486 matches found
DeluxeBB 1.0 misc.php uid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/14851/info DeluxeBB is prone to multiple SQL injection vulnerabilities. These are due to a lack of proper sanitization of user-supplied input before being sent to SQL queries. Successful exploitation could result in a...
KLINK SQL Injection Vulnerability
No description provided by source. Andr?s G?mez Exploit Title : KLINK Sql Injection Vulnerability Date : 2010-12-31 Author : Andr?s G?mez Software Developed by : http://www.contacto.comhttp://www.contacto.com.com/ Contact : [email protected] Dork : allinurl:.php?txtCodiInfo= An attacker m...
GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities
No description provided by source. Title: ====== GENU CMS 2012.3 - Multiple SQL Injection Vulnerabilities Date: ===== 2012-04-30 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=538 VL-ID: ===== 538 Introduction: ============= GENU is a Content Management System written...
Randshop Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/15599/info Randshop is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...
LiSK CMS 4.4 - SQL Injection Vulnerability
No description provided by source. Vulnerability ID: HTB22373 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinliskcms1.html Product: LiSK CMS Vendor: Createch-group Vulnerable Version: 4.4 Vendor Notification: 06 May 2010 Vulnerability Type: SQL Injection Status: Not Fixed,...
Joomla! 'com_mygallery' Component - 'cid' Parameter SQL Injection Vulnerability
No description provided by source. Bugtraq ID: 37121 Class: Input Validation Error Published: Feb 21 2008 12:00AM Updated: Nov 24 2009 10:15PM Credit: S@BUN Vulnerable: Joomla commygallery 0 The 'commygallery' component for Joomla! is prone to an SQL-injection vulnerability because it fails to...
Phenotype CMS 3.0 - SQL Injection
No description provided by source. Vulnerability ID: HTB22769 Reference: http://www.htbridge.ch/advisory/sqlinjectioninphenotypecms.html Product: Phenotype CMS Vendor: http://www.phenotype-cms.com http://www.phenotype-cms.com Vulnerable Version: 3.0 Vendor Notification: 21 December 2010...
Oracle Database Server 8.1.7/9.0.x ctxsys.driload Access Validation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11099/info Oracle Database Server is prone to an access validation vulnerability that may permit unprivileged users to execute commands as the DBA. This could compromise the database. SQL exec ctxsys.driload.validatestmt...
Noah's Classifieds 1.2/1.3 Index.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14833/info Noah's Classifieds is prone to an SQL injection vulnerability. This is due to a lack of proper sanitization of user-supplied input before using it in an SQL query. Successful exploitation could result in a...
ezDatabase 2.1.2 index.php db_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15908/info ezDatabase is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. ezDatabase is prone to an SQL injection...
PT-2014-21: Multiple SQL injection vulnerabilities in Wonderware Information Server
The specialists of the Positive Research center have detected multiple SQL injection vulnerabilities in Wonderware Information Server. WIS is vulnerable to SQL Injection vulnerabilities by performing database operations that were unintended by the web application designer and, in some instances,...
Z-Blog php Edition front regular SQL blind injection vulnerability-vulnerability warning-the black bar safety net
Brief description: The second...also a bit puzzled want to ask your developer Detailed description: The problem /zbsystem/function/csystemcommon.php function GetVars$name,$type='REQUEST' if $type=='ENV' $array=&$ENV; if $type=='GET' $array=&$GET; if $type=='POST' $array=&$POST; if $type=='COOKIE'...
[ISecAuditors Security Advisories] PL/SQL Injection in Oracle Portal Demo Organization Chart
============================================= INTERNET SECURITY AUDITORS ALERT 2012-001 - Original release date: November 8th, 2012 - Last revised: March 20th, 2013 - Discovered by: Manuel Garcia Cardenas - Severity: 7,1/10 CVSS Base Score - CVE-ID: CVE-2013-3831...
GTX CMS 2013 Optima - Multiple Web Vulnerabilities
Document Title: =============== GTX CMS 2013 Optima - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1124 Release Date: ============= 2013-10-29 Vulnerability Laboratory ID VL-ID: ==================================== 1124...
XAMPP for Windows 1.8.2 - Blind SQL Injection
Exploit Title: XAMPP for Windows 1.8.2 Blind Sql Injection Date: 2013/10/28 Exploit Author: Sebastián Magof Vendor Homepage: apachefriends.org Software Link: apachefriends.org/en/xampp-windows.html Version:1.8.2/1.7.7 Tested on: Windows Twitter: @smagof Greetz: Family, Friends && Under guys;...
elproLOG MONITOR WebAccess 2.1 - Multiple Web Vulnerabilities
Title: ====== elproLOG MONITOR WebAccess 2.1 - Multiple Vulnerabilities Date: ===== 2013-09-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1086 VL-ID: ===== 1086 Common Vulnerability Scoring System: ==================================== 6.7 Introduction: ============...
Timor friends P2P lending system arbitrary file read vulnerability-vulnerability warning-the black bar safety net
Using this system site the back plus the index. php? plugins&q=imgurl&url=QGltZ3VybEAvY29yZS9jb21tb24uaW5jlnboca== Can broke database related information...
Millions of Phonebook records stolen from Truecaller Database
TrueCaller, a popular app built by a Swedish company and world's largest collaborative phone directory compromised by Syrian Electronic Army hackers. Truecaller was running an outdated version 3.5.1 of blogging software WordPress for its web interface and there are millions of Phonebook records...
Habbomobile / Sulake Blind SQL Injection
============================================ Habbomobile-SULAKE- Social Network Blind SQLInjection ============================================= I. VULNERABILITY ------------------------- Habbomobile.com/sulake.com Blind SQLInjection Author:Juan Carlos García Affected items /careers/ /press/award...
Paypal Bug Bounty #52 - SQL Injection Web Vulnerability
Document Title: =============== Paypal Bug Bounty 52 - SQL Injection Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=822 PayPal Security UID: qcm1fe0emw Release Date: ============= 2013-04-02 Vulnerability Laboratory ID VL-ID:...