497 matches found
KLINK SQL Injection
Andr�s G�mez Exploit Title : KLINK Sql Injection Vulnerability Date : 2010-12-31 Author : Andr�s G�mez Software Developed by : http://www.contacto.com Contact : [email protected] Dork : "allinurl:.php?txtCodiInfo=" An attacker may execute arbitrary SQL statements on the vulnerable system...
Phpcms2008 local file inclusion vulnerabilities and using: an arbitrary SQL statement execution-vulnerability warning-the black bar safety net
漏洞 文件 在 wap/index.php,contains the file limit is. inc.php the. Just contain a value to contain. formguide/admin/include/fields/datetime/fieldadd.inc.php EXP:error!!!!!! Please see the following Laojun only to the POC Friends ask me, access to the poc on the jump, how the explosion password Becaus...
XMB 1.9.11 Cross Site Request Forgery
...
Sql injection
SQL injection vulnerability in ogpshow.php in Online Guestbook Pro allows remote attackers to execute arbitrary SQL commands via the display parameter...
Yxbbs Forum system Ver 3.1.0 multiple vulnerabilities-vulnerability warning-the black bar safety net
Yxbbs by the Y network developed a set of open source free Community Forum system program, using asp+Access SQL technical. Speed: the use of currently the more popular caching technology, which greatly accelerates the forum access speed Function: although the function can not be and dynamic netwo...
Apache OFBiz - Remote Execution (via SQL Execution)
/ Apache OFBiz SQL Remote Execution PoC Payload. CVE: CVE-2010-0432 By: Lucas Apa lucas -at- bonsai-sec.com . Bonsai Information Security http://www.bonsai-sec.com/ / var cmd = 'command'; var xmlhttp=false; try xmlhttp = new ActiveXObject"Msxml2.XMLHTTP"; catch e try xmlhttp = new...
AS3FlexDB Login Information Disclosure / SQL Execution
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$$ AS3FlexDB Database Login Information Disclosure & Remote SQL Excution $$$ $$$ || License: Free $$$ || Language: English $$$ AS3FlexDB || Cost: $0 $$$ || Platform: Flash...
AS3FlexDB Database Login Information Disclosure & Remote SQL Excution
Exploit for unknown platform in category web applications ===================================================================== AS3FlexDB Database Login Information Disclosure & Remote SQL Excution =====================================================================...
Network fun online shopping system fashion version v9. 7 background to really get the shell-vulnerability warning-the black bar safety net
Under the latest 2 0 0 9-1 2-2 2 just came out of the see online are only injected, no real take the shell on! The study of the following Web fun contains Forum, the forum for YXBBS it! YxBBs 2.3 For Access version! yxbbs the original Station data on the backup is there, and the fun is removed! S...
PT-2010-1396 · Maxdev · Mforum
Name of the Vulnerable Software and Affected Versions: MDForum module versions 2.x through 2.07 for MAXdev MDPro Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the c parameter in the "index.php" endpoint. Recommendations: For MDFor...
Zabbix Server : Multiple remote vulnerabilities
From Wikipedia : "Zabbix is a network management system application ... designed to monitor and track the status of various network services, servers, and other network hardware." Zabbix Server : Remote command execution Impacted software : Zabbix Server Zabbix reference :...
Zabbix Server Multiple remote vulnerabilities
Exploit for unknown platform in category web applications ============================================= Zabbix Server Multiple remote vulnerabilities ============================================= Zabbix Server : Multiple remote vulnerabilities From: Nicob Date: Sun, 13 Dec 2009 16:28:35 +0100 Fro...
Zabbix Server - Multiple Vulnerabilities
Zabbix Server : Multiple remote vulnerabilities From: Nicob Date: Sun, 13 Dec 2009 16:28:35 +0100 From Wikipedia : "Zabbix is a network management system application ... designed to monitor and track the status of various network services, servers, and other network hardware." Zabbix Server :...
Zabbix Server Multiple remote vulnerabilities
No description provided by source. Zabbix Server : Multiple remote vulnerabilities From: Nicob nicob nicob net Date: Sun, 13 Dec 2009 16:28:35 +0100 From Wikipedia : "Zabbix is a network management system application ... designed to monitor and track the status of various network services, server...
Zabbix Server - Multiple Vulnerabilities
Zabbix Server - Multiple Vulnerabilities Zabbix Server : Multiple remote vulnerabilities From: Nicob Date: Sun, 13 Dec 2009 16:28:35 +0100 From Wikipedia : "Zabbix is a network management system application ... designed to monitor and track the status of various network services, servers, and oth...
PT-2009-6400 · Testlink Team · Testlink
Name of the Vulnerable Software and Affected Versions: TestLink versions prior to 1.8.5 Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via the Test Case ID field to "lib/general/navBar.php" or the logLevel parameter to...
PT-2009-5712 · Plume · Plume Cms
Name of the Vulnerable Software and Affected Versions: Plume CMS version 1.2.3 Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via the "m" parameter to "manager/index.php" or by remote authenticated administrators via the "id"...
CVE-2009-2254
Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the querystring parameter in an execute action, in conjunction with a PATHINFO of passwordforgotten.php, related to a "SQL...
CVE-2009-2254
Zen Cart 1.3.8a, 1.3.8 and earlier versions are affected by an unauthenticated access flaw in admin/sqlpatch.php combined with PATH_INFO password_forgotten.php, allowing remote attackers to inject and execute arbitrary SQL via the query_string in an execute action. The issue enables potentially u...
Zen Cart Ecommerce 1.3.8 SQL Injection
!/usr/bin/python ------- Zen Cart 1.3.8 Remote SQL Execution http://www.zen-cart.com/ Zen Cart Ecommerce - putting the dream of server rooting within reach of anyone! A new version 1.3.8a is avaible on http://www.zen-cart.com/ BlackH : Notes: must have admin/sqlpatch.php enabled clean the databas...