Lucene search
K

3918 matches found

Exploit DB
Exploit DB
added 2005/03/11 12:0 a.m.43 views

phpDEV5 - Remote Default Insecure Users

------------------------------------------------------------------------ PHPDev5 Remote Insecure Default Users & Passwords vuln. By : Ali7 e-mail : [email protected] date : 09-03-2k5 greetz : all my friends ; AlkaeN ; s4a.cc boyz ; Target : PHPDev 5 URL : www.firepages.com.au -...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2005/03/11 12:0 a.m.16 views

phpDEV5 Remote Default Insecure Users Vuln

No description provided by source. ------------------------------------------------------------------------ PHPDev5 Remote Insecure Default Users & Passwords vuln. By : Ali7 e-mail : [email protected] date : 09-03-2k5 greetz : all my friends ; AlkaeN ; s4a.cc boyz ; Target : PHPDev 5 URL :...

7.1AI score
Exploits0
0day.today
0day.today
added 2005/03/11 12:0 a.m.273 views

phpDEV5 Remote Default Insecure Users Vuln

Exploit for unknown platform in category web applications ========================================== phpDEV5 Remote Default Insecure Users Vuln ========================================== ------------------------------------------------------------------------ PHPDev5 Remote Insecure Default Users...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2005/03/01 12:0 a.m.17 views

PHPCOIN 1.2 - login.php Multiple Cross-Site Scripting Vulnerabilities

PHPCOIN 1.2 - login.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12686/info Multiple remote input-validation vulnerabilities affect phpCOIN because the application fails to properly sanitize user-supplied input before using it to carry out critical...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2005/02/22 12:0 a.m.690 views

vpasp.txt

VP-ASP Shopping Cart Version 5.0 Google style by fris Finding VP-ASP 5.00 Sites in Google: In google type: intitle:VP-ASP Shopping Cart 5.00 You will find many websites with VP-ASP 5.00 cart software installed Now lets goto the exploit the page will be like this:...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/21 12:0 a.m.96 views

Sybase SQL sa Account Blank Password

The remote Sybase SQL server has the default 'sa' account enabled without any password. An attacker may use this flaw to execute commands against the remote host as well as read database content. C Tenable Network Security, Inc. This script is based on mssqlblankpassword.nasl which is C H D Moore...

6AI score
Exploits0
securityvulns
securityvulns
added 2005/02/08 12:0 a.m.35 views

[SePro Bugtraq] SQL-Injection in PerlDesk 1.x

SQL-Injection in PerlDesk Discovered by deluxe89 and Astovidatu www.security-project.org Vendor: LogicNow Homepage: http://www.perldesk.com/ Vulnerable versions: 1.x Login required: no Description: "PerlDesk is a feature packed web based help desk and email management application designed to...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2005/02/05 12:0 a.m.43 views

[SA14124] Mambo Global Variables Security Bypass Vulnerability

TITLE: Mambo Global Variables Security Bypass Vulnerability SECUNIA ADVISORY ID: SA14124 VERIFY ADVISORY: http://secunia.com/advisories/14124/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: From remote SOFTWARE: Mambo 4.x http://secunia.com/product/872/ DESCRIPTION: A vulnerability...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/02/02 12:0 a.m.33 views

RHEL 2.1 / 3 : perl (RHSA-2005:069)

An updated perl-DBI package that fixes a temporary file flaw in DBI::ProxyServer is now available. DBI is a database access Application Programming Interface API for the Perl programming language. The Debian Security Audit Project discovered that the DBI library creates a temporary PID file in an...

2.1CVSS5.4AI score0.00412EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2005/02/01 2:49 p.m.30 views

Low: Red Hat Security Advisory: perl security update

An updated perl-DBI package that fixes a temporary file flaw in DBI::ProxyServer is now available. DBI is a database access Application Programming Interface API for the Perl programming language. The Debian Security Audit Project discovered that the DBI library creates a temporary PID file in an...

