iDesign CMS v2.7 - SQL Injection Web Vulnerability

Document Title: =============== iDesign CMS v2.7 - SQL Injection Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1865 Release Date: ============= 2016-06-29 Vulnerability Laboratory ID VL-ID: ==================================== 1865...

DouPHP admin/article.php image parameter SQL injection

No description provided by source...

WDS CMS /wds_news/article.php SQL注入

Exploit : http:// Target/wdsnews/article.php?ID=-1+union+select+1,groupconcatusername,0x3a,password,3,4,5,6,7,8,9,10+from+cmsadmin-- Upload Shell : http://Target/wdsnews/admin.php?mode=listfile Shell Path : http://Target/wdsnews/filer/shell.php...

XOOPS 2.0.14 (article.php) SQL Injection Vulnerability

No description provided by source. / \ / | | | \ / | | | | | | | | | | || | | | | | | | | '| | | | | | | | | | |/ \ / |/ / / | | | | || | || | || || | / || | | | / | | || / / |/ || ,|\|,| +-+-+-+-+ |C|r|e|w| +-+-+-+-+ XOOPS 2.0.14 article.php SQL Injection Vulnerability Discovered By 0iZy5...

Synology DSM 4.3-3827 (article.php) - Blind SQL Injection

No description provided by source. Title: Synology DSM Blind SQL Injection Version affected: = 4.3-3827 Vendor: Synology Discovered by: Michael Wisniewski Status: Patched The file /photo/include/blog/article.php contains a Blind SQL Injection Vulnerability in the 'value' variable in the URL. The...

N/X - Web CMS (N/X WCMS 4.5) Multiple Vulnerability

No description provided by source. N/X - Web CMS N/X WCMS 4.5 Multiple Vulnerability =================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'...

XOOPS 2.0.14 Article Module - 'article.php' SQL Injection Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import re class TestPOCPOCBase: vulID = '84999' ssvid version = '1.0' author = 'kikay' vulDate = '2008-05-06' createDate ...

Miraserver 1.0 RC4 article.php cat Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15960/info Miraserver is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful...

DB[CMS] (article.php) SQL Injection Vulnerability

No description provided by source. DBCMS article.php SQL Injection Vulnerability ------------------------------------------------------------------------------------------- Author: blackraptor Mail: [email protected] Script Home: http://www.debliteck.com/how.php Dork: Designed and...

ACGV News <= 0.9.1 (PathNews) Remote File Inclusion Vulnerability

No description provided by source. ============================================================================================== ACGV News = v0.9.1 PathNews Remote File Inclusion Exploit =============================================================================================== Critical Leve...

leaftec cms multiple vulnerabilities

No description provided by source. Exploit Title: leaftec cms multiple vulnerabilities Date: 21.03.2010 Author: Valentin Höbel Version: Tested on: Debian etch CVE : Code : :: General information :: leaftec cms multiple vulnerabilities discovered :: by Valentin Höbel :: [email protected] ::...

Limelight Software (article.php) SQL Injection Vulnerability

No description provided by source...

Synology DSM 4.3-3827 - &#039;article.php&#039; Blind SQL Injection

Title: Synology DSM Blind SQL Injection Version affected: :80/ Cookie: PHPSESSID=; visitday= Host: Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64 AppleWebKit/537.36 KHTML, like Gecko Chrome/28.0.1500.63 Safari/537.36 Accept: /...

phpMBBcms 004 /modul/article/article.php SQL注入漏洞

No description provided by source...

CVE-2013-5099

Cross-site scripting XSS vulnerability in article.php in Anchor CMS 0.9.1, when comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Name field. NOTE: some sources have reported that comments.php is vulnerable, but certain functions from comments.php are us...

Sql injection

Multiple SQL injection vulnerabilities in SenseSites CommonSense CMS allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 special.php, 2 article.php, or 3 cat2.php...

Design/Logic Flaw

article.php in Virtual War aka VWar 1.6.1 R2 allows remote attackers to cause a denial of service memory consumption via a large integer in the ratearticleselect parameter...

CVE-2010-5063

SQL injection vulnerability in article.php in Virtual War aka VWar 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the ratearticleselect parameter...

CVE-2010-5279

CVE-2010-5279 affects Virtual War (aka VWar) 1.6.1 R2. The issue is a remote DoS due to memory consumption triggered by a large integer in the ratearticleselect parameter of article.php. Connected documents confirm the impact as described; no exploit code or broader exploitability details are pro...

CVE-2010-5063

The CVE-2010-5063 issue affects Virtual War (aka VWar) 1.6.1 R2: a SQL injection in article.php exploitable via the ratearticleselect parameter may allow remote attackers to execute arbitrary SQL commands. This is a server-side input handling flaw in the affected product/component, enabling unrel...