PHPWind job.php远程SQL注入漏洞

PHPWind实现上存在输入验证漏洞，远程攻击者可能利用此漏洞非授权获取论坛的管理员权限。 PHPWind的job.php脚本对待处理的数据未作充分的过滤检查即用来构造SQL请求，远程攻击者可以通过向profile.php脚本的proicon变量传递带有恶意SQL命令串的数据并最终调用job.php，触发漏洞执行SQL注入攻击。攻击者可能利用此漏洞获取论坛的管理权限。 PHPWind PHPWind 2.0.2/3.31ce PHPWind ------- 目前厂商已经在最新版本的软件中修复了这个安全问题，请到厂商的主页下载： http://www.phpwind.net/...

MyForum 1.3 - 'lecture.php' SQL Injection

!/usr/bin/perl Remote SQL Injection Exploit Software : MyForum 1.3 Download : http://www.easy-script.com/scripts-dl/myforumv1.3.zip Date : 27 October 2008 Author : Vrs-hCk Contact : d00rattelkomdotnet Greetz MainHack BrotherHood - www.MainHack.com - www.ServerIsDown.org Paman, OoNBoy, NoGe, Fluzy...

Kasra CMS - 'index.php' Multiple SQL Injections

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= KasraCMS index.php Multiple Remote SQL Injection Vulnerabilities -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Script: KasraCMS Language : PHP WebSite:...

MindDezign Photo Gallery 2.2 (index.php id) SQL Injection Vulnerability

No description provided by source. ================================================================================== MindDezign Photo Gallery 2.2 index.php id Remote SQL Injection Vulnerability ==================================================================================...

YDC (kdlist.php cat) Remote SQL Injection Vulnerability

No description provided by source. || | | YDC cat Remote SQL Injection Vulnerability | | |-------------------- Hussin X -------------------| | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email: darkangelg85atYahooDoTcom | | | | | | script : http://www.ydc.ir/ | | DorK : "Powered by YDC" ||...

ajrss-sql.txt

================================================================================================================== SSSSS NN N AA K K EEEEE SSSSS TTTTTTTTT EEEEE AA MM MM S N N N A A K K E S T E A A M M M M SSSSS N N N AAAAAA KKK EEEEE SSSSS T EEEEE AAAAAA M M M M S N N N A A K K E S T E A A M M M...

MindDezign Photo Gallery 2.2 (index.php id) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ======================================================================= MindDezign Photo Gallery 2.2 index.php id SQL Injection Vulnerability =======================================================================...

minddezignpg-sql.txt

================================================================================== MindDezign Photo Gallery 2.2 index.php id Remote SQL Injection Vulnerability ================================================================================== ,--^----------,--------,-----,-------^--, | |||||||||...

MindDezign Photo Gallery 2.2 - SQL Injection

================================================================================== MindDezign Photo Gallery 2.2 index.php id Remote SQL Injection Vulnerability ================================================================================== ,--^----------,--------,-----,-------^--, | |||||||||...

shopmaker-sql.txt

|| | | ShopMaker v1.0 product.php id Remote SQL Injection Vulnerability | | |-------------------- Hussin X -------------------| | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email: darkangelg85atYahooDoTcom | | | | | | script : http://shop.maker.ir | | DorK : "ShopMaker v1.0" || Exploit:...

XOOPS Module makale Remote SQL Injection Vulnerability

No description provided by source. XOOPS Module: makale AUTHOR : EcHoLL HOME : http://www.warezturk.org MAİL : [email protected] DORKS 1 : dork: /modules/makale/ target: scriptpage.com/modules/makale/makale.php?id= sql Code Sql code:...

ShopMaker CMS 1.0 - 'id' SQL Injection

|| | | ShopMaker v1.0 product.php id Remote SQL Injection Vulnerability | | |-------------------- Hussin X -------------------| | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email: darkangelg85atYahooDoTcom | | | | | | script : http://shop.maker.ir | | DorK : "ShopMaker v1.0" || Exploit:...

XOOPS Module makale Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ====================================================== XOOPS Module makale Remote SQL Injection Vulnerability ====================================================== XOOPS Module: makale AUTHOR : EcHoLL HOME : http://www.warezturk.org DORKS...

XOOPS Module GesGaleri (kategorino) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w Xoops GesGaleri Sql injection Author : EcHoLL www.warezturk.org www.tahribat.com Greetz : Blacklabel TURK Godlike ! ModuleName: GesGaleri ! ScriptName: XOOPS ! GoogleDork: inurl:"/modules/GesGaleri/" system"color FF0000"; system"Nohacking"; pri...

XOOPS Module GesGaleri (kategorino) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================ XOOPS Module GesGaleri kategorino Remote SQL Injection Exploit ================================================================ !/usr/bin/perl -w Xoops GesGaleri Sql injectio...

XOOPS Module GesGaleri - SQL Injection

XOOPS Module GesGaleri - SQL Injection !/usr/bin/perl -w Xoops GesGaleri Sql injection Author : EcHoLL www.warezturk.org www.tahribat.com Greetz : Blacklabel TURK Godlike ! ModuleName: GesGaleri ! ScriptName: XOOPS ! GoogleDork: inurl:"/modules/GesGaleri/" system"color FF0000"; system"Nohacking";...

iGaming CMS 2.0 Alpha 1 (search.php) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl ----------------------------------------------------- iGaming CMS 2.0 Alpha 1 Remote SQL Injection Exploit By StAkeR aka athos - StAkeRathotmaildotit On 16/10/2008 http://www.igamingcms.com/iGaming2Alpha.zip...

Vivid Ads Shopping Cart (cid) Remote SQL Injection

Vivid Ads Shopping Cart cid Remote SQL Injection Discovered By : [email protected] 15/10/2008 HomePage : http://mildnet.org Thx to : Nyubi aka Solpot,homeedition2001,dead,ardan, anakbugis,kaka11,rahulxisback,antiunderground,cheio AND FOR ALL IRC.MILDNET.ORG COMMUNITY Dork : "Vivid Ads...

vividads-sql.txt

Vivid Ads Shopping Cart cid Remote SQL Injection Discovered By : [email protected] 15/10/2008 HomePage : http://mildnet.org Thx to : Nyubi aka Solpot,homeedition2001,dead,ardan, anakbugis,kaka11,rahulxisback,antiunderground,cheio AND FOR ALL IRC.MILDNET.ORG COMMUNITY Dork : "Vivid Ads...

myevent-sql.txt

myEvent 1.6 viewevent.php Remote SQL Injection Vulnerability url: http://mywebland.com/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk. Author will be not responsible...