2.1CVSS5.8AI score0.00412EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2005/01/19 12:0 a.m.19 views

phpMyWebHosting Authentication SQL Injection

The remote host is running PHPMyWebHosting, a web hosting management interface written in PHP. The remote version of this software does not perform a proper validation of user-supplied input and is, therefore, vulnerable to a SQL injection attack. An attacker may execute arbitrary SQL statements...

7.5CVSS6.1AI score0.02444EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2005/01/02 12:0 a.m.84 views

IBProArcade index.php Arcade Module gameid Parameter SQL Injection

The remote host is running ibProArcade, a web-based score board system written in PHP. One of the application's CGIs, index.php, is affected by a SQL injection vulnerability in the 'gameid' parameter. An attacker may exploit this flaw to execute arbitrary SQL statements against the remote databas...

7.5CVSS6.2AI score0.0133EPSS
Exploits1References2
NVD
NVD
added 2004/12/31 5:0 a.m.11 views

CVE-2004-2551

Multiple SQL injection vulnerabilities in Layton HelpBox 3.0.1 allow remote attackers to execute arbitrary SQL commands via 1 the syscommentid parameter in editcommentenduser.asp, 2 the syssuspendid parameter in editsuspensionuser.asp, 3 the table parameter in exportdata.asp, 4 the sysanalgroup...

7.5CVSS8.3AI score0.0229EPSS
Exploits1References15
exploitpack
exploitpack
added 2004/12/14 12:0 a.m.12 views

ASP-Rider - SQL Injection

ASP-Rider - SQL Injection source: https://www.securityfocus.com/bid/11933/info A remote SQL injection vulnerability reportedly affects ASP-Rider Web blog. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in SQL queries. An attacker m...

Exploits0
Packet Storm
Packet Storm
added 2004/11/20 12:0 a.m.31 views

mp-invision.txt

SQL-injection in Invision Power Board 2.x MaxPatrol Security Advisory 11.18.04 November 18, 2004 Release Date: November 18, 2004 Date Reported: November 12, 2004 Severity: High Application: Invision Power Board v2.x Affects versions: IPB 2.0.0, IPB 2.0.1 and IPB 2.0.2. Platform: PHP I. DESCRIPTIO...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/10/13 12:0 a.m.26 views

bBlog rss.php p Parameter SQL Injection

The remote server runs a version of bBlog, a blogging system written in PHP and released under the GPL, which is as old as or older than version 0.7.4. The remote version of this software is affected by a SQL injection attack in the script 'rss.php'. This issue is due to a failure of the...

7.5CVSS6.4AI score0.01211EPSS
Exploits0References1
securityvulns
securityvulns
added 2004/09/30 12:0 a.m.32 views

Computer Associates Unicenter default password

Database access password is stored in installation batch files as cleartext...

3.6AI score
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.13 views

Debian DSA-428-1 : slocate - buffer overflow

A vulnerability was discovered in slocate, a program to index and search for files, whereby a specially crafted database could overflow a heap-based buffer. This vulnerability could be exploited by a local attacker to gain the privileges of the 'slocate' group, which can access the global databas...

4.6CVSS5.5AI score0.00943EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/09/28 12:0 a.m.40 views

PD9 MegaBBS Multiple Vulnerabilities

The remote host is running MegaBBS, a web-based bulletin board system written in ASP. The remote version of this software is vulnerable to a SQL injection attack due to a lack of sanitization of user-supplied input. An attacker may exploit this flaw to issue arbitrary statements in the remote...

6.1AI score
Exploits0
exploitpack
exploitpack
added 2004/09/18 12:0 a.m.10 views

Remository - SQL Injection

Remository - SQL Injection source: https://www.securityfocus.com/bid/11219/info It is reported that the ReMOSitory module for Mambo is prone to an SQL injection vulnerability. This issue is due to a failure of the module to properly validate user supplied URI input. Because of this, a malicious...

0.1AI score
Exploits0
Rows per page
Query Builder