252 matches found
Zix Forum <= 1.12 (layid) SQL Injection Vulnerability
Zix Forum = 1.12 layid SQL Injection Vulnerability Vulnerability: -------------------- SQLInjection: Input passed to the "layid" parameter in 'settings.asp' not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code...
Crafty Syntax Image Gallery <= 3.1g Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or at your option any later version. This...
Utopia News Pro 1.1.3 SQL Injection / cross site scripting
2.56 07/10/2005 Utopia News Pro 1.1.3 SQL Injection / cross site scripting software: site: http://www.utopiasoftware.net axss: http://target/path/header.php?sitetitle=/titlescriptalertdocument.cookie/script!-- http://target/path/footer.php?version=scriptalertdocument.cookie/script...
Fusionv-6.00.109.txt
PHP-Fusion v6.00.109 SQL Injection / admin|users credentials disclosure site: http://www.php-fusion.co.uk - if magicquotes off - SQL Injection, poc: http://target/pathtoPhpFusion/messages.php?msgsend=' UNION SELECT userpassword FROM fusionusers WHERE username='adminusername'/ now hash is showed i...
mybloggie.pl.txt
!/usr/bin/perl -w SQL Injection Exploit for myBloggie 2.1.1 - 2.1.2 This exploit show the username of the administrator of the blog and his password crypted in MD5 Coded by Alberto Trivero and Discovered with CorryL Related advisories: Italian...
Portail PHP 1.3 - SQL Injection
Portail PHP 1.3 - SQL Injection !/usr/bin/perl -w SQL Injection Exploit for Portail PHP .? / && print "+ Username of administrator is: $1\n"; print "- Unable to retrieve username\n" if!$1; $page=m/ : .?/ && print "+ MD5 hash of password is: $1\n"; print "- Unable to retrieve hash of password\n"...
waraxe-2005-SA042.txt
================================================================================ waraxe-2005-SA042 ================================================================================ Multiple vulnerabilities in Coppermine Photo Gallery 1.3.2...
phpStat 1.5 - setup.php Authentication Bypass (PHP) (2)
phpStat 1.5 - setup.php Authentication Bypass PHP 2 ? / PHP Stat Administrative User Authentication Bypass POC Exploit Code by Nikyt0x - Soulblack Security Research Advisory: http://www.soulblack.com.ar/repo/papers/phpstatadvisory.txt Saludos: Soulblack Staff, Status-x, NeosecurityTeam, KingMetal...
PhotoPost - Arbitrary Data Hash
!/usr/bin/perl PhotoPost Arbitrary Data Exploit -------------------------------- INFPG - Hacking&Security Research Use first the exploit code,then You'll get admin MD5 hash and user name on your mail. Greats: Infam0us Gr0up team/crew/fans,Zone-H,securiteam,str0ke-milw0rm,addict3d,...
WowBB view_user.php SQL Injection Vulnerability
An attacker can exploit this vulnerability to gain admin username and password. http://www.wowbb.com/ Vulnerable versions: 1.6 1.61 1.62 Proof of concept: http://www.example.com/wowbb/viewuser.php?list=1&letter=&sortby='SQL Injection...
waraxe-2004-SA013.txt
================================================================================ waraxe-2004-SA013 ================================================================================ Critical sql injection bug in PhpBB 2.0.8 and in older versions...
[waraxe-2004-SA#013 - Critical sql injection bug in PhpBB 2.0.8 and in older versions]
================================================================================ waraxe-2004-SA013 ================================================================================ Critical sql injection bug in PhpBB 2.0.8 and in older versions...