Cells Blog 3.3 - Reflected Cross-Site Scripting / Blind SQLite Injection

Exploit: Cells v3.3 XSS Reflected & Blind SQLite Injection + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + version: Cells Blog 3.3 + Vendor Homepage: http://cells.tw + 14/01/2014 vendor contacted + 17/01/2014 no response from vendor + 20/01/2014 no response from vendor +...

CMS Afroditi 1.0 Blind SQL Injection

Exploit Title: CMS Afroditi v.1.0 Blind SQL Injection Date: 30/12/2013 Exploit Author: projectzero labs Vendor Homepage: http://www.naxtech.com Vendor Informed: 20 & 24/12/2013 Software Demo: http://afroditi.naxtech.com Version: v.1.0 About the software: =================== Αs indicated in the...

InstantCMS 1.10.3 - Blind SQL Injection

Exploit for windows platform in category web applications Advisory Details: High-Tech Bridge Security Research Lab discovered blind SQL injection vulnerability in InstantCMS, which can be exploited to perform SQL Injection attacks, alter SQL requests and compromise vulnerable application. 1 SQL...

iScripts Multicart SQL Injection

Iscripts multicart Multiple vulnerabilities Author : i-Hmx [email protected] sec4ever.com - Vendor have been contacted since 2 years for more than 20 times and he don't give ashit @ all :/ I.Sql Injection Vulns /getProductOptionDetailsAjax.php For Table name Post productoptionid=i-Hmx'/!1337union...

Osclass 3.3 Cross Site Request Forgery / SQL Injection / Traversal

=-=-=-=-=-=-=-=-=-=-=-=-=-=-In The Name Of Allah The Mercifull-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Vendor: http://osclass.org + Software:Osclass + Version : 3.3 author: R3d-D3v!L + TEAM: ABH ? contact: Xathotmail.co.jp - ? Date: 14.d3c.2ol3 ? T!ME: 04:54 am GMT ? Home: soon ^ ?...

CVE-2013-5694 Blind SQL Injection in Ops View

CVE-2013-5694 Blind SQL Injection in Ops View Versions: Opsview pre 4.4.1 Author: J. Oquendo joquendo at e-fensive dot net I. ADVISORY Title: Blind SQL Injection in OpsView Date published: 2013-10-28 Vendor contacted: 2013-09-04 II. BACKGROUND Opsview is a systems management software built on ope...

RedAxScript 1.1 SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

appRain 3.0.2 - Blind SQL Injection

appRain 3.0.2 - Blind SQL Injection Advisory ID: HTB23177 Product: appRain Vendor: appRain Vulnerable Versions: 3.0.2 and probably prior Tested Version: 3.0.2 Advisory Publication: October 9, 2013 without technical details Vendor Notification: October 9, 2013 Public Disclosure: November 6, 2013...

appRain 3.0.2 - Blind SQL Injection

Advisory ID: HTB23177 Product: appRain Vendor: appRain Vulnerable Versions: 3.0.2 and probably prior Tested Version: 3.0.2 Advisory Publication: October 9, 2013 without technical details Vendor Notification: October 9, 2013 Public Disclosure: November 6, 2013 Vulnerability Type: SQL Injection...

Opsview pre 4.4.1 - Blind SQL Injection Vulnerability

Exploit for php platform in category web applications CVE-2013-5694 Blind SQL Injection in Ops View Versions: Opsview pre 4.4.1 Author: J. Oquendo joquendo at e-fensive dot net I. ADVISORY Title: Blind SQL Injection in OpsView Date published: 2013-10-28 Vendor contacted: 2013-09-04 II. BACKGROUND...

Opsview pre 4.4.1 - Blind SQL Injection

Opsview pre 4.4.1 - Blind SQL Injection CVE-2013-5694 Blind SQL Injection in Ops View Versions: Opsview pre 4.4.1 Author: J. Oquendo joquendo at e-fensive dot net I. ADVISORY Title: Blind SQL Injection in OpsView Date published: 2013-10-28 Vendor contacted: 2013-09-04 II. BACKGROUND Opsview is a...

