XOOPS Flashgames Module 1.0.1 - SQL Injection

================================================================ Xoops Flashgames Module 1.0.1 Remote Blind SQL Injection ================================================================ Bulan: Cyber-security.org ================================================================ Exploit:...

phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit

No description provided by source. !-- phpMySpace Gold v8.10 - Blind SQL/XPath Injection Exploit Vulnerable Variable: itemid Vulnerable File: modules/news/article.php Vulnerable: phpMySpace Gold v8.10 other versions should also be vulnerable Google d0rk: "Powered by phpMySpace Gold 8.10" John...

pmsgold-sql.txt

phpMySpace Gold v8.10 - Blind SQL/XPath Injection Exploit phpMySpace Gold v8.10 - Blind SQL/XPath Injection Exploitdiscovered by John MartinelliGoogle d0rk: "Powered by Ripe Website Manager"...

phpMySpace Gold (v8.10) - Blind SQL/XPath Injection Exploit

!-- phpMySpace Gold v8.10 - Blind SQL/XPath Injection Exploit Vulnerable Variable: itemid Vulnerable File: modules/news/article.php Vulnerable: phpMySpace Gold v8.10 other versions should also be vulnerable Google d0rk: "Powered by phpMySpace Gold 8.10" John Martinelli [email protected]...

MyBulletinBoard (MyBB) 1.2.5 - calendar.php Blind SQL Injection

MyBulletinBoard MyBB 1.2.5 - calendar.php Blind SQL Injection !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print " \n"; print " \n"; print " MyBulletinBoard \n"; print " Example: perl mybb.pl www.host.com /mybb/ -u 5 \n"; print " \n"; print " Options: \n"; print " -u User-ID,...

nuclearbb-sql.txt

NuclearBB Alpha 1 - Multiple Blind SQL/XPath Injection Vulnerabilities Vulnerable: NuclearBB Alpha 1 Google d0rk: "This forum is powered by NuclearBB" ============= String Inputs ============= ---------------------------- login.php - $POST'submit' ---------------------------- username=xyz...

MyBulletinBoard (MyBB) <= 1.2.2 (CLIENT-IP) SQL Injection Exploit

No description provided by source. !/usr/bin/perl LOGO Mybb = 1.2.2 Remote SQL Injecton Exploit v.2.0 uused: SQL CLIENTIP vulnerability !need: Mysql = 4.1 wwork: blind sql-inj ggoogle: Powered By MyBB coded by Elekt antichat.ru Coments Описание: Работа эксплойта...

MyBulletinBoard (MyBB) 1.2.2 - 'CLIENT-IP' SQL Injection

!/usr/bin/perl LOGO Mybb = 4.1 wwork: blind sql-inj ggoogle: Powered By MyBB coded by Elekt antichat.ru Coments Описание: Работа эксплойта основана на sql-инъекции в HTTPCLIENTIP. Неавторизованный пользователь может...

xoopswflinks-sql.txt

!/usr/bin/perl Script Name: XOOPS Module WF-Links : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User ID uid: "; $id = ; chop $id; $target =...

XOOPS Module WF-Snippets 1.02 (c) - Blind SQL Injection

XOOPS Module WF-Snippets 1.02 c - Blind SQL Injection XOOPS Module WF-Snippets //'=============================================================================================== //'Script Name: XOOPS Module WF-Snippets = 1.02 c BLIND SQL Injection Exploit //'Coded by : ajann //'Author : ajann...

XOOPS Module Rha7 Downloads 1.0 (visit.php) SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================= XOOPS Module Rha7 Downloads 1.0 visit.php SQL Injection Exploit ================================================================= !/usr/bin/perl Script Name: XOOPS Module Rh...

XOOPS Module WF-Snippets <= 1.02 (c) BLIND SQL Injection Exploit

No description provided by source. html head titleXOOPS Module WF-Snippets = 1.02 c BLIND SQL Injection Exploit/title script type="text/javascript" //'=============================================================================================== //'Script Name: XOOPS Module WF-Snippets = 1.02 c...

XOOPS Module WF-Snippets <= 1.02 (c) BLIND SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================ XOOPS Module WF-Snippets XOOPS Module WF-Snippets //'=============================================================================================== //'Script Name: XOOPS...

HP_MQC_Run_Any_Query.txt

!/usr/bin/perl HP Mercury Quality Center runQuery exploit. Run whatever SQL you want on there db - without SQL injection. Problem is client can do "RunQuery" command os we write program to do this. Client can lots other things it should not also! The backend database can be MSSQLServer or Oracle ...

XOOPS Module WF-Snippets 1.02 (c) - Blind SQL Injection

XOOPS Module WF-Snippets //'=============================================================================================== //'Script Name: XOOPS Module WF-Snippets = 1.02 c BLIND SQL Injection Exploit //'Coded by : ajann //'Author : ajann //'Contact : : //'S.Page : http://www.xoops.org/ //'$$ :...

HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit

Exploit for multiple platform in category remote exploits ==================================================================== HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit ==================================================================== !/usr/bin/perl HP Mercury Qualit...

HP Mercury Quality Center 9.0 build 9.1.0.4352 - SQL Execution

HP Mercury Quality Center 9.0 build 9.1.0.4352 - SQL Execution !/usr/bin/perl HP Mercury Quality Center runQuery exploit. Run whatever SQL you want on there db - without SQL injection. Problem is client can do "RunQuery" command os we write program to do this. Client can lots other things it shou...

xoopsxfsec-sql.txt

XOOPS Module XFsection //'=============================================================================================== //'Script Name: XOOPS Module XFsection = 1.07 articleid BLIND SQL Injection Exploit //'Coded by : ajann //'Author : ajann //'Contact : : //'Dork : inurl:/modules/xfsection/...

XOOPS Module PopnupBlog 2.52 - &#039;postid&#039; Blind SQL Injection

XOOPS Module PopnupBlog //'=============================================================================================== //'Script Name: XOOPS Module PopnupBlog = 2.52 postid BLIND SQL Injection Exploit //'Coded by : ajann //'Author : ajann //'Contact : : //'S.Page : http://www.bluemooninc.biz/...

Malaika System MyAds Xoops模块Index.php SQL注入漏洞

Malaika System MyAds是一款基于PHP的WEB应用程序。 Malaika System MyAds不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息。 问题是'Index.PHP'脚本对用户提交的'cid'参数缺少过滤，提交恶意SQL代码作为参数数据，可导致更改原来的SQL逻辑，获得敏感信息。 Malaika System MyAds 2.04jp 目前没有解决方案提供： http://malaika.s31.xrea.com/ !/usr/bin/perl Script Name: Xoops Module MyAds Bug Fix ...