[Full-disclosure] POWER PHLOGGER v.2.2.5 (username) SQL Injection

POWER PHLOGGER v.2.2.5 username SQL Injection Author: Attila Gerendi Darkz Date: June 25, 2007 Package: POWER PHLOGGER http://www.phpee.com/ Versions Affected: v.2.2.5 Other versions may also be affected Severity: SQL Injection Description: Input passed to the "username" parameter in "login.php"...

FuseTalk 2.03.0 - AuthError.cfm SQL Injection

FuseTalk 2.03.0 - AuthError.cfm SQL Injection source: https://www.securityfocus.com/bid/24528/info FuseTalk is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attack...

vBSupport 2.0.0 Integrated Ticket System - 'vBSupport.php' SQL Injection

source: https://www.securityfocus.com/bid/24397/info vBSupport is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized...

Ibrahim Ã?AKICI - 'Okul Portal Haber_Oku.asp' SQL Injection

source: https://www.securityfocus.com/bid/24379/info Ibrahim Ã?AKICI Okul Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue by manipulating the SQL query logic to carry...

Ibrahim Ã?AKICI - Okul Portal Haber_Oku.asp SQL Injection

Ibrahim Ã?AKICI - Okul Portal HaberOku.asp SQL Injection source: https://www.securityfocus.com/bid/24379/info Ibrahim Ã?AKICI Okul Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploi...

PostNuke PNPHPBB2 Module Index.PHP SQL注入漏洞

PNphpBB是一款基于PHP的WEB应用程序。 PNphpBB不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息。 问题是'Index.PHP'脚本对用户提交的WEB参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息。 PNphpBB PNphpBB 1.2 g PNphpBB PNphpBB 1.2 f PNphpBB PNphpBB 1.2 目前没有解决方案提供： http://www.pnphpbb.com/modules.php?op=modload&name=ForumNews&file=index...

CPCommerce 1.1 - 'manufacturer.php' SQL Injection

source: https://www.securityfocus.com/bid/24223/info cpCommerce is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

Thyme Calendar 1.3 Remote SQL Injection Vulnerability

No description provided by source. Thyme Calendar 1.3 SQL Vulnerability Exploit by Warlord codehook.110mb.com ------------------------------------------------------------------- OVERVIEW AND DEFINITION --------------------------...

Thyme Calendar 1.3 Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ===================================================== Thyme Calendar 1.3 Remote SQL Injection Vulnerability ===================================================== Thyme Calendar 1.3 SQL Vulnerability Exploit by Warlord...

Thyme Calendar 1.3 - SQL Injection

Thyme Calendar 1.3 SQL Vulnerability Exploit by Warlord codehook.110mb.com ------------------------------------------------------------------- OVERVIEW AND DEFINITION ------------------------------------------------------------------- A vulnerability in exists in Thyme Calendar 1.3 and possibly...

Thyme Calendar 1.3 - SQL Injection

Thyme Calendar 1.3 - SQL Injection Thyme Calendar 1.3 SQL Vulnerability Exploit by Warlord codehook.110mb.com ------------------------------------------------------------------- OVERVIEW AND DEFINITION ------------------------------------------------------------------- A vulnerability in exists i...

WF-Quote 1.0 Xoops Module - 'index.php' SQL Injection

source: https://www.securityfocus.com/bid/23845/info The WF-Quote module for the Xoops CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

pnflash-sql.txt

============================================================ PostNuke pnFlashGames Module v1.5 REmote SQL Injection ============================================================ Bulan: xoron xoron.biz + Love's the funeral of hearts The funeral of hearts And a plea for mercy When love is a gun...

E-Annu - home.php SQL Injection

E-Annu - home.php SQL Injection source: https://www.securityfocus.com/bid/23727/info E-Annu is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Particle Blogger 1.2.1 - Archives.php SQL Injection

Particle Blogger 1.2.1 - Archives.php SQL Injection source: https://www.securityfocus.com/bid/24232/info Particle Blogger is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

PHPKit 1.6.1 - 'comment.php' SQL Injection

source: https://www.securityfocus.com/bid/21962/info PHPKIT is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modi...

Shopstorenow E-Commerce Shopping Cart - 'Orange.asp' SQL Injection

source: https://www.securityfocus.com/bid/21905/info Shopstorenow E-commerce Shopping Cart is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise...

PHPMyRing <= 4.2.0 (view_com.php) Remote SQL Injection Exploit

No description provided by source. Title: PHPMyRing's viewcom.php Remote SQL injection Exploit Vendor: phpmyring webiste : http://phpmyring.sourceforge.net/ Version : = 4.2.0 Severity: Critical Discovered by: Simo64 simo64atmorxorg Exploit writting by: Simo Ben youssef simoatmorxorg Discovered: 0...

UApplication Uguestbook 1.0 - index.asp SQL Injection

UApplication Uguestbook 1.0 - index.asp SQL Injection source: https://www.securityfocus.com/bid/21426/info Uapplication Uguestbook is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...

Enthrallweb eClassifieds - 'dirSub.asp?sid' SQL Injection

source: https://www.securityfocus.com/bid/21192/info eClassifieds is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access ...