Opsview pre 4.4.1 - Blind SQL Injection

CVE-2013-5694 Blind SQL Injection in Ops View Versions: Opsview pre 4.4.1 Author: J. Oquendo joquendo at e-fensive dot net I. ADVISORY Title: Blind SQL Injection in OpsView Date published: 2013-10-28 Vendor contacted: 2013-09-04 II. BACKGROUND Opsview is a systems management software built on ope...

XAMPP for Windows 1.8.2 - Blind SQL Injection

XAMPP for Windows 1.8.2 - Blind SQL Injection Exploit Title: XAMPP for Windows 1.8.2 Blind Sql Injection Date: 2013/10/28 Exploit Author: Sebastián Magof Vendor Homepage: apachefriends.org Software Link: apachefriends.org/en/xampp-windows.html Version:1.8.2/1.7.7 Tested on: Windows Twitter: @smag...

XAMPP for Windows 1.8.2 - Blind SQL Injection

Exploit Title: XAMPP for Windows 1.8.2 Blind Sql Injection Date: 2013/10/28 Exploit Author: Sebastián Magof Vendor Homepage: apachefriends.org Software Link: apachefriends.org/en/xampp-windows.html Version:1.8.2/1.7.7 Tested on: Windows Twitter: @smagof Greetz: Family, Friends && Under guys;...

cmseasy盲注漏洞

简要描述： cmseasy盲注漏洞 详细说明： 出错的是一个通用函数，所以注入不只一处，在这里就用能够相对简单利用的来写。 lib/default/ballotact.php function indexaction if front::post'submit' if !front::post'ballot' front::alertlang'Pleaseselectvote'; return false; / if config::get'checkip' $time=cookie::get'vttime'; if time -$time recupdate$data,$where;...

Wordpress WP Realty Plugin - Blind SQL Injection Vulnerability

Exploit for php platform in category web applications $$$$$$\ $$\ $$\ $$$$$$\ $$ $$\ $$ | $$ | $$ $$\ $$ / | $$ | $$ | $$ / | $$ |$$$$\ $$$$$$$$ | $$$$$$\ $$ |$$ | $$ $$ | $$\ $$ | $$ | $$ | $$ | $$\ $$ | $$$$$$ |$$\ $$ | $$ |$$\$$$$$$ | / || ||/ Exploit Title: Wordpress - wp-realty -...

WordPress WP Realty Blind SQL Injection

$$$$$$\ $$\ $$\ $$$$$$\ $$ $$\ $$ | $$ | $$ $$\ $$ / | $$ | $$ | $$ / | $$ |$$$$\ $$$$$$$$ | $$$$$$\ $$ |$$ | $$ $$ | $$\ $$ | $$ | $$ | $$ | $$\ $$ | $$$$$$ |$$\ $$ | $$ |$$\$$$$$$ | / || ||/ Exploit Title: Wordpress - wp-realty - MySQL Time Based Injection Google Dork:...

WordPress Plugin Realty - Blind SQL Injection

WordPress Plugin Realty - Blind SQL Injection $$$$$$\ $$\ $$\ $$$$$$\ $$ $$\ $$ | $$ | $$ $$\ $$ / | $$ | $$ | $$ / | $$ |$$$$\ $$$$$$$$ | $$$$$$\ $$ |$$ | $$ $$ | $$\ $$ | $$ | $$ | $$ | $$\ $$ | $$$$$$ |$$\ $$ | $$ |$$\$$$$$$ | / || ||/ Exploit Title: Wordpress - wp-realty - MySQL...

Imperva SecureSphere Web Application Firewall MX Blind SQL Injection

Imperva SecureSphere WAF MX version 9.5.6 suffers from a remote blind SQL injection vulnerability. Blind SQL Injection to Imperva SecureSphere Web Application Firewall MX ======================================================================= ADVISORY INFORMATION Title: Blind SQL Injection on...

Imperva SecureSphere Web Application Firewall MX 9.5.6 - Blind SQL Injection

The management console of Imperva WAF allows an authenticated user having the only privilege to view lookup dataset, to perform a privilege escalation, and extract through a blind sql injection, the MD5 hash of Administrator's account on the console. Blind SQL Injection to Imperva SecureSphere We...