2492 matches found
YouTube Clone Script - msg.php?id SQL Injection
YouTube Clone Script - msg.php?id SQL Injection --==+================================================================================+==-- --==+ YouTube Clone Script SQL Injection Vulnerability +==-- --==+================================================================================+==-- AUTHOR...
Buddy Zone 1.5 - 'view_sub_cat.php?cat_id' SQL Injection
--==+================================================================================+==-- --==+ Buddy Zone Version 1.5 SQL Injection Vulnerability +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE:...
e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ?php / Explanation: Bug 1 admin/showimg.php: ?php $fp = fopen$GET'img', "r"; $img = fread$fp, filesize$GET'img'; fclose$fp; header"Content-type: ".$GET'type'; echo $img; ? ...need i say more? Bug 2 admin/functions.php: if...
gcards-sql-exec.txt
!/usr/bin/php -q -d shortopentag=on ?php errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; if $argc4 print "-------------------------------------------------------------------------\r\n"; print " gCards = 1.46 SQL Injection/Remote Code Execution Exploit\r\n"; print...
gCards 1.46 - SQL Injection Remote Code Execution
gCards 1.46 - SQL Injection Remote Code Execution !/usr/bin/php -q -d shortopentag=on ?php errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; if $argc4 print "-------------------------------------------------------------------------\r\n"; print " gCards = 1.46 SQL...
WordPress Core 2.1.3 - 'admin-ajax.php' SQL Injection Blind Fishing
?php errorreportingEALL; $normdelay = 0; /////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////// // WordPress 2.1.3 "admin-ajax.php" sql injection blind fishing exploit // written by Janek Vind "waraxe" //...
PT-2007-3853 · Phphoo3 · Phphoo3
Name of the Vulnerable Software and Affected Versions: phpHoo3 affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the ADMIN USER and ADMIN PASS parameters during a login in the admin.php file. However, it is noted that ADMIN USER a...
PBlang 4.66z - Remote Create Admin
PBlang 4.66z - Remote Create Admin !/usr/bin/perl PBlang 4.66z Create Admin Exploit this exploit register a user with admin access Coded & Discovered By Hessam-x / Hessamx-at-Hessamx.net use IO::Socket; use LWP::UserAgent; use HTTP::Cookies; $host = $ARGV0; $uname = $ARGV1; $passwd = $ARGV2; $url...
Creative Guestbook 1.0 Multiple Remote Vulnerabilities
.-""""""""-. / Dj7xpl | | |, .-. .-. ,| | o/ o | |/ / | @ ^^ |IIIIII|/ @8@8|-IIIIII/-| / / @ +Iranian Are The Best In World+ Portal : Creative Guestbook 1.0 Download : http://www.thecreativeheads.de/CreativeFiles/downloads.php Author : Dj7xpl | Dj7xpl@yahoo...
creative Guestbook 1.0 - Multiple Vulnerabilities
creative Guestbook 1.0 - Multiple Vulnerabilities .-""""""""-. / Dj7xpl \ | | |, .-. .-. ,| | o/ \o | |/ /\ | @ ^^ \|IIIIII|/ @8@8 / \ / @ +Iranian Are The Best In World+ Portal : Creative Guestbook 1.0 Download : http://www.thecreativeheads.de/CreativeFiles/downloads.php Author : Dj7xpl |...
Creative Guestbook 1.0 Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ====================================================== Creative Guestbook 1.0 Multiple Remote Vulnerabilities ====================================================== .-""""""""-. / Dj7xpl \ | | |, .-. .-. ,| | o/ \o | |/ /\ | @ ^^...
creative Guestbook 1.0 - Multiple Vulnerabilities
.-""""""""-. / Dj7xpl \ | | |, .-. .-. ,| | o/ \o | |/ /\ | @ ^^ \|IIIIII|/ @8@8 / \ / @ +Iranian Are The Best In World+ Portal : Creative Guestbook 1.0 Download : http://www.thecreativeheads.de/CreativeFiles/downloads.php Author : Dj7xpl | [email protected] Dork : "Creative Guestbook" Class : Add...
CVE-2007-0409
BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP4, and 9.0 initial release does not encrypt passwords stored in the JDBCDataSourceFactory MBean Properties, which allows local administrative users to read the cleartext password...
CVE-2006-6773
pages/register/register.php in Fishyshoop 0.930 beta allows remote attackers to create arbitrary administrative users by setting the isadmin HTTP POST parameter to 1...
CVE-2006-6773
CVE-2006-6773 affects Fishyshoop 0.930 beta, where pages/register/register.php allows remote attackers to create arbitrary administrative users by sending is_admin=1 via HTTP POST. The vulnerability enables elevation of privileges (admin account creation) through a parameter-based bypass in the r...
Woltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection Exploit
Exploit for unknown platform in category web applications ====================================================================== Woltlab Burning Board Lite 1.0.2 decodecookie SQL Injection Exploit ====================================================================== ?php printr'...
Solaris 7 (sparc) : 110011-02
The remote host is missing Sun Security Patch number 110011-02 AnswerBook 1.4.2: create admin user that can interact with shell. Date this patch was last updated by Sun : Thu Aug 03 18:00:00 MDT 2000 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@...
Solaris 8 (sparc) : 110011-02
The remote host is missing Sun Security Patch number 110011-02 AnswerBook 1.4.2: create admin user that can interact with shell. Date this patch was last updated by Sun : Thu Aug 03 18:00:00 MDT 2000 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@...
cahierSQL.txt
Cahier de textes Pierre Lemaitre - St Lô France - Ver 2.0 Remote SQL injection Exploit Discovred By s4mi s4miatlinuxmaildotorg exploit http://localhost/PATH/lire.php?classeID=1&matiereID=SQL or http://localhost/PATH/lireafaire.php?classeID=SQL expemle of sql code to get admin user and password...
Cahier de textes 2.0 Remote SQL injection Exploit
Cahier de textes Pierre Lemaitre - St Lф France - Ver 2.0 Remote SQL injection Exploit Discovred By s4mi s4miatlinuxmaildotorg exploit http://localhost/PATH/lire.php?classeID=1&matiereID=SQL or http://localhost/PATH/lireafaire.php?classeID=SQL expemle of sql code to get admin user and password...