188 matches found
WebComIndia CMS 2015Q4 Authentication Bypass Vulnerability
WebComIndia CMS 2015Q4 suffers from an authentication bypass vulnerability via remote SQL injection. Document Title: =============== WebComIndia CMS 2015Q4 - Auth Bypass Vulnerability Product & Service Introduction: =============================== Where quality & reliability converge. Web.Com Ind...
Wordpress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: WordPress cp-multi-view-calendar.1.1.7 Unauthenticated SQL injection vulnerabilities Date: 2015-07-10 Google Dork: Index of /wordpress/wp-content/plugins/cp-multi-view-calendar Exploit Author: Joaquin Ramirez Martinez i0akiN...
WordPress Plugin CP Multi View Event Calendar 1.1.7 - SQL Injection
WordPress Plugin CP Multi View Event Calendar 1.1.7 - SQL Injection Exploit Title: WordPress cp-multi-view-calendar.1.1.7 Unauthenticated SQL injection vulnerabilities Date: 2015-07-10 Google Dork: Index of /wordpress/wp-content/plugins/cp-multi-view-calendar Exploit Author: Joaquin Ramirez...
RHEL 6 / 7 : postgresql (RHSA-2015:1194)
Updated postgresql packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Moderate: Red Hat Security Advisory: postgresql92-postgresql security update
Updated postgresql92-postgresql packages that fix three security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...
[SECURITY] Fedora 22 Update: postgresql-9.4.4-1.fc22
PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...
[SECURITY] Fedora 22 Update: postgresql-9.4.2-1.fc22
PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...
WordPress GigPress 2.3.8 SQL Injection Vulnerability
WordPress GigPress plugin version 2.3.8 suffers from a remote SQL injection vulnerability. Title: SQLi vulnerabilities in WordPress plugin "GigPress" Author: Adrián M. F. - adrimf85atgmaildotcom Date: 2015-05-25 Vendor Homepage: https://wordpress.org/plugins/gigpress/ Active installs: 20,000+...
Coremail官网SQL注入可读全库
简要描述: coremail官网存在注入,有防护,可绕过。 详细说明: 漏洞地址:http://www.coremail.cn/gjzc2/list117.aspx?lcid=412 漏洞证明: 有防护,直接用sqlmap加个tamper=chardoubleencode.py可以跑出来。 这个是sqlmap用的payload: Place: GET Parameter: lcid Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: lcid=412 AND...
Pandora FMS 5.1 SP1 - SQL Injection
Document Title: =============== Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1355 Release Date: ============= 2015-02-09 Vulnerability Laboratory ID VL-ID: ==================================== 1355...
[SECURITY] Fedora 21 Update: postgresql-9.3.6-1.fc21
PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...
Pimcore CMS 2.3.03.0 - SQL Injection
Pimcore CMS 2.3.03.0 - SQL Injection Document Title: =============== Pimcore v3.0 & v2.3.0 CMS - SQL Injection Vulnerability References Source: ==================== http://vulnerability-lab.com/getcontent.php?id=1363 Release Date: ============= 2014-12-16 Vulnerability Laboratory ID VL-ID:...
某管理系统通用型SQL注入
简要描述: 某管理系统通用型SQL注入 详细说明: 厂商:南京苏亚星资讯科技开发有限公司 资源库管理系统 搜索引擎关键字:帮助 正在读取数据... 注册用户 系统用户 用户名: 密码: 南京苏亚星资讯科技开发 有一部分是内网使用,好不容易找到5个案例。...
SIDA University System SQL Injection Vulnerability
No description provided by source. Author: K053 K053.dev0te3 at gmail Vendor : SIDA http://91.98.156.224/ Version: All below 1389 are vulberable ==================================================================================== Note: Seems vendor patched this vulnerability in newest update 1389...
Sonicwall Scrutinizer 9.5.2 - SQL Injection Vulnerability
No description provided by source. Title: ====== Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability Date: ===== 2013-02-13 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=789 9984: Investigate Vulnerability Lab issues this ticket included tracking the creation o...
Oracle <= 10g Release 2 (DBMS_EXPORT_EXTENSION) Local SQL Exploit
No description provided by source. / 0day, description is wrong. /str0ke / / Fucking NON-0 day$ exploit for Oracle 10g 10.2.0.2.0 Patch your database now! by N1V1Hd $3c41r3 / CREATE OR REPLACE PACKAGE MYBADPACKAGE AUTHID CURRENTUSER IS FUNCTION ODCIIndexGetMetadata oindexinfo SYS.odciindexinfo,P3...
Oracle <= 9i / 10g (extproc) - Local/Remote Command Execution Exploit
No description provided by source. -- -- $Id: raptororaextproc.sql,v 1.1 2006/12/19 14:21:00 raptor Exp $ -- -- raptororaextproc.sql - command exec via oracle extproc -- Copyright c 2006 Marco Ivaldi [email protected] -- -- Directory traversal vulnerability in extproc in Oracle 9i and 10g --...
TRS WCM后台SQL注入一枚
简要描述: 详细说明: 测试版本:WCM6.5,问题出在后台“新建栏目分发” 直接看图: select WCMDocument.DocId from WCMCHNLDOC,WCMDocument where WCMDocument.DocId=WCMChnlDoc.DocId and WCMChnlDoc.CHNLID=? AND 注入点 AND WCMChnlDoc.DOCSTATUS0 and WCMChnlDoc.Modal0 and WCMChnlDoc.DocChannel0 order by WCMChnlDoc.DOCORDERPRI desc,...
RedHat Update for postgresql RHSA-2014:0249-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 18 Update: postgresql-9.2.4-1.fc18
PostgreSQL is an advanced Object-Relational database management system DBM S. The base postgresql package contains the client programs that you'll need to access a PostgreSQL DBMS server, as well as HTML documentation for the whole system. These client programs can be located on the same machine ...