3 matches found
Live Forms - Visual Form Builder 3.0.1 - Blind SQL Injection
The AJAX action ‘getreqlist’ is available to all logged in users. The parameter ‘ipp’ sent to this action is vulnerable to Blind MySQL Injection. This can be leveraged by detecting how long a query takes to return...
phpEventCalendar 0.2.3 - Multiple Vulnerabilities
phpEventCalendar v.0.2.3 Multiple Vulnerabilities ==================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script : http://www.phpcodeworks.com/pec/download...
NewLife Blogger <= 3.0 Insecure Cookie Handling / SQL Injection Vuln
Exploit for unknown platform in category web applications ==================================================================== NewLife Blogger eNYe-Sec - www.enye-sec.org Cookie format is: nlb3=7::96e79218965eb72c92a549dd5a330112 nlb3=iduser::md5 pass --Bug -- 143. function checkLogin 144. // loi...