Contemplation - Sql injection Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...

Toko Flamboyan Local File Inclusion

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...

Western Digital TV (WD-TV) Live Remote Code Execution

Exploit for windows platform in category remote exploits Introduction ============ The WD TV Live Streaming Media Player is a consumer device to play various audio and video formats. Additionally it allows access to multiple video streaming services like Netflix, Hulu or Youtube.1 The device allo...

AyMSite v.3.0.2 SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: AyMSite V 3.0.2 sqli Vendor: http://www.aymsoft.com/ Date: 08/06/2012 Author: xDarkSton3x Dork: inurl:aymindex.php?option= E-mail : email protected Category: webapps Example Sites :...

PHP Address Book 7.0 - Multiple Cross-Site Scripting Vulnerabilities

PHP Address Book 7.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/53598/info PHP Address Book is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

ajp-headers NSE Script

Performs a HEAD or GET request against either the root directory or any optional directory of an Apache JServ Protocol server and returns the server response headers. Script Arguments ajp-headers.path The path to request, such as /index.php. Default /. slaxml.debug See the documentation for the...

[SECURITY] Fedora 16 Update: phpMyAdmin-3.5.0-1.fc16

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

DEBIAN-CVE-2012-0216

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...

CVE-2012-0216

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...

Mushoq CMS SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Mushoq CMS SQL injection Vulnerability Vendor: http://www.mushoq.com/ Author: xDarkSton3x E-mail : email protected Twitter: @xdarkston3x Category: webapps Google dork: intext:desarrollo Web mushoq inurl:index.php?idSeccion=...

DSA-2452-1 apache2 - insecure default configuration

Bulletin has no description...

hostmap-robtex NSE Script

Discovers hostnames that resolve to the target's IP address by querying the online Robtex service at . TEMPORARILY DISABLED due to changes in Robtex's API. See Script Arguments slaxml.debug See the documentation for the slaxml library. http.host, http.max-body-size, http.max-cache-size,...

Dolibarr ERP / CRM OS Command Injection

Exploit for php platform in category web applications Dolibarr ERP & CRM OS Command Injection =================================== 1. Advisory Information Date published: 2012-4-6 Vendors contacted: Dolibarr Release mode: Coordinated release 2. Vulnerability Information Class: Injection Remotely...

VitalogyWeb Cross Site Scripting

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...

Meinfoway - SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================================================== Meinfoway - SQL Injection Vulnerability ========================================================================== Title: Meinfoway - SQL Injection Vulnerability Author...

Geeklog 1.8.1 SQL Injection

In The Name Of GOD ============================================================================== Geeklog SQL Injection Vulnerability ============================================================================== » Title : Geeklog SQL Injection Vulnerability » TestedON: Linux » Download:...

JPM Article Script 6 - page2 SQL Injection

JPM Article Script 6 - page2 SQL Injection source: https://www.securityfocus.com/bid/52528/info JPM Article Script 6 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker ...

Kevin Mitnick's website open to Cross-Site Scripting ( XSS ) vulnerability

Kevin Mitnick's website open to Cross-Site Scripting XSS vulnerability Cross-Site Scripting XSS vulnerability discovered in official website of Kevin Mitnick one of the most talented hackers, and the one one most prosecuted by the state. Mitnick's hacker handle was "Condor". He became the first...

Barracuda CSRF (change e-mail address)

Exploit for php platform in category web applications Exploit Title: Barracuda CSRF change e-mail address Author: Jonturk75 Vendor or Software Link: http://www.scripts.com/viewscript/barracuda/19576/ Category:: webapps Demo : http://demo.boonex.com/administration/ Greetz: Inj3ct0r Exploit DataBas...

Xavi 7968 ADSL Router Cross Site Request Forgery / Cross Site Scripting

Xavi 7968 ADSL Router: Persistent cross site scripting XSS / Cross site request forgery CSRF ------------------------------------------------------------------------------------------------ Description: Xavi 7968 Router is completely vulnerable to Persistent cross site scripting XSS and Cross sit...