500 matches found
CVE-2011-1686
Multiple SQL injection vulnerabilities in Best Practical Solutions RT 2.0.0 through 3.6.10, 3.8.0 through 3.8.9, and 4.0.0rc through 4.0.0rc7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, as demonstrated by reading data...
CVE-2011-0987
The PMABookmarkget function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's execution of a SQL query by creating a bookmark...
KLINK - SQL Injection
KLINK - SQL Injection Andr�s G�mez Exploit Title : KLINK Sql Injection Vulnerability Date : 2010-12-31 Author : Andr�s G�mez Software Developed by : http://www.contacto.com Contact : [email protected] Dork : "allinurl:.php?txtCodiInfo=" An attacker may execute arbitrary SQL statements on...
KLINK SQL Injection
Andr�s G�mez Exploit Title : KLINK Sql Injection Vulnerability Date : 2010-12-31 Author : Andr�s G�mez Software Developed by : http://www.contacto.com Contact : [email protected] Dork : "allinurl:.php?txtCodiInfo=" An attacker may execute arbitrary SQL statements on the vulnerable system...
Phpcms2008 local file inclusion vulnerabilities and using: an arbitrary SQL statement execution-vulnerability warning-the black bar safety net
漏洞 文件 在 wap/index.php,contains the file limit is. inc.php the. Just contain a value to contain. formguide/admin/include/fields/datetime/fieldadd.inc.php EXP:error!!!!!! Please see the following Laojun only to the POC Friends ask me, access to the poc on the jump, how the explosion password Becaus...
XMB 1.9.11 Cross Site Request Forgery
...
Sql injection
SQL injection vulnerability in ogpshow.php in Online Guestbook Pro allows remote attackers to execute arbitrary SQL commands via the display parameter...
Yxbbs Forum system Ver 3.1.0 multiple vulnerabilities-vulnerability warning-the black bar safety net
Yxbbs by the Y network developed a set of open source free Community Forum system program, using asp+Access SQL technical. Speed: the use of currently the more popular caching technology, which greatly accelerates the forum access speed Function: although the function can not be and dynamic netwo...
Apache OFBiz - Remote Execution (via SQL Execution)
/ Apache OFBiz SQL Remote Execution PoC Payload. CVE: CVE-2010-0432 By: Lucas Apa lucas -at- bonsai-sec.com . Bonsai Information Security http://www.bonsai-sec.com/ / var cmd = 'command'; var xmlhttp=false; try xmlhttp = new ActiveXObject"Msxml2.XMLHTTP"; catch e try xmlhttp = new...
AS3FlexDB Login Information Disclosure / SQL Execution
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$ AS3FlexDB Database Login Information Disclosure & Remote SQL Excution $$$ $$$ || License: Free $$$ || Language: English $$$ AS3FlexDB || Cost: $0 $$$ || Platform: Flash...
AS3FlexDB Database Login Information Disclosure & Remote SQL Excution
Exploit for unknown platform in category web applications ===================================================================== AS3FlexDB Database Login Information Disclosure & Remote SQL Excution =====================================================================...
Network fun online shopping system fashion version v9. 7 background to really get the shell-vulnerability warning-the black bar safety net
Under the latest 2 0 0 9-1 2-2 2 just came out of the see online are only injected, no real take the shell on! The study of the following Web fun contains Forum, the forum for YXBBS it! YxBBs 2.3 For Access version! yxbbs the original Station data on the backup is there, and the fun is removed! S...
PT-2010-1396 · Maxdev · Mforum
Name of the Vulnerable Software and Affected Versions: MDForum module versions 2.x through 2.07 for MAXdev MDPro Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the c parameter in the "index.php" endpoint. Recommendations: For MDFor...
Zabbix Server : Multiple remote vulnerabilities
From Wikipedia : "Zabbix is a network management system application ... designed to monitor and track the status of various network services, servers, and other network hardware." Zabbix Server : Remote command execution Impacted software : Zabbix Server Zabbix reference :...
Zabbix Server Multiple remote vulnerabilities
No description provided by source. Zabbix Server : Multiple remote vulnerabilities From: Nicob nicob nicob net Date: Sun, 13 Dec 2009 16:28:35 +0100 From Wikipedia : "Zabbix is a network management system application ... designed to monitor and track the status of various network services, server...
Zabbix Server Multiple remote vulnerabilities
Exploit for unknown platform in category web applications ============================================= Zabbix Server Multiple remote vulnerabilities ============================================= Zabbix Server : Multiple remote vulnerabilities From: Nicob Date: Sun, 13 Dec 2009 16:28:35 +0100 Fro...
Zabbix Server - Multiple Vulnerabilities
Zabbix Server : Multiple remote vulnerabilities From: Nicob Date: Sun, 13 Dec 2009 16:28:35 +0100 From Wikipedia : "Zabbix is a network management system application ... designed to monitor and track the status of various network services, servers, and other network hardware." Zabbix Server :...
Zabbix Server - Multiple Vulnerabilities
Zabbix Server - Multiple Vulnerabilities Zabbix Server : Multiple remote vulnerabilities From: Nicob Date: Sun, 13 Dec 2009 16:28:35 +0100 From Wikipedia : "Zabbix is a network management system application ... designed to monitor and track the status of various network services, servers, and oth...
PT-2009-6400 · Testlink Team · Testlink
Name of the Vulnerable Software and Affected Versions: TestLink versions prior to 1.8.5 Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via the Test Case ID field to "lib/general/navBar.php" or the logLevel parameter to...
PT-2009-5712 · Plume · Plume Cms
Name of the Vulnerable Software and Affected Versions: Plume CMS version 1.2.3 Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via the "m" parameter to "manager/index.php" or by remote authenticated administrators via the "id"...