有如下代码: 1. ................ 2...
Phpkit 1.6.1 (member.php) Sql Injection Vulnerability
Exploit for unknown platform in category web applications ===================================================== Phpkit 1.6.1 member.php Sql Injection Vulnerability ===================================================== Phpkit 1.6.1 SQL Injection member.php | | ||| | | | | | -| .'| || | | | -| | | ...
CVE-2009-4448
inc/functionstime.php in MyBB aka MyBulletinBoard 1.4.10, and possibly earlier versions, allows remote attackers to cause a denial of service CPU consumption via a crafted request with a large year value, which triggers a long loop, as reachable through member.php and possibly other vectors...
discuz 6.1.0 member.php 跨站脚本漏洞
No description provided by source...
Built2Go PHP Link Portal 1.95.1 Remote File Upload Vulnerability
No description provided by source. Built2Go PHP Link Portal v1.95.1 RFU ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Date: 22.11.2008 Home: z0rlu.blogspot.com / www.experl.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : dork mu :...
Built2Go PHP Link Portal 1.95.1 - Arbitrary File Upload
Built2Go PHP Link Portal v1.95.1 RFU ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Date: 22.11.2008 Home: z0rlu.blogspot.com / www.experl.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : dork mu : "PHP Link Portal v1.95.1 © Big...
phpcmssp6 digg, member.php update vulnerability demo-a vulnerability warning-the black bar safety net
phpcmssp6 broke the wide-character encoding hole, comrades, is to play very cool, 10.1 classic injected again played, thanks again for found. Here we demonstrate the use of the method, after all, there are many small black dry looking bad, exp came out, we directly use the well, The exp code into...
CVE-2008-5574
SQL injection vulnerability in member.php in Webmaster Marketplace allows remote attackers to execute arbitrary SQL commands via the u parameter...
Sql injection
SQL injection vulnerability in member.php in Webmaster Marketplace allows remote attackers to execute arbitrary SQL commands via the u parameter...
CVE-2008-5574
SQL injection vulnerability in Webmaster Marketplace’s member.php allows remote attackers to execute arbitrary SQL commands via the u parameter. Affected: Webmaster Marketplace (member.php). Root cause details are not provided beyond the parameter-based injection; no remediation or patch informat...
Webmaster Marketplace SQL Injection
Webmaster Marketplace member.php u Remote SQL Injection Vulnerability Author: Hussin X Home :IQ-SecuriTY www.IQ-TY.com | TrYaG www.TrYaG.cc Mail : [email protected] script : http://www.unscripts.com/MPS.html DorK : : exploit :...
WebMaster Marketplace - SQL Injection
WebMaster Marketplace - SQL Injection Webmaster Marketplace member.php u Remote SQL Injection Vulnerability Author: Hussin X Home :IQ-SecuriTY www.IQ-TY.com | TrYaG www.TrYaG.cc Mail : [email protected] script : http://www.unscripts.com/MPS.html DorK : : exploit :...