4242 matches found
Internal E-Mail System SQL Injection
--------------------------------------------------------- Portal Name: Internal E-Mail System Vendor : http://asp-dev.com/main.asp?page=41 Download : http://asp-dev.com/download.asp?did=4 Author : PouyaServer , [email protected] Vulnerability : Auth Bypass SQL Injection Vulnerability...
ASP-DEV Internal E-Mail System - Authentication Bypass
ASP-DEV Internal E-Mail System - Authentication Bypass --------------------------------------------------------- Portal Name: Internal E-Mail System Vendor : http://asp-dev.com/main.asp?page=41 Download : http://asp-dev.com/download.asp?did=4 Author : PouyaServer , [email protected]...
ASP-DEv XM Diary SQL Injection / Database Disclosure
--------------------------------------------------------- Portal Name: ASP-DEv XM Diary Vendor : http://www.asp-dev.com Dork : Powered by ASP-DEv XM Diary Author : PouyaServer , [email protected] Vulnerability : SQL,DD --------------------------------------------------------- SQL:...
ASP-DEV Internal E-Mail System (Auth Bypass) SQL Injection Vuln
Exploit for unknown platform in category web applications =============================================================== ASP-DEV Internal E-Mail System Auth Bypass SQL Injection Vuln ===============================================================...
Moodle 1.9.3 Remote Code Execution
Moodle 1.9.3 Remote Code Execution Name Remote Code Execution in Moodle Systems Affected Moodle 1.9.3 and possibly earlier versions Severity High Impact CVSSv2 High 7.3/10, vector: AV:N/AC:L/Au:M/C:P/I:P/A:C Vendor http://moodle.org/ Advisory http://www.ush.it/team/ush/hack-moodle193/moodle193.tx...
ASP-DEV Internal E-Mail System - Authentication Bypass
--------------------------------------------------------- Portal Name: Internal E-Mail System Vendor : http://asp-dev.com/main.asp?page=41 Download : http://asp-dev.com/download.asp?did=4 Author : PouyaServer , [email protected] Vulnerability : Auth Bypass SQL Injection Vulnerability...
ASP-DEV XM Events Diary - cat SQL Injection
ASP-DEV XM Events Diary - cat SQL Injection source: https://www.securityfocus.com/bid/32809/info ASP-DEV XM Events Diary is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an...
ASP-DEV XM Events Diary - 'cat' SQL Injection
source: https://www.securityfocus.com/bid/32809/info ASP-DEV XM Events Diary is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access...
Moodle 1.9.3 Remote Code Execution Vulnerability
Exploit for unknown platform in category web applications ================================================ Moodle 1.9.3 Remote Code Execution Vulnerability ================================================ Moodle 1.9.3 Remote Code Execution Name Remote Code Execution in Moodle Systems Affected...
Moodle 1.9.3 Remote Code Execution Vulnerability
No description provided by source. Moodle 1.9.3 Remote Code Execution Name Remote Code Execution in Moodle Systems Affected Moodle 1.9.3 and possibly earlier versions Severity High Impact CVSSv2 High 7.3/10, vector: AV:N/AC:L/Au:M/C:P/I:P/A:C Vendor http://moodle.org/ Advisory...
Moodle 1.9.3 - Remote Code Execution
Moodle 1.9.3 Remote Code Execution Name Remote Code Execution in Moodle Systems Affected Moodle 1.9.3 and possibly earlier versions Severity High Impact CVSSv2 High 7.3/10, vector: AV:N/AC:L/Au:M/C:P/I:P/A:C Vendor http://moodle.org/ Advisory http://www.ush.it/team/ush/hack-moodle193/moodle193.tx...
CVE-2008-5396
Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...
Gentoo Security Advisory GLSA 200811-05 (php)
The remote host is missing updates announced in advisory GLSA 200811-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Race condition
Race condition in the sxout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU machine, allows local users to cause a denial of service panic via vectors involving reading the /dev/xty file...
CVE-2008-5009
Race condition in the sxout kernel module in Sun Solstice X.25 9.2, when running on a multiple CPU machine, allows local users to cause a denial of service panic via vectors involving reading the /dev/xty file...
CVE-2008-4889
SQL injection vulnerability in index.php in deV!L'z Clanportal DZCP 1.4.9.6 and earlier allows remote attackers to execute arbitrary SQL commands via the users parameter in an addbuddy operation in a buddys action...
Sql injection
SQL injection vulnerability in index.php in deV!L'z Clanportal DZCP 1.4.9.6 and earlier allows remote attackers to execute arbitrary SQL commands via the users parameter in an addbuddy operation in a buddys action...
CVE-2008-4889
SQL injection vulnerability in index.php in deV!L'z Clanportal DZCP 1.4.9.6 and earlier allows remote attackers to execute arbitrary SQL commands via the users parameter in an addbuddy operation in a buddys action...
CVE-2008-4889
CVE-2008-4889 describes a SQL injection in the DZCP (deV!L'z Clanportal) 1.4.9.6 and earlier, triggered in the addbuddy operation via the users parameter in buddys. The vulnerability enables remote attackers with network access and no authentication to execute arbitrary SQL commands, with partial...
DZCP (deV!L_z Clanportal) 1.4.9.6 - Blind SQL Injection
DZCP deV!Lz Clanportal 1.4.9.6 - Blind SQL Injection use HTTP::Cookies; use LWP::UserAgent; my $ua = LWP::UserAgent-new cookiejar = HTTP::Cookies-new,; $ua-agent 'Mozilla/5.0 Gecko/20061206 Firefox/1.5.0.9' ; usage; print "\n"; $server = $ARGV0; $dir = $ARGV1; $username = $ARGV2; $password =...