Gonafish LinksCaffePRO 4.5 - 'index.php' SQL Injection

/\ \ /\ \ \ /\ /\ \ //\ \ \ \ \ \ \ \ \ \ \ /',\ \ \ \ \ \ \ \ /\ /'\ /'\ \ \ \ /\ ,\ /, \ \ \ \ ,\ \ \ \ // / // /\//\///\/\ \ \/\ // // // //////// //// security breakd0wn! Title: Gonafish LinksCaffePRO 4.5 index.php SQL Injection Vulnerability Vendor:...

MySQL空两进制字符串远程拒绝服务漏洞

BUGTRAQ ID: 31081br / CVE ID：CVE-2008-3963br / CNCVE ID：CNCVE-20082358br / br / MySQL是一款开放源代码的数据库应用程序。br / MySQL处理空两进制值存在问题，远程攻击者可以利用漏洞使服务程序崩溃。br / 通过Mysql客户端提交如下查询:br / select b'';br / 可导致服务程序崩溃。br / MySQL AB MySQL 6.0.4 MySQL AB MySQL 5.1.23 MySQL AB MySQL 5.0.60 可升级到最新版本：...

GLSA-200809-05 : Courier Authentication Library: SQL injection vulnerability

The remote host is affected by the vulnerability described in GLSA-200809-05 Courier Authentication Library: SQL injection vulnerability It has been discovered that some input e.g. the username passed to the library are not properly sanitised before being used in SQL queries. Impact : A remote...

CVE-2008-3840

Crafty Syntax Live Help CSLH 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

CVE-2008-3840

Crafty Syntax Live Help CSLH 2.14.6 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

Ultrastats <= 0.2.142 (players-detail.php) Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.: UltraStats is a very...

Ultrastats 0.2.142 - players-detail.php Blind SQL Injection

Ultrastats 0.2.142 - players-detail.php Blind SQL Injection !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.:...

Ultrastats <= 0.2.142 (players-detail.php) Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ====================================================================== Ultrastats = 0.2.142 players-detail.php Blind SQL Injection Exploit ====================================================================== !/usr/bin/perl use...

Ultrastats 0.2.142 - &#039;players-detail.php&#039; Blind SQL Injection

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.: UltraStats is a very flexable log analyzing tool for Call of...

CVE-2008-2881

Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

CVE-2008-2881

Relative Real Estate Systems 3.0 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

CVE-2008-2881

CVE-2008-2881 affects Relative Real Estate Systems 3.0 and earlier. The vulnerability arises because passwords are stored in cleartext in a MySQL database, enabling context-dependent attackers to obtain sensitive information. The provided documents do not specify exploitation details, affected ve...

Information disclosure

AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

CVE-2008-2857

AlstraSoft AskMe Pro 2.1 and earlier stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

BlognPlus SQL injection vulnerability

Overview BlognPlus contains a SQL injection vulnerability. BlognPlus from R-ONE Computer is a software for creating blogs. BlognPlus for MySQL and for PostgreSQL contain a SQL injection vulnerability. According to the vendor, BlognPlus for Text is not affected by this vulnerability since it does...

Courier Authentication Library -- SQL Injection

Secunia reports: A vulnerability has been reported in the Courier Authentication Library, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via e.g. the username to the library is not properly sanitised before being used in SQL queries. This can be exploite...

Information disclosure

Terong PHP Photo Gallery aka Advanced Web Photo Gallery 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

CVE-2008-1711

Terong PHP Photo Gallery aka Advanced Web Photo Gallery 1.0 stores passwords in cleartext in a MySQL database, which allows context-dependent attackers to obtain sensitive information...

prediction-sql.txt

/ Prediction Football v 1.x Remote SQL INJECTION Discovered by 0in from Dark-Coders Programming & Security Group. !!!!!! http://dark-coders.4rh.eu !!!!!! Contact: 0indotemailatgmaildotcom Greetz to all Dark-Coders Group Members: DieAngel, Sun8hclf, M4r1usz, Djlinux, Aristo89 Script homepage:...

Prediction Football 1.x (matchid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================================== Prediction Football 1.x matchid Remote SQL Injection Vulnerability ==================================================================== / Prediction Football v 1.x Remote...