CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2008/06/12 12:0 a.m.•26 views

jammcms-sql.txt

!/usr/bin/perl JAMM CMS id Blind SQL Injection Vulnerability Bug by: h0yt3r Dork: "powered by JAMM" http://www.site.de/cms/?id=blah Ok when we give $id an unexpected value like this we get an SQL Error. Unfortunately the script is so rude that it doesn't want to show us any data when we UNION...

0day.today•added 2008/06/11 12:0 a.m.•30 views

JAMM CMS (id) Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================ JAMM CMS id Remote Blind SQL Injection Exploit ================================================ !/usr/bin/perl JAMM CMS id Blind SQL Injection Vulnerability Bug by: h0yt3r Dork: "powered by...

securityvulns•added 2008/06/05 12:0 a.m.•33 views

e107 Plugin echat MENU Blind SQL Injection Vulnerability

::e107 Plugin echat MENU Blind SQL Injection Vulnerability:: Virangar Security Team www.virangar.net www.virangar.ir -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all hackerz greetz:to my best friend in the...

Packet Storm•added 2008/05/23 12:0 a.m.•29 views

e107blog-sql.txt

::e107 Plugin BLOG Engine v2.2 macgurublog.php/uid Blind SQL Injection Vulnerability:: Virangar Security Team www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all hackerz greetz:to my best friend...

ALT Linux•added 2008/03/16 12:0 a.m.•26 views

Security fix for the ALT Linux 5 package MySQL version 5.0.51-alt2.a

March 16, 2008 Konstantin Lepikhov 5.0.51-alt2.a - 5.0.51a. - Security fixes: + CVE-2008-0226, CVE-2008-0227 Three vulnerabilities in yaSSL versions 1.7.5 that could lead to a server crash or execution of unauthorized code. + ALTER VIEW retained the original DEFINER value, even when altered by...

7.5CVSS6.5AI score0.92203EPSS

Exploits14

securityvulns•added 2008/02/12 12:0 a.m.•39 views

Vulnerabilities in Power Phlogger

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Information disclosure уязвимостях в Power Phlogger. XSS: В скрипте dspLogs.php. http://site/dspLogs.php?Shostname=223E3Cscript3Ealertdocument.cookie3C/script3E...

0.1AI score

0day.today•added 2008/01/08 12:0 a.m.•21 views

SmallNuke 2.0.4 Pass Recovery Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================================== SmallNuke 2.0.4 Pass Recovery Remote SQL Injection Exploit ========================================================== !/usr/bin/perl use Tk; use Tk::BrowseEntry; use Tk::DialogBox;...

0day.today•added 2008/01/06 12:0 a.m.•32 views

RunCMS Newbb_plus <= 0.92 Client IP Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================ RunCMS Newbbplus "UnderWHAT?!" ; $mw-geometry '420x383' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 8',-foreground='red'-pack; $mw-Label-text = 'Newbbplus 'Taho...

Packet Storm•added 2007/10/22 12:0 a.m.•21 views

vanilla-sql.txt

= 4.1, magicquotesgpc=Off Tested on versions 1.1.3, 1.1.2, 1.0.1 echo "------------------------------------------------------------\n"; echo "Vanilla - use specific prefix default LUM\n"; echo "-id= - use specific user id default 1\n"; echo "-c= - benchmark's loop count default 300000\n"; echo "-...

securityvulns•added 2007/03/22 12:0 a.m.•65 views

Web Wiz Forums 8.05 (MySQL version) SQL Injection

There is a vulnerability in MySQL version of Web Wiz Forums, free ASP bulletin board system software, enabling SQL injection. The vulnerability is in the code used to filter string parameters prior to including them in the SQL queries: 'Format SQL Query funtion Private Function formatSQLInputByVa...

0.9AI score

Packet Storm•added 2006/10/31 12:0 a.m.•28 views

eNM-0.0.1.txt

easy notes manager eNM version 0.0.1, available at http://217.172.179.216/evandor/html/index.php?id=103 is affected by multiple sql injection vulnerability due to a missing check of the user supplied input. An attacker can bypass the authentication procedure and get a full dump of the database...

securityvulns•added 2006/09/23 12:0 a.m.•45 views

Woltlab Burning Board 2.3.X SQL Injection Vulnerability

Use it like this: http://127.0.0.1/wbb2/thread.php?threadid=1&page=-1 Ok, its kinda useless 'cause it's an "ORDER BY", but u can see: - the PHP Version - the MySQL version - the wBB Version when it has been faked or removed Greets, 666 - www.sr-crew.de.tt...

1AI score

seebug.org•added 2006/05/02 12:0 a.m.•16 views

MySQL <= 5.0.20 COM_TABLE_DUMP Memory Leak/Remote BoF Exploit

No description provided by source. / April 21.st 2006 myexploit.c MySql COMTABLEDUMP Memory Leak & MySql remote B0f MySql = 5.0.20 MySql COMTABLEDUMP Memory Leak MySql = 4.x.x copyright 2006 Stefano Di Paola stefano.dipaolaatwisec.it GPL 2.0 Disclaimer: In no event shall the author be liable for...

Exploit DB•added 2006/04/04 12:0 a.m.•37 views

Crafty Syntax Image Gallery 3.1g - Remote Code Execution

!/usr/bin/perl This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or at your option any later version. This program is distributed in the hope that...

Packet Storm•added 2005/04/17 12:0 a.m.•34 views

waraxe-2005-SA041.txt

================================================================================ waraxe-2005-SA041 ================================================================================ Critical Sql Injection in PhpNuke 6.x-7.6 Top module...