Joomla JoomRecipe 1.0.4 SQL Injection

Exploit Title: Joomla JoomRecipe 1.0.4 Component - Blind SQL Injection Vulnerability Date: 20.07.2017 Exploit Author: Teng Vendor Homepage: http://joomboost.com/ Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/food-a-beverage/joomrecipe/ Version: 1.0.4 Platform:...

Gongwalker API Manager 1.1 Blind SQL Injection Vulnerability

Gongwalker API Manager version 1.1 suffers from a remote blind SQL injection vulnerability. Exploit Title: gongwalker API Manager v1.1 - Blind SQL Injection Date: 2017-05-10 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: https://github.com/gongwalker/ApiManager Softwa...

Emby MediaServer 3.2.5 Boolean-based Blind SQL Injection Vulnerability

Summary Emby formerly Media Browser is a media server designed to organize, play, and stream audio and video to a variety of devices. Emby is open-source, and uses a client-server model. Two comparable media servers are Plex and Windows Media Center. Description Emby suffers from a blind SQL...

NewsBee CMS - SQL Injection

NewsBee CMS - SQL Injection Exploit Title: NewsBee CMS – SQL Injection Date: 06.02.2017 Software Link: https://codecanyon.net/item/newsbee-fully-featured-news-cms-with-bootstrasp-php-mysql/19404937?srank=2 Exploit Author: Kaan KAMIS Contact: iletisimatk2andotcom Website: http://k2an.com Category:...

phpWebAdmin 1.0 SQL Injection Vulnerability

phpWebAdmin version 1.0 suffers from a remote SQL injection vulnerability. !/usr/bin/perl -w phpWebAdmin Version 1.0 SQL Injection Proof Of Concept Exploit =============================================================== Discovered by NA , NAattutanota.com ========================================...

OpenCimetiere 3.0.0-a5 Blind SQL Injection

Exploit Title: OpenCimetiere v3.0.0-a5 | Blind SQL Injection Date: 06/08/16 Exploit Author: Wad Deek Vendor Homepage: http://www.openmairie.org/ Software Link: http://www.openmairie.org/catalogue/opencimetiere/ Version: 3.0.0-a5 +3.0.0-a5 /opencimetiere/HISTORY.txt Tested on: Xampp with PostgreSQ...

Sql injection

Blind SQL Injection in filedownload v1.4 wordpress plugin...

Sql injection

Blind SQL Injection in wordpress plugin dukapress v2.5.9...

PHP Classifieds Rental Script - Blind SQL Injection

PHP Classifieds Rental Script - Blind SQL Injection x========================================================================================================================================x | Title : PHP Classifieds Rental Script Blind SQL Vulnerabilities | Software : PHP Classifieds Rental Scri...

Nexthon Whois Website Value Calculator 1.5 SQL Injection

======================================================================== | Title : Nexthon Whois Website Value Calculator 1.5 Blind Sql injection | Author : indoushka | email : [email protected] | Tested on : windows 8.1 FranASSais V.Pro | Version : v1.5 | Vendor :...

Ktools Photostore 4.7.5 - Blind SQL Injection

No description provided by source...

Gongwalker API Manager 1.1 - Blind SQL Injection

Exploit for php platform in category web applications gongwalker API Manager v1.1 - Blind SQL Injection Exploit Title: gongwalker API Manager v1.1 - Blind SQL Injection Date: 2016-01-25 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage:...

Pligg CMS 2.0.2 - Multiple SQL Injections

Pligg CMS 2.0.2 - Multiple SQL Injections Security Advisory - Curesec Research Team 1. Introduction Affected Product: Pligg CMS 2.0.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: http://pligg.com/ Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor:...

Mail.ru: Time-Based Blind SQL Injection Attacks

Здравствуйте, на сайте http://jh.my.com/forum/ajax/render/memberlistitems обнаружена blind sql. При отправке в POST-запросе : criteriastartwith=ifnow=sysdate,sleep0,0/"XORifnow=sysdate,sleep0,0OR"/ Сервер будет отрабатывать заданное время. Прикрепляю скрин...

ManageEngine Password Manager Pro 6.5 < 7.1 Build 7105 Blind SQL Injection

The remote host is running a version of ManageEngine Password Manager Pro between 6.5 inclusive and 7.1 Build 7105. It is, therefore, affected by a blind SQL injection vulnerability due to a failure to validate the 'SEARCHALL' parameter. %NASLMINLEVEL 70300 C Tenable, Inc...

WordPress Photo Gallery Blind SQL injection Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

Phase botnet blind SQL injection vulnerability

Get Phase botnet login information via blind SQL injection. Usage Info php pwn.php ?php // Panel.zip hash: c49c74a609b24284a0a66fc008c4d8f2 // Start with PHP CLI php pwn.php settimelimit0; // Adjust this : define'SLEEPTIME', '4'; define'PAGETIME', 4; define'URL', 'http://localhost/Phase/';...

CMS VIA-X SQL Injection

Blind Sql Injection on CMS VIA-X + Date: 23/07/2014 + CWE Number : CWE-89 + Risk: High + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.viax.com.br/ + Contact: [email protected] + Tested on: Windows 7 and Linux + Vulnerable File: ultimasnoticias.php + Dork :...

Parodia 6.8 employer-profile.asp SQL Injection

No description provided by source. Exploit Title: Parodia 6.8 and early SQL injection Date: June 24 2012 Exploit Author:Carlos Mario Penagos Hollmann Vendor Homepage: http://www.parodia.net/ Version: 6.8 CVE : CVE-2011-2751 http://server/' --- blind SQL http://server/agencyprofile.asp?AGID='...

Joomla Component com_extcalendar Blind SQL Injection Vulnerability

No description provided by source. 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 Joomla Component comextcalendar Blind SQL Injection Vulnerability 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 Date: 20/08/2010 0 Author : Lagripe-Dz 1 contact :...