Lucene search
K

115 matches found

myhack58
myhack58
added 2010/07/29 12:0 a.m.30 views

Taobao Dr mutual brush platform Alliance upload vulnerability-vulnerability warning-the black bar safety net

In fact, this vulnerability is a dynamic Shopping Mall that upload issue. if session“useridname””" or session“AdminName””" then this is uploadflash. the asp file to access the authentication, you'll need to register a user can upload. With a bright kid direct upload. Find a keyword, but you can...

1.2AI score
Exploits0
0day.today
0day.today
added 2009/11/30 12:0 a.m.61 views

Xxasp <= 3.3.2 SQL Injection

Exploit for unknown platform in category web applications ============================ Xxasp = 3.3.2 SQL Injection ============================ Name: Xxasp Version: 3.3.2 ===========================================================...

7.1AI score
Exploits0
Prion
Prion
added 2009/08/17 4:30 p.m.15 views

Sql injection

Multiple SQL injection vulnerabilities in Mobilelib GOLD 3 allow remote attackers to execute arbitrary SQL commands via the 1 adminName parameter to cp/auth.php, 2 cid parameter to artcat.php, and 3 catid parameter to show.php...

7.5CVSS9.3AI score0.00907EPSS
Exploits1References2Affected Software1
seebug.org
seebug.org
added 2009/08/01 12:0 a.m.36 views

Mobilelib Gold v3 (Auth Bypass/SQL) Multiple Remote Vulnerabilities

No description provided by source. ------------------Mobilelib Gold v3 Auth Bypass/SQL Multiple Remote Vulnerabilities---------------------------- ---------------------------------------------------------------------------------------------------------------- Script : Mobilelib Gold version : 3.0...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/08/01 12:0 a.m.28 views

Mobilelib Gold 3.0 - Authentication Bypass / SQL Injection

------------------Mobilelib Gold v3 Auth Bypass/SQL Multiple Remote Vulnerabilities---------------------------- ---------------------------------------------------------------------------------------------------------------- Script : Mobilelib Gold version : 3.0 Language: PHP Site:...

7.4AI score
Exploits0
NVD
NVD
added 2009/02/20 11:30 p.m.16 views

CVE-2008-6228

Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the 1 adminname and the 2 adminid cookies to "admin"...

7.5CVSS7.2AI score0.02663EPSS
Exploits0References3
Prion
Prion
added 2009/02/20 11:30 p.m.10 views

Authentication flaw

Pre Multi-Vendor Shopping Malls allows remote attackers to bypass authentication and gain administrative access by setting the 1 adminname and the 2 adminid cookies to "admin"...

7.5CVSS7.8AI score0.02663EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2008/04/11 12:0 a.m.22 views

rxmaxsoft-sql.txt

Provozováno na RS MAXSOFT SQL-Injection PAGE:http://redakcni-system.maxsoft.cz/ AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : "RS MAXSOFT" DORK 2 : "Provozováno na RS MAXSOFT" you will see...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/12/24 12:0 a.m.20 views

MeGaCheatZ 1.1 Multiple Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ MeGaCheatZ 1.1 Multiple Remote SQL Injection Vulnerabilities ============================================================...

7.1AI score
Exploits0
NVD
NVD
added 2007/12/20 8:46 p.m.18 views

CVE-2007-6502

Hosting Controller 6.1 Hot fix 3.3 and earlier allows remote authenticated users to obtain sensitive information via 1 the AdminName and AdminLevel parameters to fp2000/NEWSRVR.asp, which discloses usernames; and 2 certain XML HTTP requests to hosting/css.asp using Microsoft.XMLHTTP or...

5.5CVSS5.8AI score0.0275EPSS
Exploits0References9
seebug.org
seebug.org
added 2007/10/31 12:0 a.m.31 views

动易vote.asp注入漏洞

以下是一些细节。 VoteOption参数注入其他的参数就没看了 他们先过滤了"--"再过滤";" 动易 暂无 VoteOption的值为1=1 update PEAdmin set adminname=0x61-;-时,修改管理员的用户名。...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/31 12:0 a.m.26 views

Techno Dreams Guestbook 1.0 (key) Remote SQL Injection Vulnerability

No description provided by source. Title : Techno Dreams Guestbook v1.0 guestbookview.asp Remote SQL Injection Vulnerability Author : ajann Script Page: http://www.t-dreams.com http://target/path/guestbookview.asp?key= SQL Example:...

7.1AI score
Exploits0
CVE
CVE
added 2006/09/13 10:0 p.m.43 views

CVE-2006-4736

The CVE-2006-4736 entry describes multiple SQL injection vulnerabilities in index.php of CMS.R. 5.5, allowing remote attackers to execute arbitrary SQL commands via the adminname and adminpass parameters. The root cause is SQL injection in the affected PHP script, leading to potential data exposu...

7.5CVSS8.9AI score0.01308EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2006/01/04 11:0 a.m.22 views

CVE-2006-0079

SQL injection vulnerability in auth.php in ScozNet ScozBook BETA 1.1 allows remote attackers to execute arbitrary SQL commands via the username field adminname variable...

8.3AI score0.01315EPSS
Exploits1References7
securityvulns
securityvulns
added 2006/01/04 12:0 a.m.27 views

[eVuln] ScozBook &quot;adminname&quot; Authentication Bypass

New eVuln Advisory: ScozBook "adminname" Authentication Bypass --------------------Summary---------------- Vendor: ScozNet Vendor's Web Site: http://www.scoznet.com/ Software: ScozBook Sowtware's Web Site: http://sourceforge.net/projects/scozbook/ Versions: BETA 1.1 Critical Level: Moderate Type:...

0.8AI score
Exploits0
Rows per page
Query Builder