Lucene search
+L

70 matches found

prion
prion
added 2012/07/26 10:55 p.m.24 views

Code injection

AirDroid 1.0.4 beta uses the MD5 algorithm for values in the checklogin key parameter and 7bb cookie, which makes it easier for remote attackers to obtain cleartext data by sniffing the local wireless network and then conducting a 1 brute-force attack or 2 rainbow-table attack...

5CVSS6.9AI score0.01264EPSS
Exploits1References2Affected Software1
myhack58
myhack58
added 2011/04/26 12:0 a.m.21 views

phpstcms (STCMS music system) to bypass the backend authentication method-vulnerability warning-the black bar safety net

Published author: the mind Vulnerability type: background verification Vulnerability analysis: a music system-0-in! Throw in the hard disk is also equal to moldy, classic white look at the code. Vulnerability exists in“common.inc.php”file, as follows. phpstcms STCMS music system to bypass the...

0.3AI score
Exploits0
prion
prion
added 2010/03/18 6:30 p.m.11 views

Sql injection

SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...

6.8CVSS9.1AI score0.01957EPSS
Exploits1References4Affected Software1
cvelist
cvelist
added 2010/03/18 6:0 p.m.22 views

CVE-2009-4722

SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...

8.3AI score0.01957EPSS
Exploits1References4
exploitdb
exploitdb
added 2009/07/27 12:0 a.m.31 views

Limny 1.01 - Authentication Bypass

Limny 1.01 Auth Bypass SQL Injection Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Script Homepage : http://www.limny-project.com/ + SQL Injection Vulnerability - Notes : magicquotesgpc = off - Vulnerable code in includes/functions.php...

7.4AI score
Exploits0
packetstorm
packetstorm
added 2007/05/21 12:0 a.m.56 views

tsp-admin.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc4 echo "Usage: php ".$argv0." Host Path ID password Host: target server ip/hostname Path: path of template ID: A Valid Admin ID usally 1 works for the 'admin' nickname password: The PWD you want ...

7.4AI score
Exploits0
zdt
zdt
added 2006/07/07 12:0 a.m.320 views

Pivot <= 1.30 RC2 Privileges Escalation/Remote Code Execution Exploit

Exploit for unknown platform in category web applications ===================================================================== Pivot = 1.30 RC2 Privileges Escalation/Remote Code Execution Exploit ===================================================================== !/usr/bin/php -q -d...

7.1AI score
Exploits0
exploitdb
exploitdb
added 2006/07/07 12:0 a.m.44 views

Pivot 1.30 RC2 - Privilege Escalation / Remote Code Execution

!/usr/bin/php -q -d shortopentag=on ? echo "Pivot = 1.30 RC2 privileges escalation / remote commands execution exploit\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dorks: "Powered byPivot"\n"; echo "version specific: "Powered byPivot - 1.30 RC2"...

7.4AI score
Exploits0
cve
cve
added 2005/05/10 4:0 a.m.47 views

CVE-2004-1993

The CVE-2004-1993 issue affects omail webmail 0.98.5 and stems from an incomplete patch to the checklogin function in omail.pl, which allows remote attackers to run arbitrary commands via shell metacharacters such as backticks in the password. NVD lists a CVSS2 base score of 10.0 (NETWORK, LOW co...

10CVSS8.1AI score0.0473EPSS
Exploits0References4Affected Software1
cvelist
cvelist
added 2005/05/10 4:0 a.m.17 views

CVE-2004-1993

The patch to the checklogin function in omail.pl for omail webmail 0.98.5 is incomplete, which allows remote attackers to execute arbitrary commands via shell metacharacters such as "" backticks in the password...

7.7AI score0.0473EPSS
Exploits0References4
Rows per page
Query Builder