678 matches found
Sql injection
Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the IP address to the csgetip function in generate.php in the Captcha module, or 2 the semail parameter to the cssqlselect function in the MySQL database driver...
CVE-2010-1865
Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to execute arbitrary SQL commands via 1 the IP address to the csgetip function in generate.php in the Captcha module, or 2 the semail parameter to the cssqlselect function in the MySQL database driver...
Advanced Poll Script SQL Injection / Cross Site Scripting
Exploit Title: XSS and Authentication bypass in Advanced Poll Script Date: 26-apr-2010 Author: Sid3^effects Software Link: N/a CVE : Code : XSS and Authentication bypass in Advanced Poll Script Vendor:http://www.2daybiz.com/ Author:Sid3^effects Description : Advanced Poll is a polling system with...
2daybiz Advanced Poll Script XSS and Authentication Bypass
Exploit for php platform in category web applications ========================================================== 2daybiz Advanced Poll Script XSS and Authentication Bypass ========================================================== Description : Advanced Poll is a polling system with powerful...
2DayBiz Advanced Poll Script - Cross-Site Scripting Authentication Bypass
2DayBiz Advanced Poll Script - Cross-Site Scripting Authentication Bypass XSS and Authentication bypass in Advanced Poll Script Vendor:http://www.2daybiz.com/ Author:Sid3^effects Description : Advanced Poll is a polling system with powerful administration tool supports both text file and MySQL...
2DayBiz Advanced Poll Script - Cross-Site Scripting / Authentication Bypass
XSS and Authentication bypass in Advanced Poll Script Vendor:http://www.2daybiz.com/ Author:Sid3^effects Description : Advanced Poll is a polling system with powerful administration tool supports both text file and MySQL database. Its features include multiple polls, unlimited options, IP-Logging...
CentOS Update for mysql CESA-2010:0110 centos4 i386
Check for the Version of mysql OpenVAS Vulnerability Test CentOS Update for mysql CESA-2010:0110 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
[SECURITY] Fedora 11 Update: roundcubemail-0.3.1-2.fc11
RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...
mysql hash password cracking method-vulnerability warning-the black bar safety net
the mysql user name and password stored in mysql database user table, locate the MySQL\data\mysql\directory of the user. MYD user. MYI user. frm three files, copy to your own mysql database directory, you can view the user's hash. Used sql statements to extract the hash is as follows: use mysql;...
[SECURITY] Fedora 12 Update: cacti-0.8.7e-3.fc12
Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. Along with being able to maintain graphs, data sources, and round robin archives in a database, Cacti also...
[SECURITY] Fedora 11 Update: cacti-0.8.7e-3.fc11
Cacti is a complete frontend to RRDTool. It stores all of the necessary information to create graphs and populate them with data in a MySQL database. The frontend is completely PHP driven. Along with being able to maintain graphs, data sources, and round robin archives in a database, Cacti also...
WordPress Installations Under Brute-Force Attack
There is an ongoing attack against some WordPress implementations that is trying to brute-force the passwords for the administrator accounts on the installations. The attack is being driven by an automated PHP script that tries thousands of possible passwords. The SANS Internet Storm Center has...
mysql security update
CentOS Errata and Security Advisory CESA-2009:1289 Updated mysql packages that fix various security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user,...
Empire CMS message Board vulnerability-vulnerability warning-the black bar safety net
Dark gray dropped out of the 0day. Find used Empire CMS station,the site behind a directly applied:e/tool/gbook/? bid=1 For example: www.xxx.com/e/tool/gbook/?bid=1 Out is Empire CMS the guestbook,in the name of writing:缞\ Contact email at: ,1,1,1,select concatusername,0x5f,password,0x5f,rnd from...
Sguil/PADS - Remote Server Crash
Sguil/PADS Denial of Service exploit by Ataraxia Benjamin Rose Public announcement made 7/15/09. Please visit http://allmybase.com/ my blog for more up-to-date information, and a quick patch. More in-depth article available at: http://allmybase.com/?p=72 This more in-depth article does include...
Sguil/PADS SQL Injection / Server Crash Vulnerability
Exploit for multiple platform in category dos / poc ===================================================== Sguil/PADS SQL Injection / Server Crash Vulnerability ===================================================== Sguil/PADS SQL injection and server crash exploit by Ataraxia Benjamin Rose Public...
SHA could not escape my hands: clever use Cain crack MYSQL database password-bug warning-the black bar safety net
MYSQL database user password with the database user password the same, in the application of the system code are based on the plaintext appears in the access file read access can be directly from the database connection file is read, for example, asp code in conn. asp database connection file, in...
eLitius 1.0 Database Backup
Powered By eLitius 1.0 Remote Database Backup Backup MySQL Database Choose Operation: Backup data only Save to your PC Greets: Dos-Dz TeaM SnAkEs-TeaM H4ckF0rU TeaM Team Sobh4n ALLAH Dork: Powered By eLitius 1.0 Cod3d By ThE g0bL!N...
eLitius 1.0 Arbitrary Database Backup Exploit
No description provided by source. title Powered By eLitius 1.0 Remote Database Backup /title form action="http://esyndicat.org/admin/database-backup.php" method="post" name="adminForm" table class="admintable" tbodytr td style="width: 40%;" table class="adminform" tbody tr th colspan="2"Backup...
iShowMusic V1. 2 direct write shell vulnerability-vulnerability warning-the black bar safety net
By qiur3n iShow Music is a basic set in the PHP+TXT online music player. The program uses text data stored in a way, without MYSQL database support, and the program code and interface templates separated, and easy to your music website interface to modify. Official website: http://www.ishowsky.cn...