LinksPro - 'OrderDirection' SQL Injection

source: https://www.securityfocus.com/bid/33305/info LinksPro is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data...

PT-2009-36: Neo CMS SQL Injection Vulnerability

Neo CMS is a content management system CMS software, usually implemented as a Web application, for creating and managing HTML content. It is used to manage and control a large, dynamic collection of Web material HTML documents and their associated images. Vulnerability Description Positive...

U&M Software JustBookIt 1.0 Auth Bypass Vulnerability

No description provided by source. ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || ==============================================================================...

msn-sql.txt

┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

phpWebSite 0.9.3 - links.php SQL Injection

phpWebSite 0.9.3 - links.php SQL Injection source: https://www.securityfocus.com/bid/32011/info phpWebSite is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

persianbb-sql.txt

| | | PersianBB iranianmusic.php id Remote SQL Injection Vulnerability | | |---------------- Hussin X ------------------ | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email: darkangelg85atYahooDoTcom | | | | script : http://www.persianbb.com/ | | DorK : Powered By : PersianBB.com | Exploit:...

intel-sql.txt

┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

Absolute Poll Manager XE 4.1 (xlacomments.php) SQL Injection Vulnerability

No description provided by source. Author : Hakxer Home : Www.educ-up.com Type Gap : Sql injection --MSSQL Injection-- script : Absolute Poll Manager XE see script http://www.xigla.com/absolutepm/demo.htm Greetz : Allah , Egyptian x Hacker , Soufiane , Sinaritx , SQLinj4ct0r , Stealth , Kof2002 T...

symantec-sql.txt

┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

crafty-sql.txt

GulfTech Security Research August 25, 2008 Vendor : Eric Gerdes URL : http://www.craftysyntax.com Version : Crafty Syntax Live Help = 2.14.6 Risk : SQL Injection Description: Crafty Syntax Live Help is a full featured, open source, online support system written in php that allows the visitors of ...

PHP Live Helper 2.0.1 - Multiple Vulnerabilities

GulfTech Security Research August 16, 2008 Vendor : Turnkey Web Tools, Inc URL : http://www.turnkeywebtools.com Version : PHP Live Helper DBsite-queryfirst"SELECT FROM ". $this-dbprefix.$table." where ".$from."='$id'"; if isarray$result foreach $result as $key = $val $info$key = stripslashes$val;...

quickpoll-sql.txt

|| | | Quick Poll code.php id Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangelg85atYahooDoTcom | | | | | | | script :http://discountedscripts.com/productinfo.php?productsid=69 | ||...

phpAuction - 'profile.php' SQL Injection (2)

source: https://www.securityfocus.com/bid/29856/info PHPAuction is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

i-pos StoreFront 1.3 - index.asp SQL Injection

i-pos StoreFront 1.3 - index.asp SQL Injection source: https://www.securityfocus.com/bid/29471/info i-pos Storefront is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attack...

SQL Injection in extension "Library for Frontend plugins" (sg_zfelib)

It has been discovered that the extension "Library for Frontend plugins" sgzfelib is susceptible to SQL Injections. Component Type: Third party extension. This extension is not part of the TYPO3 default installation. Affected Versions: Version 1.1.512 and below Vulnerability Type: SQL Injection...

Nagasaki Electronic Prefectural Office System SQL injection vulnerability

Overview Nagasaki Prefectural Government has developed an open source electronic prefectural office system. The system contains SQL injection vulnerabilities. Impact A remote attacker may view or modify the database contents. Solution None...

Insomnia : ISVA-080516.1 - Altiris Deployment Solution - SQL Injection

Insomnia Security Vulnerability Advisory: ISVA-080516.1 Name: Altiris Deployment Solution - SQL Injection Released: 16 May 2008 Vendor Link: http://www.altiris.com/ Affected Products: Altiris Deployment Solution 6.8.x & 6.9.x Original Advisory:...

SA-2008-030 - Site Documentation - Privilege escalation

The contributed module Site Documentation intends to assist developers and administrators when they start working with a new site by showing them information from the database. All users with the "access content" permission are able to use the module to list arbitrary tables from the database. In...

Internet Photoshow - 'login_admin' Parameter Unauthorized Access Vulnerability

Internet Photoshow 'loginadmin' Parameter Unauthorized Access Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/29227/info Internet Photoshow is prone to a vulnerability that can result in unauthorized database access. Attackers can exploit this issue to gai...

e107 Plugin BLOG Engine 2.2 - 'rid' Blind SQL Injection

Author: Saime + Script: e107 Plugin BLOG Engine v2.2 rid Blind SQL Injection + URL: http://e107coders.org/download.php?view.1843 + Date: 13/05/2008 + Greetz: BaKo,DrWh4x,optiplex,xprog,cam-man-dan,Tulle,t0pP8uZz,Inspiratio,Novalok,illuz1oN,Untamed,GM,str0ke, and everyone else I forgot! + Site:...