18 matches found
Ubiquiti Inc.: XW 6.2.0 firmware: 5 Reflected XSS issues in link.cgi
AirMax XW.v6.2.0 multiple end-points with parameters vulnerable to reflected cross site scripting XSS, allowing attackers to abuse the user' session information and/or account takeover of the admin user. These vulnerabilities were found on AirMax AirMax AirOS v6.2.0 and prior versions for TI, XW...
MailGust <= 1.9 (board takeover) SQL Injection Exploit
No description provided by source. ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...
Cyphor <= 0.19 (board takeover) SQL Injection Exploit
No description provided by source. ?php quoted from rgod 1if magic quotes off - SQL Injection: /str0ke --- cyphor019xpl.php 7.36 08/10/2005 Cyphor 0.19 possibly prior versions SQL injection / board takeover by rgod site: http://rgod.altervista.org make these changes in php.ini if you have trouble...
Cyphor 0.19 lostpwd.php nick Field SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15047/info Cyphor is prone to multiple cross-site scripting and SQL injection vulnerabilities. Exploitation could allow for theft of cookie-based authentication credentials or unauthorized access to database data. Other...
versatileBulletinBoard V1.0.0 RC2 (possibly prior versions) multiple SQL injection vulnerabilities / login bypass / board takeover
Software: ZeroBlog Vendor: http://www.sothq.net Version: 1.2a , 1.1f Bug: XSS Exploitation: Remote --------------------------- Introduction: Zeroblog: Feature ritch weblog, d-board, live webcam option, and requires 3th party software, calendar, poll system, photogallery, smileys, search engine, 8...
versatileBulletinBoard 1.00 RC2 (board takeover) SQL Injection Exploit
Exploit for unknown platform in category web applications ====================================================================== versatileBulletinBoard 1.00 RC2 board takeover SQL Injection Exploit ====================================================================== ?php --- versatilexpl.php 4....
versatileBulletinBoard 1.00 RC2 - Board Takeover (SQL Injection)
?php --- versatilexpl.php 4.08 11/10/2005 versatileBulletinBoard 1.00 RC2 possibly prior versions SQL injection / board takeover this exploit describes the vulnerability described here: http://rgod.altervista.org/versatile100RC2.html with a change: with magicquotes both on or off, you can reset...
Cyphor 0.19 SQL Injection / Board takeover / cross site scripting
Cyphor 0.19 SQL Injection / Board takeover / cross site scripting 1if magic quotes off - SQL Injection: by "Forgot your password?" feature you can send yourself a new admin password and reset it, poc: email: youremail nick: 'or'X'='X soon, you will receive an email like this: You have registered...
Cyphor 0.19 - Board Takeover (SQL Injection)
SQL Injection:" /str0ke --- cyphor019xpl.php 7.36 08/10/2005 Cyphor 0.19 possibly prior versions SQL injection / board takeover by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on registerglobals = on...
Cyphor 0.19 - Board Takeover (SQL Injection)
Cyphor 0.19 - Board Takeover SQL Injection SQL Injection:" /str0ke --- cyphor019xpl.php 7.36 08/10/2005 Cyphor 0.19 possibly prior versions SQL injection / board takeover by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...
Cyphor <= 0.19 (board takeover) SQL Injection Exploit
No description provided by source. ?php quoted from rgod "1if magic quotes off - SQL Injection:" /str0ke --- cyphor019xpl.php 7.36 08/10/2005 Cyphor 0.19 possibly prior versions SQL injection / board takeover by rgod site: http://rgod.altervista.org make these changes in php.ini if you have...
Cyphor <= 0.19 (board takeover) SQL Injection Exploit
Exploit for unknown platform in category web applications ===================================================== Cyphor SQL Injection:" /str0ke --- cyphor019xpl.php 7.36 08/10/2005 Cyphor 0.19 possibly prior versions SQL injection / board takeover by rgod make these changes in php.ini if you have...
maildisgust.txt
MailGust 1.9 SQL injection / board takevor software: site: http://www.mailgust.org/ description: Mailgust is three softwares in one: Mailing list manager Newsletter distribution tool Message Board Mailgust is written in php and uses a mysql database. vulnerability: if magic quotes off - SQL...
PhpMyFAQ 1.5.1 multiple vulnerabilities
2.31 23/09/2005 PhpMyFaq 1.5.1 SQL injection / board takeover / user info disclosure / path disclosure remote code / commands execution software: site: http://www.phpmyfaq.de/ description: "phpMyFAQ is a multilingual, completely database-driven FAQ-system. It supports various databases to store a...
MailGust 1.9 - Board Takeover (SQL Injection)
MailGust 1.9 - Board Takeover SQL Injection ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...
MailGust <= 1.9 (board takeover) SQL Injection Exploit
No description provided by source. ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...
MailGust <= 1.9 (board takeover) SQL Injection Exploit
Exploit for unknown platform in category web applications ====================================================== MailGust = 1.9 board takeover SQL Injection Exploit ====================================================== ?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / boa...
MailGust 1.9 - Board Takeover (SQL Injection)
?php mailgustxpl.php MailGust 1.9 possibly prior versions SQL Injection / board takeover poc exploit with generic HTTP proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = on registerglobals =...