Ultrastats <= 0.2.142 (players-detail.php) Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ====================================================================== Ultrastats = 0.2.142 players-detail.php Blind SQL Injection Exploit ====================================================================== !/usr/bin/perl use...

Ultrastats 0.2.142 - &#039;players-detail.php&#039; Blind SQL Injection

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.: UltraStats is a very flexable log analyzing tool for Call of...

Ultrastats 0.2.142 - players-detail.php Blind SQL Injection

Ultrastats 0.2.142 - players-detail.php Blind SQL Injection !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.:...

CVE-2008-2881

Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

CVE-2008-2881

CVE-2008-2881 affects Relative Real Estate Systems 3.0 and earlier. The vulnerability arises because passwords are stored in cleartext in a MySQL database, enabling context-dependent attackers to obtain sensitive information. The provided documents do not specify exploitation details, affected ve...

CVE-2008-2881

Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

Information disclosure

AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

CVE-2008-2857

AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

BlognPlus SQL injection vulnerability

Overview BlognPlus contains a SQL injection vulnerability. BlognPlus from R-ONE Computer is a software for creating blogs. BlognPlus for MySQL and for PostgreSQL contain a SQL injection vulnerability. According to the vendor, BlognPlus for Text is not affected by this vulnerability since it does...

Courier Authentication Library -- SQL Injection

Secunia reports: A vulnerability has been reported in the Courier Authentication Library, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via e.g. the username to the library is not properly sanitised before being used in SQL queries. This can be exploite...

CVE-2008-1711

Terong PHP Photo Gallery aka Advanced Web Photo Gallery 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

Information disclosure

Terong PHP Photo Gallery aka Advanced Web Photo Gallery 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

prediction-sql.txt

/ Prediction Football v 1.x Remote SQL INJECTION Discovered by 0in from Dark-Coders Programming & Security Group. !!!!!! http://dark-coders.4rh.eu !!!!!! Contact: 0indotemailatgmaildotcom Greetz to all Dark-Coders Group Members: DieAngel, Sun8hclf, M4r1usz, Djlinux, Aristo89 Script homepage:...

Prediction Football 1.x (matchid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================================== Prediction Football 1.x matchid Remote SQL Injection Vulnerability ==================================================================== / Prediction Football v 1.x Remote...

mamboquran-sql.txt

+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+ --found by breakerunit and Don...

Debian Security Advisory DSA 1169-1 (mysql-dfsg-4.1)

The remote host is missing an update to mysql-dfsg-4.1 announced via advisory DSA 1169-1. Several local vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-4226 Michal Prokopiuk discovered...

ipreg-sql.txt

--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Multiple...

Ip Reg 0.3 Multiple Remote SQL Injection Vulnerabilities

No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / &nb...

Ip Reg 0.3 Multiple Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ======================================================== Ip Reg 0.3 Multiple Remote SQL Injection Vulnerabilities ======================================================== --------------------------------------------------------------- / | ...

Aceboard forum, SQL injection

Aceboard is prone to a sql injection vulnerability because it fails to properly sanitize user-supplied input into Recherche.php form. An attacker can exploit this issue to modify initial query and reveal information from mysql databse. see u, karmaguedon...