OpenSupports 2.0 - Blind SQL Injection

Exploit for php platform in category web applications This vulnerability affects /support/login.php emailcorreoelectronico=select0fromselectsleep0v/'%2bselect0fromselectsleep0v%2b'%22%2bselect0fromselectsleep0v%2b%22/&pass=g00dPa%24%24w0rD&Submit2=Login This vulnerability affects...

OpenSupports 2.0 - Blind SQL Injection

Open Support Blind SQL Injection v2.0 Vulnerability =================================================== Author indoushka ================= vendor :http://www.opensupports.com/files/Opensupportsv2EN.rar ================= Dork : Power by OpenSupports © 2009 - 2014. All Rights reserved This...

Church Edit - Blind SQL Injection

Church Edit - Blind SQL Injection Exploit Title: Church Edit Blind SQL Injection Google Dork: inurl:This website is powered by Church Edit Date: 15/3/2013 Exploit Author: ThatIcyChill Vendor Homepage: http://www.churchedit.co.uk/ Version: Initial Release...

Church Edit - Blind SQL Injection

Exploit Title: Church Edit Blind SQL Injection Google Dork: inurl:This website is powered by Church Edit Date: 15/3/2013 Exploit Author: ThatIcyChill Vendor Homepage: http://www.churchedit.co.uk/ Version: Initial Release �������������������������������������������������������������������� The fil...

Synology DSM 4.3-3827 (article.php) - Blind SQL Injection Vulnerability

Synology DSM versions 4.3-3827 and below suffer from a remote blind SQL injection vulnerability. Title: Synology DSM Blind SQL Injection Version affected: :80/ Cookie: PHPSESSID=; visitday= Host: Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64...

Synology DSM 4.3-3827 - article.php Blind SQL Injection

Synology DSM 4.3-3827 - article.php Blind SQL Injection Title: Synology DSM Blind SQL Injection Version affected: :80/ Cookie: PHPSESSID=; visitday= Host: Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64 AppleWebKit/537.36 KHTML, like Gecko...

Synology DSM 4.3-3827 - 'article.php' Blind SQL Injection

Title: Synology DSM Blind SQL Injection Version affected: :80/ Cookie: PHPSESSID=; visitday= Host: Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64 AppleWebKit/537.36 KHTML, like Gecko Chrome/28.0.1500.63 Safari/537.36 Accept: /...

Synology DSM 4.3-3827 Blind SQL Injection

Title: Synology DSM Blind SQL Injection Version affected: :80/ Cookie: PHPSESSID=; visitday= Host: Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64 AppleWebKit/537.36 KHTML, like Gecko Chrome/28.0.1500.63 Safari/537.36 Accept: /...

LuxCal 3.2.2 - Cross-Site Request Forgery Blind SQL Injection

LuxCal 3.2.2 - Cross-Site Request Forgery Blind SQL Injection + Author: TUNISIAN CYBER + Exploit Title: LuxCal v3.2.2 CSRF/Blind SQL Injection Vulnerabilities + Date: 09-03-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-352/CWE-89 + Vendor: http://www.luxsoft.eu/ + Friend...

LuxCal 3.2.2 - Cross-Site Request Forgery / Blind SQL Injection

Author: TUNISIAN CYBER + Exploit Title: LuxCal v3.2.2 CSRF/Blind SQL Injection Vulnerabilities + Date: 09-03-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-352/CWE-89 + Vendor: http://www.luxsoft.eu/ + Friendly Sites: na3il.com,th3-creative.com + Twitter: @TCYB3R...

PicsEngine 2 Beta Cross Site Scripting / SQL Injection

PicsEngine Application error message Vulnerability ================================================== Author indoushka ================================================== vendor : Powered by PicsEngine 2 Beta ================================================== Blind SQL Injection :...

LuxCal v3.2.2 CSRF/Blind SQL Injection Vulnerabilities

LuxCal v3.2.2 suffers from a CSRF and Blind SQL Injection Vulnerabilities. + Author: TUNISIAN CYBER + Exploit Title: LuxCal v3.2.2 CSRF/Blind SQL Injection Vulnerabilities + Date: 09-03-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-352/CWE-89 + Vendor:...

Oracle Demantra 12.2.1 - SQL Injection Vulnerability

Exploit for windows platform in category web applications Details: Application is vulnerable to SQL injection. Impact: An attacker with access to the vulnerable pages could manipulate the queries being sent to the database, potentially enabling them to: - Extract sensitive information, including...

Oracle Demantra 12.2.1 - SQL Injection

Oracle Demantra 12.2.1 - SQL Injection Details: Application is vulnerable to SQL injection. Impact: An attacker with access to the vulnerable pages could manipulate the queries being sent to the database, potentially enabling them to: - Extract sensitive information, including but not limited to...

Oracle Demantra 12.2.1 - SQL Injection

Details: Application is vulnerable to SQL injection. Impact: An attacker with access to the vulnerable pages could manipulate the queries being sent to the database, potentially enabling them to: - Extract sensitive information, including but not limited to authentication credentials and personal...

GDL 4.2 - Multiple Vulnerabilities

GDL 4.2 - Multiple Vulnerabilities - Title : GDL 4.2 Multiple Vulnerabilities - Down. Script : http://kmrg.itb.ac.id/ - http://kmrg.itb.ac.id/gdl42.zip - Author : ByEge - Home : http://byege.blogspot.com.tr/ - Tested : Apache/2.2.22 Win32 PHP/5.4.3 - Date : 26/02/2014 - Google Dork : "Powered by...

Tableau Server 8.0.7 8.1.2 - Blind SQL Injection

Tableau Server 8.0.7 8.1.2 - Blind SQL Injection Trustwave's SpiderLabs Security Advisory TWSL2014-003: Blind SQL Injection Vulnerability in Tableau Server Published: 02/07/14 Version: 1.1 Vendor: Tableau Software http://www.tableausoftware.com Product: Tableau Server Versions affected: 8.1.X...

Tableau Server - Blind SQL Injection Vulnerability

Exploit for php platform in category web applications Blind SQL Injection Vulnerability in Tableau Server Published: 02/07/14 Version: 1.1 Vendor: Tableau Software http://www.tableausoftware.com Product: Tableau Server Versions affected: 8.1.X before 8.1.2 and 8.0.X before 8.0.7. Not present in...

Tableau Server < 8.0.7 / < 8.1.2 - Blind SQL Injection

Trustwave's SpiderLabs Security Advisory TWSL2014-003: Blind SQL Injection Vulnerability in Tableau Server Published: 02/07/14 Version: 1.1 Vendor: Tableau Software http://www.tableausoftware.com Product: Tableau Server Versions affected: 8.1.X before 8.1.2 and 8.0.X before 8.0.7. Not present in...

Automated NoSQL Database Injection Attacks: NoSQLMap

NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases as well as web applications using NoSQL in order to disclose data from the database. It is named as a tribute to Bernardo Damele and...