13185 matches found
CVE-2014-3857
Multiple SQL injection vulnerabilities in Kerio Control Statistics in Kerio Control formerly WinRoute Firewall before 8.3.2 allow remote authenticated users to execute arbitrary SQL commands via the 1 x16 or 2 x17 parameter to print.php...
CVE-2014-3482 rubygem-activerecord: SQL injection vulnerability in 'bitstring' quoting
SQL injection vulnerability in activerecord/lib/activerecord/connectionadapters/postgresqladapter.rb in the PostgreSQL adapter for Active Record in Ruby on Rails 2.x and 3.x before 3.2.19 allows remote attackers to execute arbitrary SQL commands by leveraging improper bitstring quoting. It was...
CA Total Defense Suite reGenerateReports Stored Procedure SQL Injection
No description provided by source. $Id: catotaldefenseregeneratereports.rb 13810 2011-10-02 17:03:23Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...
Joomla JE Directory Component SQL Injection Vulnerability
No description provided by source. ----------------------------Information------------------------------------------------ +Name : joomla JE Directory = SQL injection Vulnerability Exploit +Autor : Easy Laster +Date : 30.09.2010 +Script : joomla JE Directory +Demo :...
Joomla Component (com_virtuemart) order_status_id SQL Injection Vulnerability
No description provided by source. ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comvirtuemart SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON:...
Joomla (com_jbpublishdownfp) SQL Injection Vulnerability
No description provided by source. ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla comjbpublishdownfp SQL Injection Vulnerability LANGUAGE: PHP DORK: N/A RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom TESTED ON:...
Joomla Component Ignite Gallery 0.8.3 - SQL Injection Vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import re class TestPOCPOCBase: vulID = '65822' ssvid version = '1.0' author = 'kikay' vulDate = '2009-02-19' createDate ...
WordPress Mz-jajak plugin <= 2.1 - SQL Injection Vulnerability
No description provided by source. Exploit Title: WordPress Mz-jajak plugin = 2.1 SQL Injection Vulnerability Date: 2012-08-10 Author: StRoNiX E-mail: [email protected] Software Link: http://downloads.wordpress.org/plugin/mz-jajak.zip Version: 2.1 tested --------------- PoC POST data...
KLINK SQL Injection Vulnerability
No description provided by source. Andr?s G?mez Exploit Title : KLINK Sql Injection Vulnerability Date : 2010-12-31 Author : Andr?s G?mez Software Developed by : http://www.contacto.comhttp://www.contacto.com.com/ Contact : [email protected] Dork : allinurl:.php?txtCodiInfo= An attacker m...
WordPress Zotpress plugin <= 4.4 - SQL Injection Vulnerability
No description provided by source. Exploit Title: WordPress Zotpress plugin = 4.4 SQL Injection Vulnerability Date: 2011-09-04 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/zotpress.4.4.zip Version: 4.4 tested Note: magicquotes...
Joomla Component PhotoMap Gallery 1.6.0 - Multiple Blind SQL Injection
No description provided by source. PhotoMap Gallery 1.6.0 Joomla Component Multiple Blind SQL Injection Name PhotoMap Gallery Vendor http://extensions.joomla.org/extensions/photos-a-images/photo-gallery/10658 Versions Affected 1.6.0 Author Salvatore Fresta aka Drosophila Website...
Mambo Component Ricette 1.0 - Remote SQL Injection Vulnerability
No description provided by source. joomla SQL Injectioncomricette AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl: comricette DORK 2 : allinurl: comricetteid EXPLOIT :...
Joomla Component com_job (showMoreUse) SQL injection vulnerability
No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import re class TestPOCPOCBase: vulID = '67141' ssvid version = '1.0' author = 'hhxx' vulDate = '2009-12-08' createDate =...
Joomla (Yelp Component) SQL Injection Vulnerability
No description provided by source. ...BEGIN ADVISORY... !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! TITLE: Joomla Yelp Component SQL Injection Vulnerability LANGUAGE: PHP RESEARCHER: B-HUNT3|2 CONTACT: bhunt3ratnospamgmaildotnospamcom...
Docebo LMS <= 4.0.4 - (messages) Remote Code Execution
No description provided by source. ?php / Docebo LMS = v4.0.4 messages remote code execution exploit vendor: http://www.docebo.com/ software link: http://www.docebo.com/community/doceboCms/ author: mrme::rwx kru email: steventhomasseeley!gmail!com We must become the change we want to see in the...
People Joomla Component 1.0.0 - SQL Injection Vulnerability
No description provided by source. People Joomla Component 1.0.0 SQL Injection Vulnerability Name People Vendor http://www.ptt-solution.com Versions Affected 1.0.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2011-01-1...
CVE-2014-4649
SQL injection vulnerability in the photo-edit subsystem in Piwigo 2.6.x and 2.7.x before 2.7.0beta2 allows remote authenticated administrators to execute arbitrary SQL commands via the associate field...
Sql injection
SQL injection vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
CVE-2013-6311
SQL injection vulnerability in IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...
Revive Adserver 'www/delivery/axmlrpc.php' 'what' Parameter SQL Injection
The Revive Adserver install hosted on the remote web server is affected by a SQL injection vulnerability because the 'www/delivery/axmlrpc.php' script fails to properly sanitize user-supplied input passed to the 'what' parameter. This can allow a remote, unauthenticated attacker to execute...