189 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Adiscon LogAnalyzer before 3.6.6 allow remote attackers to inject arbitrary web script or HTML via the hostname in 1 index.php or 2 detail.php...
CVE-2014-6070
Removed by vendor...
Scott Manktelow Design Stride 1.0 Courses Detail.PHP Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/26036/info Stride 1.0 Courses is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacke...
SiteDone Custom Edition 2.0 - SQL Injection & XSS Vulnerability
No description provided by source. SiteDone Custom Edition 2.0 SQL Injection & XSS Vulnerability http://www.sitedone.com ----------------------------------------------------------------------------------------------- Bug founded by d3v1l Avram Marius Date: 18.03.2010...
NConf 1.3 (detail.php detail_admin_items.php, id parameter) SQL Injection
No description provided by source. Exploit Title: nconf detail.php?detailadminitems.php blind injection Date: 2013/1/20 Exploit Author: [email protected] Software Link: http://sourceforge.net/projects/nconf/files/nconf/ Version: nconf 1.3 Tested on: Server: Apache/2.2.15 Centos PHP/5.3.3 ...
Simple Document Management System (SDMS) SQL Injection Vulnerability
No description provided by source. I'm SiD3^effects member from Inj3ct0r Team Support e-mail : submitatinj3ct0r.com Name : SDMSSimple document management system SQli Vulnerability Date : july, 7 2010 Critical Level : HIGH Vendor Url : http://sdms.cafuego.net/ Author : Sid3^effects aKa HaRi...
Mobius <= 1.4.4.1 (browse.php id) Remote SQL Injection Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl Mobius = 1.4.4.1 Remote SQL Injection Vulnerability Script: Mobius Web Publishing Software Script sit...
Ultrastats <= 0.2.142 (players-detail.php) Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.: UltraStats is a very...
mcGallery 1.1 - detail.php lang Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/28587/info mcGallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...
Pre Shopping Mall 1.0 - Remote SQL Injection Vulnerability
No description provided by source. ============================================== Pre Shopping Mall v1.0 Remote SQL Injection ============================================== Found: Cyber-Security.org ============================================== Exploit:...
Webthaiapp detail.php(cat) Blind SQL Injection Vulnerability
No description provided by source. --==+==================================================+==-- --==+ Webthaiapp detail.phpcat Blind Sql injection Vulnerability +==-- --==+==================================================+==-- Date : 30-04-2010...
Honey Soft Web Solution Multiple Vulnerabilities
No description provided by source. ----------------------------------------------------------------------------------------- Honey Soft detail.php?proddetail= & products.php?catid= SQL-i/XSS Multiple Vulnerabilities...
PHP Classifieds <= 7.1 (detail.php) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl Script Name: Php Classifieds = 7.1 detail.php Remote SQL Injection Exploit Coded by : ajann Author : ajann Contact : : use IO::Socket; if@ARGV 3 print ======================================================================== // Php Classifieds = 7....
BIWEB门户版Getwebshell漏洞
简要描述: 厂商来不来? 详细说明: wap/detail.php(还有好几处,修复时请留意) if !empty$GET'mod' $strModuleID = strval$GET'mod'; //此处未过滤 includeonce'../'.$strModuleID.'/config/var.inc.php'; //包含需截断 $objWebInit-setDBG$arrGPdoDB; $objWebInit-db; $arrLink = 'mod=' . $strModuleID; else includeonce'include/title.php';...
B2Bbuilder 6.6 module/brand/detail.php SQL注入漏洞
No description provided by source...
NConf 1.3 - detail.phpdetail_admin_items.php?id SQL Injection
NConf 1.3 - detail.phpdetailadminitems.php?id SQL Injection Exploit Title: nconf detail.php,detailadminitems.php blind injection Date: 2013/1/20 Exploit Author: haidao,[email protected] Software Link: http://sourceforge.net/projects/nconf/files/nconf/ Version: nconf 1.3 Tested on: Server:...
Website Created By Triad SQL Injection
| | | | '| | | | ' \ / \ ' \ | | | ' | | | \ / / | | | || | | | / | | | | | | | | | || | = 5.0 AND error-based - WHERE or HAVING clause Payload: id=5' AND SELECT 8596 FROMSELECT COUNT,CONCAT0x3a6974713a,SELECT CASE WHEN 8596=8596 THEN 1 ELSE 0 END,0x3a6a6c763a,FLOORRAND02x FROM...
MindWorks SQL Injection Vulnerability
Exploit for php platform in category web applications db 88 d88b "" d8'8b d8' 8b ,adPPYba, ,adPPYba, ,adPPYba, 88 8b,dPPYba, ,adPPYba, d8YaaaaY8b I8 "" a8P88 I8 "" 88 88P' "8a a8" "8a d8""""""""8b "Y8ba, 8PP""""""" "Y8ba, 88 88 88 8b d8 d8' 8b aa 8I "8b, ,aa aa 8I 88 88 88 "8a, ,a8" d8' 8b "YbbdP...
Aholattafun Creative Solutions SQL Injection Vulnerabilities
Exploit for php platform in category web applications ================================================ Exploit Title: Aholattafun Creative Solutions SQL Injection Vulnerabilities Author: Becax Home : CrimeIRCD Vendor :http://www.aholattafun.com/...
Sql injection
SQL injection vulnerability in detail.php in Simple Document Management System SDMS allows remote attackers to execute arbitrary SQL commands via the docid parameter...