Square: Blind SQL injection in www.bookfresh.com

The resource at /reservations doesn't properly sanitise the "client" variable before putting it into a MySQL statement. This results in a Blind SQL Injection vulnerability. We can demonstrate the vulnerability by making the SQL server wait for a while before responding. PoC wait a while:...

Microsoft Tuesday Update to Patch Critical Windows and Internet Explorer Vulnerabilities

Today Microsoft has released its Advance Notification for the month of August 2014 Patch Tuesday Updates releasing a total of nine security Bulletins, which will address several vulnerabilities in its products, out of which two are marked critical and rest are important in severity. The latest...

Advance Notification Service for the August 2014 Security Bulletin Release

Today, we provide advance notification for the release of nine Security Bulletins. Two of these are rated Critical, and the remaining seven are rated Important in severity. These Updates are for SQL Server, SharePoint, OneNote, .NET, Microsoft Windows, and Internet Explorer. As per our usual...

某投稿系统通用型SQL注射漏洞（影响众多企事业单位及学校）

简要描述： 某投稿系统通用型SQL注射漏洞 详细说明： 南京杰诺瀚软件科技有限公司的投稿系统SQL注射漏洞 intitle:投稿系统 技术支持：南京杰诺瀚软件科技有限公司 Web/Login.aspx 页面的 username 参数存在问题 DBA 权限注射 URL:...

Lime Survey 2.05+ Build 140618 XSS / SQL Injection Vulnerabilities

Lime Survey version 2.05+ Build 140618 suffers from cross site scripting and remote SQL injection vulnerabilities. Title: Lime Survey Multiple Vulnerabilities Discovery date: 02/07/2014 Release date: 03/07/2014 Vendor Homepage: www.limesurvey.org Version: Lime Survey 2.05+ Build 140618 Tested wit...

LimeSurvey 2.05+ Multiple Vulnerabilities

ADVISORY INFORMATION Title: Lime Survey Multiple Vulnerabilities Discovery date: 02/07/2014 Release date: 03/07/2014 Vendor Homepage: www.limesurvey.org Version: Lime Survey 2.05+ Build 140618 Tested with: MS SQL Server 2008 Credits: Giuseppe D'Amore...

Web Wiz Forums 9.68 SQLi Vulnerability

No description provided by source. ========================================= Web Wiz Forums 9.68 SQLi Vulnerability ========================================= Name : Web Wiz Forums 9.68 SQLi Vulnerability Date : june, 9 2010 Vendor url :http://www.webwiz.co.uk/webwizforums/ Platform: Windows...

Microsoft SQL Server 2000 SQLXML Script Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5005/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various methods of communication...

Microsoft SQL Server 2000 Database Consistency Checkers Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5307/info Microsoft SQL Server 2000 includes utilities called Database Consistency Checkers DBCC. Several of these programs contain identical buffer overflows that, when exploited, could allow an attacker to execute...

Battle Blog <= 1.25 (comment.asp) Remote SQL Injection Vulnerability

No description provided by source. ++ | hhh hhh aa ccccccc kk k EEEEEEEE RRRR TTTTTTTT NNN NN | | hhh hhh aa aa cc kk k E RR R ----------- TT NN N NN | | hhhhhhhh aaaaaaaa cc kkk EEEEEEE RR R ----------- TT NN N NN | | hhh hhh aa aa cc kk k E RR R TT NN NNN | | hhh hhh aa aa ccccccc kk k EEEEEEE ...

CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection

No description provided by source. $Id: catotaldefenseregeneratereports.rb 13810 2011-10-02 17:03:23Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...

JiRo?s FAQ Manager (read.asp fID) 1.0 - SQL Injection Vulnerability

No description provided by source. + Script Name : JiRo´s FAQ Manager eXperience + Version : v 1.0 + Price : Single Website License 34.95 $ 2 Websites License 62.95 $ 5 Websites License 139.95 $ + Author : Underz0ne Crew + Home : http://www.underz0ne.net + Script In short : 'JiRos FAQ Management...

Microsoft SQL Server 2000 SQLXML Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5004/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various methods of communication...

Microsoft SQL Server Payload Execution via SQL injection

No description provided by source. $Id: mssqlpayloadsqli.rb 11730 2011-02-08 23:31:44Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...

quickersite 1.8.5 - Multiple Vulnerabilities

No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: QuickerSite Multiple Vulnerabilities Vendor: www.quickersite.com Vulnerable Version: 1.8.5 Exploit: Available Impact: High Fix: N/A Original Advisory: http://bugreport.ir/index.php?/39 1. Description:...

Microsoft SQL Server 2000 User Authentication Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5411/info A vulnerability has been discovered in Microsoft SQL Server that could make it possible for remote attackers to gain access to target hosts. It is possible for an attacker to cause a buffer overflow condition on...

Microsoft SQL Server 7.0 - Remote Denial of Service Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/11265/info Reportedly Microsoft SQL Server is affected by a remote denial of service vulnerability. This issue is due to a failure of the application to handle irregular network communications. An attacker may leverage th...

Snitz Forums 2000 Register.ASP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7549/info Snitz Forums 2000 is ASP-based web forum software. It runs on Microsoft Windows operating systems. Snitz is back-ended by a database and supports Microsoft Access 97/2000, SQL Server 6.5/7.0/2000 and MySQL. It i...

Microsoft SQL Server 7.0/7.0 SP1 NULL Data DoS Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/817/info If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data it will crash. The crash will generate an event in the log with ID 17055 fatal exception EXCEPTIONACCESS VIOLATION. / sqldos...

Microsoft SQL Server 7.0/2000 JET Database Engine 4.0 Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7541/info Microsoft SQL Server is prone to an exploitable buffer overrun vulnerability via the Jet Database Engine. This can occur while the JET 4.0 OLE DB data provider is querying data supplied via a remote source and i...