18 matches found
Ubiquiti Inc.: XW 6.2.0 firmware: 5 Reflected XSS issues in link.cgi
AirMax XW.v6.2.0 multiple end-points with parameters vulnerable to reflected cross site scripting XSS, allowing attackers to abuse the user' session information and/or account takeover of the admin user. These vulnerabilities were found on AirMax AirMax AirOS v6.2.0 and prior versions for TI, XW...
Cyphor <= 0.19 (board takeover) SQL Injection Exploit
No description provided by source. ?php quoted from rgod 1if magic quotes off - SQL Injection: /str0ke --- cyphor019xpl.php 7.36 08/10/2005 Cyphor 0.19 possibly prior versions SQL injection / board takeover by rgod site: http://rgod.altervista.org make these changes in php.ini if you have trouble...
Cyphor 0.19 lostpwd.php nick Field SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15047/info Cyphor is prone to multiple cross-site scripting and SQL injection vulnerabilities. Exploitation could allow for theft of cookie-based authentication credentials or unauthorized access to database data. Other...
MailGust <= 1.9 (board takeover) SQL Injection Exploit
No description provided by source. ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...
versatileBulletinBoard V1.0.0 RC2 (possibly prior versions) multiple SQL injection vulnerabilities / login bypass / board takeover
Software: ZeroBlog Vendor: http://www.sothq.net Version: 1.2a , 1.1f Bug: XSS Exploitation: Remote --------------------------- Introduction: Zeroblog: Feature ritch weblog, d-board, live webcam option, and requires 3th party software, calendar, poll system, photogallery, smileys, search engine, 8...
versatileBulletinBoard 1.00 RC2 - Board Takeover (SQL Injection)
?php --- versatilexpl.php 4.08 11/10/2005 versatileBulletinBoard 1.00 RC2 possibly prior versions SQL injection / board takeover this exploit describes the vulnerability described here: http://rgod.altervista.org/versatile100RC2.html with a change: with magicquotes both on or off, you can reset...
versatileBulletinBoard 1.00 RC2 (board takeover) SQL Injection Exploit
Exploit for unknown platform in category web applications ====================================================================== versatileBulletinBoard 1.00 RC2 board takeover SQL Injection Exploit ====================================================================== ?php --- versatilexpl.php 4....
Cyphor 0.19 SQL Injection / Board takeover / cross site scripting
Cyphor 0.19 SQL Injection / Board takeover / cross site scripting 1if magic quotes off - SQL Injection: by "Forgot your password?" feature you can send yourself a new admin password and reset it, poc: email: youremail nick: 'or'X'='X soon, you will receive an email like this: You have registered...
Cyphor 0.19 - Board Takeover (SQL Injection)
SQL Injection:" /str0ke --- cyphor019xpl.php 7.36 08/10/2005 Cyphor 0.19 possibly prior versions SQL injection / board takeover by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on registerglobals = on...
Cyphor <= 0.19 (board takeover) SQL Injection Exploit
No description provided by source. ?php quoted from rgod "1if magic quotes off - SQL Injection:" /str0ke --- cyphor019xpl.php 7.36 08/10/2005 Cyphor 0.19 possibly prior versions SQL injection / board takeover by rgod site: http://rgod.altervista.org make these changes in php.ini if you have...
Cyphor 0.19 - Board Takeover (SQL Injection)
Cyphor 0.19 - Board Takeover SQL Injection SQL Injection:" /str0ke --- cyphor019xpl.php 7.36 08/10/2005 Cyphor 0.19 possibly prior versions SQL injection / board takeover by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...
Cyphor <= 0.19 (board takeover) SQL Injection Exploit
Exploit for unknown platform in category web applications ===================================================== Cyphor SQL Injection:" /str0ke --- cyphor019xpl.php 7.36 08/10/2005 Cyphor 0.19 possibly prior versions SQL injection / board takeover by rgod make these changes in php.ini if you have...
maildisgust.txt
MailGust 1.9 SQL injection / board takevor software: site: http://www.mailgust.org/ description: Mailgust is three softwares in one: Mailing list manager Newsletter distribution tool Message Board Mailgust is written in php and uses a mysql database. vulnerability: if magic quotes off - SQL...
PhpMyFAQ 1.5.1 multiple vulnerabilities
2.31 23/09/2005 PhpMyFaq 1.5.1 SQL injection / board takeover / user info disclosure / path disclosure remote code / commands execution software: site: http://www.phpmyfaq.de/ description: "phpMyFAQ is a multilingual, completely database-driven FAQ-system. It supports various databases to store a...
MailGust 1.9 - Board Takeover (SQL Injection)
?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on registerglobals =...
MailGust <= 1.9 (board takeover) SQL Injection Exploit
Exploit for unknown platform in category web applications ====================================================== MailGust = 1.9 board takeover SQL Injection Exploit ====================================================== ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / boa...
MailGust <= 1.9 (board takeover) SQL Injection Exploit
No description provided by source. ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...
MailGust 1.9 - Board Takeover (SQL Injection)
MailGust 1.9 - Board Takeover SQL Injection ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...