Joomla! 1.5.x - SQL Error Information Disclosure

source: https://www.securityfocus.com/bid/44674/info Joomla! is prone to an information-disclosure vulnerability due to an SQL error. Exploiting this issue can allow attackers to gain access to sensitive information contained in the application's database. Successful exploits may lead to other...

Real Estate Broker(in ISRAEL) <= Remote SQL Injection Vulnerability

Exploit for php platform in category web applications =================================================================== Real Estate Brokerin ISRAEL Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail : submitatinj3ct0r.co...

ndCMS - SQL Injection

ndCMS - SQL Injection ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-27-ndcms-sql-injection-vulnerability/ ''' Abysssec Inc Public Advisory Title : ndCMS Sql Injection Vulnerability Affected...

CVE-2010-2772

Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568...

PT-2010-4286

Name of the Vulnerable Software and Affected Versions Siemens Simatic WinCC and PCS 7 SCADA system affected versions not specified Description The issue concerns a hard-coded password in the system, allowing local users to access a back-end database and gain privileges. This has been demonstrated...

SQL injection vulnerability in CMSQLite

Vulnerability ID: HTB22462 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityincmsqlite1.html Product: CMSQLite Vendor: CMSQLite-Team Vulnerable Version: 1.3 and Probably Prior Versions Vendor Notification: 29 June 2010 Vulnerability Type: SQL Injection Status: Not Fixed, Vendor...

Uphotogallery Server SQL Injection Vulnerabilty

Exploit for asp platform in category web applications =============================================== Uphotogallery Server SQL Injection Vulnerabilty =============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 ...

Gekko CMS SQL Injection

/ \ / | | | \ / | | | | | | | | | | || | | | | | | | | '| | | | | | | | | | |/ \ / |/ / / | | | | || | || | || || | / || | | | / | | || / / |/ || ,|\|,| +-+-+-+-+ |C|r|e|w| +-+-+-+-+ Gekko CMS SQL Injection Vulnerability Discovered By 0iZy5 http://r00tDefaced.com Greetz: sHoKeD-bYte,...

Gekko CMS - SQL Injection

/ \ / | | | \ / | | | | | | | | | | || | | | | | | | | '| | | | | | | | | | |/ \ / |/ / / | | | | || | || | || || | / || | | | / | | || / / |/ || ,|\|,| +-+-+-+-+ |C|r|e|w| +-+-+-+-+ Gekko CMS SQL Injection Vulnerability Discovered By 0iZy5 http://r00tDefaced.com Greetz: sHoKeD-bYte,...

BlaherTech Placeto CMS - Username SQL Injection

BlaherTech Placeto CMS - Username SQL Injection source: https://www.securityfocus.com/bid/41190/info BlaherTech Placeto CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...

CMS IneDuCom SQL Injection

Exploit Title: SQLi to CMS IneDuCom ================================================================ Websites designed or CMS provided by HYM is vulnerable to sqli. HYM is from 1998, they provide services in online tech and software.They provide CMS and Rankstinger...

eFront 3.x - &#039;ask_chat.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/40032/info eFront is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, ...

XT-Commerce v1 Beta 1 permission to bypass the Modify download backup vulnerability-vulnerability warning-the black bar safety net

Premiere: the Red section of the network security Author: Amxking Submitted to: indoushka Vulnerability program: XT-Commerce v1 Beta 1 Affected version: v1 Beta 1 Risk level: medium Vulnerability description: Amxking:the vulnerability is I and the foreign Avengers team communication time obtained...

Excitemedia CMS - SQL Injection

Excitemedia CMS - SQL Injection !/usr/bin/perl -w Excitemedia CMS Sql injection vulnerability + Author : Dr.0rYX AND Cr3W-DZ + Greetz : HIS0K4 - claw and all the other friends + inurl:”galleryimage.php?imageid=” + Vendor: http://www.excitemedia.com.au + sell script with host print "\t\t|...

CVE-2009-4799

Diskos CMS 6.x stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for 1 artiklerprod.mdb or 2 medlemmer.mdb...

PhpMesFilms 1.8 - SQL Injection

PhpMesFilms 1.8 - SQL Injection ======================================================================================== | Title : PhpMesFilms 1.8 SQL Injection Vulnerability | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com | Tested on: windows SP2 Français V.Pnx2...

ms-sql-hasdbaccess NSE Script

Queries Microsoft SQL Server ms-sql instances for a list of databases a user has access to. SQL Server credentials required: Yes use ms-sql-brute, ms-sql-empty-password and/or mssql.username & mssql.password Run criteria: Host script: Will run if the mssql.instance-all, mssql.instance-name or...

ms-sql-tables NSE Script

Queries Microsoft SQL Server ms-sql for a list of tables per database. SQL Server credentials required: Yes use ms-sql-brute, ms-sql-empty-password and/or mssql.username & mssql.password Run criteria: Host script: Will run if the mssql.instance-all, mssql.instance-name or mssql.instance-port scri...

CVE-2010-1065

Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/lebisoft.mdb...

Uebimiau Webmail v3.2.0-2.0 | Email Disclosure Vulnerability

Exploit for unknown platform in category web applications ============================================================ Uebimiau Webmail v3.2.0-2.0 | Email Disclosure Vulnerability ============================================================ Exploit Title: Uebimiau Webmail v3.2.0-2.0 | Email...