115 matches found
Taobao Dr mutual brush platform Alliance upload vulnerability-vulnerability warning-the black bar safety net
In fact, this vulnerability is a dynamic Shopping Mall that upload issue. if session“useridname””" or session“AdminName””" then this is uploadflash. the asp file to access the authentication, you'll need to register a user can upload. With a bright kid direct upload. Find a keyword, but you can...
Xxasp <= 3.3.2 SQL Injection
Exploit for unknown platform in category web applications ============================ Xxasp = 3.3.2 SQL Injection ============================ Name: Xxasp Version: 3.3.2 ===========================================================...
Sql injection
Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow remote attackers to execute arbitrary SQL commands via the 1 adminName parameter to cp/auth.php, 2 cid parameter to artcat.php, and 3 catid parameter to show.php...
Mobilelib Gold v3 (Auth Bypass/SQL) Multiple Remote Vulnerabilities
No description provided by source. ------------------Mobilelib Gold v3 Auth Bypass/SQL Multiple Remote Vulnerabilities---------------------------- ---------------------------------------------------------------------------------------------------------------- Script : Mobilelib Gold version : 3.0...
Mobilelib Gold 3.0 - Authentication Bypass / SQL Injection
------------------Mobilelib Gold v3 Auth Bypass/SQL Multiple Remote Vulnerabilities---------------------------- ---------------------------------------------------------------------------------------------------------------- Script : Mobilelib Gold version : 3.0 Language: PHP Site:...
CVE-2008-6228
Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the 1 adminname and the 2 adminid cookies to "admin"...
Authentication flaw
Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the 1 adminname and the 2 adminid cookies to "admin"...
rxmaxsoft-sql.txt
Provozováno na RS MAXSOFT SQL-Injection PAGE:http://redakcni-system.maxsoft.cz/ AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : "RS MAXSOFT" DORK 2 : "Provozováno na RS MAXSOFT" you will see...
MeGaCheatZ 1.1 Multiple Remote SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications ============================================================ MeGaCheatZ 1.1 Multiple Remote SQL Injection Vulnerabilities ============================================================...
CVE-2007-6502
Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...
动易vote.asp注入漏洞
以下是一些细节。 VoteOption参数注入其他的参数就没看了 他们先过滤了"--"再过滤";" 动易 暂无 VoteOption的值为1=1 update PEAdmin set adminname=0x61-;-时,修改管理员的用户名。...
Techno Dreams Guestbook 1.0 (key) Remote SQL Injection Vulnerability
No description provided by source. Title : Techno Dreams Guestbook v1.0 guestbookview.asp Remote SQL Injection Vulnerability Author : ajann Script Page: http://www.t-dreams.com http://target/path/guestbookview.asp?key= SQL Example:...
CVE-2006-4736
The CVE-2006-4736 entry describes multiple SQL injection vulnerabilities in index.php of CMS.R. 5.5, allowing remote attackers to execute arbitrary SQL commands via the adminname and adminpass parameters. The root cause is SQL injection in the affected PHP script, leading to potential data exposu...
CVE-2006-0079
SQL injection vulnerability in auth.php in ScozNet ScozBook BETA 1.1 allows remote attackers to execute arbitrary SQL commands via the username field adminname variable...
[eVuln] ScozBook "adminname" Authentication Bypass
New eVuln Advisory: ScozBook "adminname" Authentication Bypass --------------------Summary---------------- Vendor: ScozNet Vendor's Web Site: http://www.scoznet.com/ Software: ScozBook Sowtware's Web Site: http://sourceforge.net/projects/scozbook/ Versions: BETA 1.1 Critical Level: Moderate Type:...