Elemental Software CartWIZ 1.20 - Multiple SQL Injections

Elemental Software CartWIZ 1.20 - Multiple SQL Injections source: https://www.securityfocus.com/bid/14180/info CartWIZ is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries...

UBBCentral UBB.Threads 5.5.16.x - addfav.php?main SQL Injection

UBBCentral UBB.Threads 5.5.16.x - addfav.php?main SQL Injection source: https://www.securityfocus.com/bid/14052/info UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful...

UBBCentral UBB.Threads 5.5.16.x - notifymod.php?Number SQL Injection

UBBCentral UBB.Threads 5.5.16.x - notifymod.php?Number SQL Injection source: https://www.securityfocus.com/bid/14052/info UBB.Threads is prone to multiple SQL injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A...

DUware DUamazon Pro 3.0/3.1 - 'productEdit.asp?iCat' SQL Injection

source: https://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise ...

DUware DUamazon Pro 3.0/3.1 - 'catDelete.asp?iCat' SQL Injection

source: https://www.securityfocus.com/bid/14033/info DUamazon Pro is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise ...

Early Impact ProductCart 2.6/2.7 - 'OptionFieldsEdit.asp?idccr' SQL Injection

source: https://www.securityfocus.com/bid/13881/info ProductCart is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation could result in a compromise o...

DUware DUclassmate 1.x - default.asp?iState SQL Injection

DUware DUclassmate 1.x - default.asp?iState SQL Injection source: https://www.securityfocus.com/bid/14036/info DUclassmate is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit...

JGS-Portal 3.0.13.0.2 - jgs_portal_themengraf.php?year SQL Injection

JGS-Portal 3.0.13.0.2 - jgsportalthemengraf.php?year SQL Injection source: https://www.securityfocus.com/bid/13650/info JGS-Portal is prone to multiple cross-site scripting and SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied...

Shop-Script - categoryId SQL Injection

source: https://www.securityfocus.com/bid/13633/info Shop-Script is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the...

Maxwebportal 1.3 - custom_link.asp Multiple SQL Injections

Maxwebportal 1.3 - customlink.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/13466/info MaxWebPortal is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using ...

Maxwebportal 1.3 - dl_popular.asp SQL Injection

Maxwebportal 1.3 - dlpopular.asp SQL Injection source: https://www.securityfocus.com/bid/13466/info MaxWebPortal is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL...

Ocean12 Calendar Manager 1.0 - Admin Form SQL Injection

Ocean12 Calendar Manager 1.0 - Admin Form SQL Injection source: https://www.securityfocus.com/bid/13279/info Ocean12 Calendar Manager is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL...

Microsoft Jet Database - 'msjet40.dll' DB File Buffer Overflow

/ -------------------------------------- Microsoft Jet msjet40.dll Exploit -------------------------------------- Author: ---------- S.Pearson Computer Terrorism UK www.computerterrorism.com 11/04/2005 Credits: ---------- Hexview original advisory Tested on: ------------- Windows 2000 SP4 english...

APT-webshop 3.04.0 - modules.php Multiple SQL Injections

APT-webshop 3.04.0 - modules.php Multiple SQL Injections source: https://www.securityfocus.com/bid/17425/info APT-webshop is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL...

Active Auction House - default.asp Multiple SQL Injections

Active Auction House - default.asp Multiple SQL Injections source: https://www.securityfocus.com/bid/13032/info Active Auction House is reportedly affected by multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input befo...

eaea.class.php.txt

|| Raza Mexicana Hackers Team - http://www.raza-mexicana.org / // Just change this vars ------------------------------ $hackernick = 'hax0r'; $hackerpass = 'eaea'; $basepathurl = "/home/victim/publichtml/"; -- ending slash // ---------------------------------------------------- $body = END ?php...

ASP-Nuke 1.0/1.2/1.3 - Remote User Database Access

source: https://www.securityfocus.com/bid/9355/info A problem has been identified in ASP-Nuke when user credentials are stored on a system. Because of this, an attacker may be able to gain unauthorized access to sensitive information. http://www.example.com/db/main.mdb...

ASP-Nuke 1.01.21.3 - Remote User Database Access

ASP-Nuke 1.01.21.3 - Remote User Database Access source: https://www.securityfocus.com/bid/9355/info A problem has been identified in ASP-Nuke when user credentials are stored on a system. Because of this, an attacker may be able to gain unauthorized access to sensitive information...

sql injection in phpbb

I found a vulnerability en phpbb 2.0.5 and prior, is probably also affect 2.0.6 this bug don't affect to version 2.0.7 phpbb have a list of registereds users, when you click on a memebr of this list, you are requesting data to the database for example:...

Virtual Programming VP-ASP 5.00 - 'shopexd.asp' SQL Injection (2)

source: https://www.securityfocus.com/bid/8159/info It has been reported that VP-ASP does not sufficiently sanitize user input passed to the shopexd.asp script contained in the software. As a result, it may be possible for remote attackers to embed SQL commands which are to be passed to the...