phpMDJ 1.0.3 - SQL Injection Vulnerability

No description provided by source. ,--------------------------------------------------------------, Vulnerable Script : phpMDJ 1.0.3 \ Download : http://www.weboac.be/phpmdj/docs/phpmdj1.0.3.zip \ Vulnerability : Remote Sql Injection ...

DMXReady BillboardManager <= 1.1 Contents Change Vulnerability

No description provided by source. Title : DMXReady BillboardManager = 1.1 Remote Contents Change Vulnerability Author : x0r Contact : [email protected] \ [email protected] S.Page : http://www.dmxready.com $$ : 49.97 $ Permissions: Update Delete Insert Category / Sub Category Example: You Find -...

ZeusCMS <= 0.3 - Remote Blind SQL Injection Exploit

No description provided by source. ? / ------------------------------------------------- ZeusCMS = 0.3 Remote Blind SQL Injection Exploit ------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://www.zeuscms.gr/ details..: works with...

webSPELL <= 4.01.02 Multiple Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV3 print \n \'/ ; print \n -.- ; print \n -------------------oOO------OOo--------------------; print \n | webSPELL = v4.01.02 Multiple Remote SQL Injection |; print \n | coded by DNX |; print \n...

Zanfi CMS lite 1.2 - Multiple Local File Inclusion Vulnerabilities

No description provided by source. +Zanfi CMS lite / Jaw Portal free index.php page Multiple Local File Inclusion +Discovered by SirGod +MorTal TeaM +Greetz E.M.I.N.EM,Ras,Puscasmarin,ToxicBlood,HrN,Kemrayz,007m + Dork : Powered by: Zanfi Solutions + Local File Inclusion PoC :...

TorrentTrader Classic <= 1.04 - Blind SQL Injection Vulnerability

No description provided by source. ====================================================== == TorrentTrader Classic = 1.04 Blind SQL Injection Exploit ====================================================== == NamE : TorrentTrader Classic == version : 1.04 == Download : www.torrenttrader.org...

WordPress MoodThingy Widget 0.8.7 - Blind SQL Injection

No description provided by source. Exploit Title: WordPress MoodThingy Mood Rating Widget v0.8.7 Blind SQL Injection Date: 7/2/12 Exploit Author: Chris Kellum Vendor Homepage: http://www.moodthingy.com/ Software Link: http://downloads.wordpress.org/plugin/moodthingy-mood-rating-widget.0.8.7.zip...

Mongoose 2.8 Space String Remote File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38145/info Mongoose is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view the source code of files in the context ...

Joomla Component com_start SQL Injection Vulnerability

No description provided by source. InformatioN Title : Joomla Component comstart SQL Injection Vulnerability Author : DevilZ TM By D3v1l Homepage : http://www.DEVILZTM.com Contact : [email protected] & [email protected] ExploiT Vulnerable File :...

BlackBerry Enterprise Server 4.0/4.1 MDS Connection Service Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34573/info BlackBerry Enterprise Server MDS Connection Service is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage this issue to execute...

i-pos Storefront 1.3 - 'index.asp' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29471/info i-pos Storefront is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

K-Links - Link Directory Script SQL Injection Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-In The Name Of Allah The Mercifull-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tybe: REMOTE SQL iNJECTioN Vendor: http://turn-k.net + Software: K-Links + author: R3d-D3v!L + TEAM: N0W... !AM W0RK!NG AL0NE ? contact:...

Cetil Cross Site Scripting

Post Cross Site Scripting on Cetil - Demonstrativo de Pagamento de Salário + Date: 27/05/2014 + Risk: LOW + CWE number: CWE-79 + Author: Felipe Andrian Peixoto + Vendor Homepage: http://www.cetil.com.br/ + Contact: [email protected] + Tested on: Windows 7 and Linux + Vulnerable File:...

Web Terra 1.1 - &#039;books.cgi&#039; Remote Command Execution

Remote Comand Execution on books.cgi Web Terra v. 1.1 + Date: 21/05/2014 + CWE number: CWE-78 + Risk: High + Author: Felipe Andrian Peixoto + Contact: [email protected] + Tested on: Windows 7 and Linux + Vendor Homepage: http://www2.inforyoma.or.jp/terra + Vulnerable File: books.cgi +...

Web Terra 1.1 - books.cgi Remote Command Execution

Web Terra 1.1 - books.cgi Remote Command Execution + Remote Comand Execution on books.cgi Web Terra v. 1.1 + Date: 21/05/2014 + CWE number: CWE-78 + Risk: High + Author: Felipe Andrian Peixoto + Contact: [email protected] + Tested on: Windows 7 and Linux + Vendor Homepage:...

F5 iControl Remote Command Execution

Hi, Linked below is an advisory regarding remote command execution as root, possibly vulnerabilities within the iControl API: http://support.f5.com/kb/en-us/solutions/public/15000/200/sol15220.html An example request that will set the hostname to 'root.example.com': whoami.example.com This was...

DEDECMS full version disregard for GPC injection exp-vulnerability warning-the black bar safety net

? php printr " +------------------------------------+ DEDECMS full version disregard for GPC injection code by :Sunshie Usage:$argv0 domain Example: php.exe$argv0 www.phpinfo.me +------------------------------------+ " ; if$argv1=="" exit"do not tease than we're still good friends"; else...

Joomla Wire Immogest SQL Injection

IIIIIIII RRRRRRRRRRRR HHHHHHHH HHHHHHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRRRRRRRR HHHHHHHHHHHHHHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIII RRRR RRRR HHHH HHHH IIIIIIII RRRRRRRR RRRRRR...

CVE-2012-1088

iproute2 before 3.3.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file used by 1 configure or 2 examples/dhcp-client-script...

Cross-Site Scripting (XSS) in Ilch CMS

High-Tech Bridge Security Research Lab discovered vulnerability in Ilch CMS, which can be exploited to perform Cross-Site Scripting XSS attacks against users and administrators of vulnerable application. 1 Cross-Site Scripting XSS in Ilch CMS: CVE-2014-1944 The vulnerability exists due to...