1417 matches found
Sql injection in ibProArcade
Sql injection in ibProArcade. This bug was discoverd in all of the versions of ibproarcade 2.x. It was tested and found perfectly working under vBulettin or Invision power board. Date:2005-11-5 The injection is here: module=report&user=userid Query: 'SELECT name FROM ibfmembers WHERE id=userid'...
JPortal Web Portal 2.2.1/2.3.1 - 'news.php' SQL Injection
source: https://www.securityfocus.com/bid/15324/info JPortal is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being used in an SQL query. Successful exploitation could result in a compromise of the application,...
JPortal Web Portal 2.2.12.3.1 - comment.php SQL Injection
JPortal Web Portal 2.2.12.3.1 - comment.php SQL Injection source: https://www.securityfocus.com/bid/15324/info JPortal is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being used in an SQL query. Successful exploitati...
CactuShop XSS and SQL injection flaws
The remote host runs CactuShop, an e-commerce web application written in ASP. The remote version of this software is vulnerable to cross-site scripting due to a lack of sanitization of user-supplied data in the script 'popuplargeimage.asp'. Successful exploitation of this issue may allow an...
SQLQHit Directory Structure Disclosure
The Sample SQL Query CGI is present. SPDX-FileCopyrightText: 2001 SecuriTeam Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10765";...
SQLQHit Directory Structure Disclosure
The Sample SQL Query CGI is present. The sample allows anyone to structure a certain query that would retrieve the content of directories present on the local server. OpenVAS Vulnerability Test $Id: sqlqhitinformationdisclosure.nasl 5786 2017-03-30 10:08:58Z cfi $ Description: SQLQHit Directory...
Invision Gallery 2.0.3 - 'index.php' SQL Injection
source: https://www.securityfocus.com/bid/15240/info Invision Gallery is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...
PunBB 1.2.x - search.php SQL Injection
PunBB 1.2.x - search.php SQL Injection source: https://www.securityfocus.com/bid/15114/info PunBB is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...
phpBB 2.0.13 (admin_styles.php) Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl r57phpbbadmin2exec.pl phpBB adminstyles.php commands execution exploit tested on phpBB 2.0.13 by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru screen r57phpbbadmin2exec.pl -p http://blah.com/phpBB/admin/ -s 0864cb0abb396319c589ebc2a98c2c5d -c...
The injection point that whether there is hard disk access-vulnerability warning-the black bar safety net
Now to everyone talk about how through the injection point determines theserviceController hard drivepartitionwhether there is access to the right This routine is very simple, if you will then please do not look at the, THE, the, the With the last I made the video, a simple injection, and the mus...
Noahs Classifieds 1.21.3 - index.php SQL Injection
Noahs Classifieds 1.21.3 - index.php SQL Injection source: https://www.securityfocus.com/bid/14833/info Noah's Classifieds is prone to an SQL injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in an SQL query. Successful exploitation could...
MyBulletinBoard (MyBB) 1.0 - RateThread.php SQL Injection
MyBulletinBoard MyBB 1.0 - RateThread.php SQL Injection source: https://www.securityfocus.com/bid/14786/info MyBulletinBoard is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query...
Mall23 - 'AddItem.asp' SQL Injection
source: https://www.securityfocus.com/bid/14898/info Mall23 is prone to an SQL injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application, disclosure or...
[SA16281] Denora IRC Stats "rdb_query()" Buffer Overflow Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Plague News System 0.7 - 'CID' SQL Injection
source: https://www.securityfocus.com/bid/14136/info Plague News System is prone to an SQL injection vulnerability. As a result, the attacker may modify the structure and logic of an SQL query that is made by the application. Other attacks may be possible depending on the capabilities of the...
PAFaq - Administrator Username SQL Injection
PAFaq - Administrator Username SQL Injection source: https://www.securityfocus.com/bid/14003/info paFaq is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation...
Loki Download Manager 2.0 - 'default.asp' SQL Injection
source: https://www.securityfocus.com/bid/13898/info Loki Download Manager is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'default.asp' script before using it in an SQL query. Successful exploitation...
WWWeb Concepts Events System 1.0 - login.asp SQL Injection
WWWeb Concepts Events System 1.0 - login.asp SQL Injection source: https://www.securityfocus.com/bid/13859/info WWWeb Concepts Events System is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'login.asp'...
Shop-Script - ProductID SQL Injection
source: https://www.securityfocus.com/bid/13635/info Shop-Script is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...
ASP Inline Corporate Calendar 3.6.3 - 'Details.asp' SQL Injection
source: https://www.securityfocus.com/bid/13487/info ASP Inline Corporate Calendar is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a...