Lucene search
K

8041 matches found

Packet Storm
Packet Storm
added 2008/12/16 12:0 a.m.19 views

FLDS 1.2a Blind SQL Injection

FLDS 1.2a lpro.php id Blind SQL Injection Vulnerability + Discovered By SirGod + Greetz : All my friends + Blind SQL Injection - Get username : http://target/path/lpro.php?id=1 and asciisubstringSELECT username from users limit 0,1,1,196 Query is truepage loads normally.Going to next ascii char...

0.5AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2008/12/10 12:0 a.m.30 views

Archive::Tar: Directory traversal vulnerability

Background Archive::Tar is a Perl module for creation and manipulation of tar files. Description Jonathan Smith of rPath reported that Archive::Tar does not check for ".." in file names. Impact A remote attacker could entice a user or automated system to extract a specially crafted tar archive,...

6.8CVSS6.5AI score0.04322EPSS
Exploits1
0day.today
0day.today
added 2008/11/15 12:0 a.m.19 views

Minigal b13 (index.php list) Remote File Disclosure Exploit

Exploit for unknown platform in category web applications =========================================================== Minigal b13 index.php list Remote File Disclosure Exploit =========================================================== ?php settimelimit0; function findpass$data $pass =...

7.1AI score
Exploits0
Fedora
Fedora
added 2008/11/14 12:50 p.m.42 views

[SECURITY] Fedora 8 Update: chmsee-1.0.0-5.31.fc8

A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized. ...

10CVSS0.10187EPSS
Exploits2
exploitpack
exploitpack
added 2008/10/29 12:0 a.m.18 views

Pro Traffic One - poll_results.php SQL Injection

Pro Traffic One - pollresults.php SQL Injection | | Pro Traffic One pollresults.php id Remote SQL Injection Vulnerability | |-------------------- IQ-SecuritY ------------------- | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email: darkangelg85atYahooDoTcom | | | | | script :...

0.9AI score
Exploits0
OpenVAS
OpenVAS
added 2008/10/24 12:0 a.m.23 views

NetScaler web management cookie information

It is possible to extract information about the remote Citrix NetScaler appliance obtained from the web management interface SPDX-FileCopyrightText: 2008 nnposter Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

5CVSS6.5AI score0.01108EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2008/10/18 12:0 a.m.43 views

XOOPS Module GesGaleri - SQL Injection

!/usr/bin/perl -w Xoops GesGaleri Sql injection Author : EcHoLL www.warezturk.org www.tahribat.com Greetz : Blacklabel TURK Godlike ! ModuleName: GesGaleri ! ScriptName: XOOPS ! GoogleDork: inurl:"/modules/GesGaleri/" system"color FF0000"; system"Nohacking"; print...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/10/10 12:0 a.m.22 views

Stash 1.0.3 (SQL) User Credentials Disclosure Exploit

No description provided by source. !/usr/bin/perl -w User credentials disclosure exploit - stash103exp.pl Gnix [email protected] http://gnix.netsons.org This exploit use an SQL Injection in the file admin/login.php to bypass the login, and then an SQL Injection in the admin/news.php to extract a...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/10/09 12:0 a.m.18 views

Stash 1.0.3 (SQL) User Credentials Disclosure Exploit

Exploit for unknown platform in category web applications ===================================================== Stash 1.0.3 SQL User Credentials Disclosure Exploit ===================================================== !/usr/bin/perl -w User credentials disclosure exploit - stash103exp.pl This...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/10/09 12:0 a.m.30 views

Stash 1.0.3 - SQL Injection User Credentials Disclosure

!/usr/bin/perl -w User credentials disclosure exploit - stash103exp.pl Gnix http://gnix.netsons.org This exploit use an SQL Injection in the file admin/login.php to bypass the login, and then an SQL Injection in the admin/news.php to extract all the users info. Note: password are crypted with md5...

