4691 matches found
PHP-Nuke Advertising Module 0.9 - modules.php SQL Injection
PHP-Nuke Advertising Module 0.9 - modules.php SQL Injection source: https://www.securityfocus.com/bid/26406/info The PHP-Nuke Advertising Module is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A...
phpBB Links MOD Remote Blind SQL Injection Exploit-vulnerability warning-the black bar safety net
? php / D:\usr\local\phpphp test.php http://www.skypebbs.com/ -id=2 ------------------------------------------------------------ phpBB Links MOD Remote Blind SQL Injection Exploit Trojan by flyh4tcnsst.org bug found by Love Fly dork:Links MOD v1. 2. 2 by phpBB2...
smf-blind.txt
SMF is a very hardened php application. If anyone wants an example of some interesting PHP security SMF is a good place to look. Even after being able to injection SQL I had to take another step and bypass some difficult filters found in the dbquery function. Ultimately i was able to do so. This...
smf-sql.txt
!/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total Bypass of SMF's SQL Injection filter. I submitted a...
BBPortalS 2.0 - Blind SQL Injection
BBPortalS BBsProcesS Remote Blind SQL Injection Exploit Bug Found And Write By Max007 Exploit Tested On V.1.5.10 And V.1.6.2 And 1.5.11 info:For The Version BBPortalS 2.0 name of field is user and password but you have to find name of table !/usr/bin/perl use LWP::UserAgent; $err=1; $www = new...
BBPortalS 2.0 - Blind SQL Injection
BBPortalS 2.0 - Blind SQL Injection BBPortalS BBsProcesS Remote Blind SQL Injection Exploit Bug Found And Write By Max007 Exploit Tested On V.1.5.10 And V.1.6.2 And 1.5.11 info:For The Version BBPortalS 2.0 name of field is user and password but you have to find name of table !/usr/bin/perl use...
BBPortalS <= 2.0 Remote Blind SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================== BBPortalS get$sql; if!$res - content = /Warning/ print " The Current number of fields is : $err\n"; $err++; max007; else if$err=...
Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection
!/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total Bypass of SMF's SQL Injection filter. I submitted a...
Vanilla 1.1.3 - Blind SQL Injection
= 4.1, magicquotesgpc=Off Tested on versions 1.1.3, 1.1.2, 1.0.1 echo "------------------------------------------------------------\n"; echo "Vanilla - use specific prefix default LUM\n"; echo "-id= - use specific user id default 1\n"; echo "-c= - benchmark's loop count default 300000\n"; echo "-...
Vanilla 1.1.3 - Blind SQL Injection
Vanilla 1.1.3 - Blind SQL Injection = 4.1, magicquotesgpc=Off Tested on versions 1.1.3, 1.1.2, 1.0.1 echo "------------------------------------------------------------\n"; echo "Vanilla - use specific prefix default LUM\n"; echo "-id= - use specific user id default 1\n"; echo "-c= - benchmark's...
Simple Machines Forum 1.1.3 Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total Bypass of SMF's SQL...
Vanilla <= 1.1.3 Remote Blind SQL Injection Exploit
No description provided by source. ?php Vanilla = 1.1.3 Remote Blind SQL Injection Exploit By InATeam http://inattack.ru/ Requirements: MySQL = 4.1, magicquotesgpc=Off Tested on versions 1.1.3, 1.1.2, 1.0.1 echo "------------------------------------------------------------\n"; echo "Vanilla = 1.1...
Simple Machines Forum (SMF) 1.1.3 - Blind SQL Injection
Simple Machines Forum SMF 1.1.3 - Blind SQL Injection !/usr/bin/perl Written By Michael Brooks contact: th3dotr00katgmaildotcom SMF 1.1.3 Extremely fast Blind SQL Injection Exploit! -Binary Search -Multi-Threaded -NO benchmark's Two SQL Injection flaws. Works with magicquotesgpc=On or Off. Total...
Simple Machines Forum 1.1.3 Remote Blind SQL Injection Exploit
Exploit for unknown platform in category web applications ============================================================== Simple Machines Forum 1.1.3 Remote Blind SQL Injection Exploit ============================================================== !/usr/bin/perl Written By Michael Brooks contact:...
phpstats-multi.txt
32 break; 100. 103. $title='?'; 104. if$option'pagetitle' && isset$GET't' 105. 106. $tmpTitle=htmlspecialcharsaddslashesurldecode$GET't'; 107. if$tmpTitle!='\\\" t \\\"' $title=$tmpTitle; 108. 109. 174. if $loaded=='?' && $title!='?' 175. $result=sqlquery"SELECT lastpage FROM...
Php-Stats 0.1.9.2 Multiple Vulnerabilities Exploit
No description provided by source. ?php / Php-Stats 0.1.9.2 Multiple Vulnerabilities Exploit Blind SQL Injection / Remote Code Execution P.o.C. author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://php-stats.com/downloads details..: works with magicquotesruntime = off 1 Blind SQL...
PHP-Stats 0.1.9.2 - Multiple Vulnerabilities
32 break; 100. 103. $title='?'; 104. if$option'pagetitle' && isset$GET't' 105. 106. $tmpTitle=htmlspecialcharsaddslashesurldecode$GET't'; 107. if$tmpTitle!='\\\" t \\\"' $title=$tmpTitle; 108. 109. 174. if $loaded=='?' && $title!='?' 175. $result=sqlquery"SELECT lastpage FROM...
Php-Stats 0.1.9.2 Multiple Vulnerabilities Exploit
Exploit for unknown platform in category web applications ================================================== Php-Stats 0.1.9.2 Multiple Vulnerabilities Exploit ================================================== 32 break; 100. 103. $title='?'; 104. if$option'pagetitle' && isset$GET't' 105. 106...
PHP-Stats 0.1.9.2 - Multiple Vulnerabilities
PHP-Stats 0.1.9.2 - Multiple Vulnerabilities 32 break; 100. 103. $title='?'; 104. if$option'pagetitle' && isset$GET't' 105. 106. $tmpTitle=htmlspecialcharsaddslashesurldecode$GET't'; 107. if$tmpTitle!='\\\" t \\\"' $title=$tmpTitle; 108. 109. 174. if $loaded=='?' && $title!='?' 175...
MultiCart 1.0 Remote Blind SQL Injection Exploit
No description provided by source. Indonesian Newhack Security Advisory ------------------------------------ MultiCart 1.0 Remote Blind SQL Injection Waktu : Sep 30 2007 02:00AM Software : MultiCart 1.0 Vendor : http://www.iscripts.com/multicart/ Ditemukan oleh : k1tk4t | http://newhack.org Lokas...