Lucene search
K

161 matches found

seebug.org
seebug.org
added 2007/12/27 12:0 a.m.74 views

PHP ZLink 'go.php' SQL注入漏洞

PHP ZLink是一款基于PHP的WEB应用程序。 PHP ZLink不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息或操作数据库。 问题是由于'go.php'脚本对用户提交的WEB参数处理缺少充分过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 Zeak.net PHP ZLink 0.3 目前没有解决方案提供: http://www.zeak.net/ !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV3 print "\n \'/...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/24 12:0 a.m.22 views

phpzlink-sql.txt

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV3 print "\n \'/ "; print "\n -.- "; print "\n -----------------oOO------OOo----------------"; print "\n | PHP ZLink v0.3 go.php Remote SQL Injection |"; print "\n | coded by DNX |"; print "\n...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/12/23 12:0 a.m.35 views

PHP ZLink 0.3 - 'go.php' SQL Injection

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV3 print "\n \'/ "; print "\n -.- "; print "\n -----------------oOO------OOo----------------"; print "\n | PHP ZLink v0.3 go.php Remote SQL Injection |"; print "\n | coded by DNX |"; print "\n...

7AI score
Exploits0
0day.today
0day.today
added 2007/08/31 12:0 a.m.30 views

CKGold Shopping Cart 2.0 (category.php) Blind SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================================== CKGold Shopping Cart 2.0 category.php Blind SQL Injection Exploit =================================================================== !/usr/bin/perl use LWP::UserAgent; us...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/08/29 12:0 a.m.17 views

ABC estore 3.0 (cat_id) Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================================== ABC estore 3.0 catid Remote Blind SQL Injection Exploit ========================================================== !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1...

7.1AI score
Exploits0
NVD
NVD
added 2007/05/29 8:30 p.m.18 views

CVE-2007-2881

Multiple stack-based buffer overflows in the SOCKS proxy support sockd in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation...

10CVSS7.7AI score0.25703EPSS
Exploits4References9
Prion
Prion
added 2007/05/29 8:30 p.m.22 views

Stack overflow

Multiple stack-based buffer overflows in the SOCKS proxy support sockd in Sun Java Web Proxy Server before 4.0.5 allow remote attackers to execute arbitrary code via crafted packets during protocol negotiation...

10CVSS8.3AI score0.25703EPSS
Exploits4References9Affected Software1
0day.today
0day.today
added 2007/02/26 12:0 a.m.38 views

STWC-Counter <= 3.4.0 (downloadcounter.php) RFI Exploit

Exploit for unknown platform in category web applications ======================================================= STWC-Counter = 3.4.0 downloadcounter.php RFI Exploit ======================================================= ?php //File Inclusion Exploit for STWC-Counter = 3.4.0.0 //| //Vendor:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/02/26 12:0 a.m.50 views

STWC-Counter 3.4.0 - &#039;downloadcounter.php&#039; Remote File Inclusion

?php //File Inclusion Exploit for STWC-Counter = 3.4.0.0 //Found and Exploit Coded by burncycle - burncycleatrobert-berandotde //| //Vendor: http://www.stwc-counter.de/ //Dork: www.stwc-counter.de //| //Bug in "downloadcounter.php": //.. //$stwcverzeichniss = $stwccounterverzeichniss; //...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/02/22 12:0 a.m.50 views

webSPELL &lt;= 4.01.02 (topic) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV2 print " \'/ "; print " -.- "; print " -------------------oOO------OOo-------------------"; print " | webSPELL = v4.01.02 topic Remote SQL Injection |"; print " | coded by DNX |"; print "...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/02/16 12:0 a.m.21 views

webSPELL 4.01.02 (showonly) Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================== webSPELL 4.01.02 showonly Remote Blind SQL Injection Exploit ============================================================== !/usr/bin/perl use LWP::UserAgent; use Getopt::Long;...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/02/07 12:0 a.m.33 views

Advanced Poll 2.0.5-dev - Remote Admin Session Generator

!/usr/bin/perl -w Advanced Poll 2.0.0 = 2.0.5-dev textfile admin session gen. 0day! KEEP IT PRIVATE 0day! date: 30/07/06 diwou PHCKSEC c 2001-2006. see templates for code execution ;. use strict; use warnings; use LWP::UserAgent; use MD5; my...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/03/21 12:0 a.m.33 views

FreeWPS 2.11 - &#039;images.php&#039; Remote Code Execution

? errorreportingEERROR; function exploitinit if !extensionloaded'phpcurl' && !extensionloaded'curl' if !dl'curl.so' && !dl'phpcurl.dll' die "oo error - cannot load curl extension!"; function exploitheader echo "\noooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo";...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/03/21 12:0 a.m.12 views

FreeWPS 2.11 - images.php Remote Code Execution

FreeWPS 2.11 - images.php Remote Code Execution ? errorreportingEERROR; function exploitinit if !extensionloaded'phpcurl' && !extensionloaded'curl' if !dl'curl.so' && !dl'phpcurl.dll' die "oo error - cannot load curl extension!"; function exploitheader echo...

8.1AI score
Exploits0
0day.today
0day.today
added 2006/02/24 12:0 a.m.201 views

Lansuite <= 2.1.0 Beta (fid) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================================= Lansuite = 2.1.0 Beta fid Remote SQL Injection Exploit ========================================================= ? errorreportingEERROR; function xssinit if !extensionloaded'phpcurl...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/09/22 12:0 a.m.30 views

My Little Forum 1.5 - &#039;SearchString&#039; SQL Injection

?php mlfexpl.php My Little Forum 1.5 possibly prior versions SQL Injection / MD5 password hash disclosure poc exploit with proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on registergloba...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2005/09/22 12:0 a.m.28 views

My Little Forum &lt;= 1.5 (searchstring) SQL Injection Exploit

No description provided by source. ?php mlfexpl.php My Little Forum 1.5 possibly prior versions SQL Injection / MD5 password hash disclosure poc exploit with proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...

7.1AI score
Exploits0
0day.today
0day.today
added 2005/09/22 12:0 a.m.61 views

My Little Forum <= 1.5 (searchstring) SQL Injection Exploit

Exploit for unknown platform in category web applications =========================================================== My Little Forum = 1.5 searchstring SQL Injection Exploit =========================================================== ?php mlfexpl.php My Little Forum 1.5 possibly prior versions S...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2005/06/25 12:0 a.m.22 views

PHP-Fusion &lt;= 6.00.105 Accessible Database Backups Download Exploit

No description provided by source. !/usr/bin/perl D A R K A S S A S S I N S C R E W 2 0 0 5 Dark Assassins - http://dark-assassins.com/ Visit us on IRC @ irc.tddirc.net DarkAssassins phpfusiondb.pl; Version 0.1 22/06/05 PHP-Fusion db backup proof-of-concept by Easyex Database backup vuln in...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/10/19 12:0 a.m.29 views

FreeBSD : apache13-modssl -- format string vulnerability in proxy support (8)

The following package needs to be updated: apache+modssl+ipv6 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg18974c8a1fbd11d9814e0001020eed82.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML :...

6.4AI score0.05802EPSS
Exploits0References12
Rows per page
Query Builder