7.4AI score
Exploits0
Fedora
Fedora
added 2008/09/28 6:40 p.m.58 views

[SECURITY] Fedora 9 Update: chmsee-1.0.1-5.fc9

A gtk2 chm document viewer. It uses chmlib to extract files. It uses gecko to display pages. It supports displaying multilingual pages due to gecko. It features bookmarks and tabs. The tabs could be used to jump inside the chm file conveniently. Its UI is clean and handy, also is well localized. ...

10CVSS0.05077EPSS
Exploits3
Packet Storm
Packet Storm
added 2008/09/28 12:0 a.m.19 views

euploader-sql.txt

E-Uploader Pro = 1.0 SQL Injection Vulnerability Author: !DoktOR! Date found: 26.08.08 Product: E-Uploader Pro Version: 1.0 Price: $49 URL: www.scriptsfrenzy.com Download script: http://rapidshare.com/files/18285945/E-UploaderPro.PHP.NULL-DGTlicense.zip Vulnerability Class: SQL Injection Conditio...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/09/22 12:0 a.m.16 views

oceandir-sql.txt

/ @title Oceandir = 2.9 showvote.php id Remote SQL injection @author JEEN HACKER TEAM Jeen + Secertry @cost 250$ @script http://www.oceandir.com @copyright 2008 @homepage http://www.hackteach.org/cc/teach.php @email [email protected] , [email protected] / Exploit : user...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.29 views

FreeBSD Security Advisory (FreeBSD-SA-05:11.gzip.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:11.gzip.asc ADV FreeBSD-SA-05:11.gzip.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft In...

3.7CVSS6.3AI score0.00655EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.18 views

FreeBSD Security Advisory (FreeBSD-SA-05:11.gzip.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:11.gzip.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

3.7CVSS6.5AI score0.00655EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2008/08/15 12:0 a.m.19 views

zorum-blindsql.txt

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print " \n"; print " oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo\n"; print " o Zorum 3.5 Blind SQL Injection Exploit o\n"; print " o o\n"; print " o Discovered By: CraCkEr o\n"; print " o o\n"; print " o Coded B...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/07/12 12:0 a.m.12 views

Dreamlevels Dreampics Builder 'page' SQL注入漏洞

BUGTRAQ ID: 30166 CNCAN ID:CNCAN-2008071103 Dreamlevels Dreampics Builder是一款基于PHP的WEB应用程序。 Dreamlevels Dreampics Builder不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可能获得敏感信息或操作数据库。 问题由于脚本对用户提交给'page'参数缺少过滤,构建恶意SQL查询作为参数数据,可更改原来的SQL逻辑,获得敏感信息或操作数据库。 DreamLevels Dreampics Builder 目前没有解决方案提供:...

6.9AI score
Exploits0
0day.today
0day.today
added 2008/06/16 12:0 a.m.25 views

MyMarket 1.72 Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================= MyMarket 1.72 Blind SQL Injection Exploit ========================================= !/usr/bin/perl MyMarket 1.72 Blind SQL Injection Exploit Bug by: h0yt3r Demo:...

7.1AI score
Exploits0
NVD
NVD
added 2008/05/12 8:20 p.m.27 views

CVE-2008-2146

wp-includes/vars.php in Wordpress before 2.2.3 does not properly extract the current path from the PATHINFO $PHPSELF, which allows remote attackers to bypass intended access restrictions for certain pages...

7.5CVSS6.6AI score0.02734EPSS
Exploits1References5
CVE
CVE
added 2008/05/12 8:0 p.m.61 views

CVE-2008-2146

CVE-2008-2146 affects WordPress prior to 2.2.3, where wp-includes/vars.php fails to correctly extract the current path from PATH_INFO ($PHP_SELF). This allows remote attackers to bypass page access restrictions. The root cause is a path-determination flaw in WordPress’ request handling. A fix is ...

7.5CVSS6.5AI score0.02734EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder