PsychoStats 3.2.2b (awards.php, id param) - Blind SQL Injection

No description provided by source. Exploit Title : PsychoStats awards.php blind SQL Injection ============== Date: 27/03/2013 00:50 ===== Author: Mohamed from ALG ====== Vendor or Software Link:http://psychostats.us/ ======================= Version: 3.2.2b ======== Category: webapps =========...

webSPELL <= 4.01.02 Multiple Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV3 print \n \'/ ; print \n -.- ; print \n -------------------oOO------OOo--------------------; print \n | webSPELL = v4.01.02 Multiple Remote SQL Injection |; print \n | coded by DNX |; print \n...

CVE-2013-3721

SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter...

Sql injection

SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter...

CVE-2013-3721

PsychoStats 3.2.2b contains an SQL injection in awards.php; the vulnerability is triggered via the d parameter and can allow remote attackers to execute arbitrary SQL commands. The root cause is improper input handling in the affected script, enabling manipulation of database queries. Documented ...

CVE-2013-3721

SQL injection vulnerability in awards.php in PsychoStats 3.2.2b allows remote attackers to execute arbitrary SQL commands via the d parameter...

PsychoStats 3.2.2b - &#039;awards.php&#039; Blind SQL Injection

Exploit Title : PsychoStats awards.php blind SQL Injection ============== Date: 27/03/2013 00:50 ===== Author: Mohamed from ALG ====== Vendor or Software Link:http://psychostats.us/ ======================= Version: 3.2.2b ======== Category: webapps ========= Google Keywords: "Powered by PsychoSta...

CVE-2009-1912

Directory traversal vulnerability in src/func/language.php in webSPELL 4.2.0e and earlier allows remote attackers to include and execute arbitrary local .php files via a .. dot dot in a language cookie. NOTE: this can be leveraged for SQL injection by including awards.php...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in PsychoStats 3.0.6b allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 awards.php, 2 login.php, 3 register.php, 4 weapons.php, and possibly other unspecified files...

CVE-2007-2914

Multiple cross-site scripting XSS vulnerabilities in PsychoStats 3.0.6b allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 awards.php, 2 login.php, 3 register.php, 4 weapons.php, and possibly other unspecified files...

CVE-2007-2914

Multiple cross-site scripting XSS vulnerabilities in PsychoStats 3.0.6b allow remote attackers to inject arbitrary web script or HTML via the PATHINFO to 1 awards.php, 2 login.php, 3 register.php, 4 weapons.php, and possibly other unspecified files...

RedLevel Advisory #017 - PsychoStats v3.0.6b Multiple Cross-Site Scripting Vulnerabilities

PsychoStats v3.0.6b Multiple Cross-Site Scripting Vulnerabilities PsychoStats contains multiple cross-site scripting vulnerabilities that may be exploited through the URI. Vulnerable Files: awards.php, login.php, register.php, weapons.php - other files may also be susceptible to this vulnerabilit...