Denial Of Service (DoS)

mysql is vulnerable to denial of service. A flaw in the way MySQL processed PREPARE statements containing both GROUPCONCAT and the WITH ROLLUP modifier could allow a remote, authenticated attacker to crash mysqld...

Joomla com_threate 1.1.4 SQL injection Vulnerability

Exploit for php platform in category web applications Exploit Title : Joomla comthreate 1.1.4 SQL injection Exploit Author : xBADGIRL21 Dork : index.php?option=comthreate version: 1.1.4 Vendor Homepage : http://joomlic.com/ Tested on: Windows skype:xbadgirl21 Date: 2016/07/09 video Proof :...

Joomla Topics 1.5.12 SQL Injection

Exploit Title : Joomla comtopics SQL injection Exploit Author : xBADGIRL21 Dork : inurl:index.php?option=comtopics Category: Webapps version: 1.5.12 Tested on: Windows skype:xbadgirl21 Date: 2016/07/08 video Proof Youtube : https://youtu.be/2KynoDHvEkY SQL injection PoC: cid= Get Parameter...

ZPanel <= 10.0.1 CSRF, XSS, SQLi, Password Reset

No description provided by source. Exploit Title: ZPanel = 10.0.1 CSRF, XSS, SQLi, Password Reset Date: 04/11/2012 Exploit Author: pcsjj Vendor Homepage: http://www.zpanelcp.com/ Version: 10.0.1 Software Link: http://sourceforge.net/projects/zpanelcp/files/latest/download Downloads: 90,382 CVE :...

MySQL: Вытягивание записей в строку с использованием встроенной функции insert

Все вы знаете о выводе колонок MySQL таблицы в одну строку, итак, встречаем - Четвертый метод! Но об этом немного позже, а сейчас вспомним то, что имеется на сегодняшний день. Из статьи Dr.Z3r0: MySQL SQL Injection полный FAQ: 1. groupconcat + Простое использование, небольшой размер - Ограничение...

MySQL < 5.5.6 Multiple Denial of Service

The version of MySQL installed on the remote host is older than 5.5.6. As such, it reportedly is prone to multiple denial of service attacks : - The improper handling of type errors during argument evaluation in extreme-value functions, e.g., 'LEAST' or 'GREATEST' causes server crashes...

dotProject 2.1.5 - SQL Injection

dotProject 2.1.5 - SQL Injection Exploit Title: dotProject 2.1.5 SQL Injection Vulnerability Google Dork: intitle:"dotproject" Date: 2011-12-09 Author: sherl0ck @AlligatorTeam Software Link: http://www.dotproject.net/ Version: 2.1.5 tested Tested on: Debian GNU/Linux 5.0 --------------- PoC...

Ускоритель MySQL-inj

Если данный способ уже где-то описан - прошу кинуть ссылочки. Метод был существенно доработан - читай мой пост ниже! Хочу рассказать вам о новой может я что-то пропустил? технике вывода данных при MySQL injection. Дело в том, что очень неудобно когда при наличии уязвимости в результате мы можем...

MySQL Multiple Denial of Service Vulnerabilities

MySQL is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mysql:mysql";...

Debian DSA-2143-1 : mysql-dfsg-5.0 - several vulnerabilities

Several vulnerabilities have been discovered in the MySQL database server. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-3677 It was discovered that MySQL allows remote authenticated users to cause a denial of service mysqld daemon crash via a joi...

CVE-2010-3837

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service server crash via a prepared statement that uses GROUPCONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in...

[SECURITY] [DSA-2143-1] New mysql-dfsg-5.0 packages fix several vulnerabilities

------------------------------------------------------------------------- Debian Security Advisory DSA-2143-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano January 14, 2011 http://www.debian.org/security/faq -...

Mandriva Update for mysql MDVSA-2010:223 (mysql)

Check for the Version of mysql OpenVAS Vulnerability Test Mandriva Update for mysql MDVSA-2010:223 mysql Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Ubuntu 6.06 LTS / 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : mysql-5.1, mysql-dfsg-5.0, mysql-dfsg-5.1 vulnerabilities (USN-1017-1)

It was discovered that MySQL incorrectly handled certain requests with the UPGRADE DATA DIRECTORY NAME command. An authenticated user could exploit this to make MySQL crash, causing a denial of service. This issue only affected Ubuntu 9.10 and 10.04 LTS. CVE-2010-2008 It was discovered that MySQL...

Mandriva Linux Security Advisory : mysql (MDVSA-2010:223)

Multiple vulnerabilities were discovered and corrected in mysql : - During evaluation of arguments to extreme-value functions such as LEAST and GREATEST, type errors did not propagate properly, causing the server to crash CVE-2010-3833. - The server could crash after materializing a derived table...

Mandriva Linux Security Advisory : mysql (MDVSA-2010:222)

Multiple vulnerabilities were discovered and corrected in mysql : - Joins involving a table with with a unique SET column could cause a server crash CVE-2010-3677. - Use of TEMPORARY InnoDB tables with nullable columns could cause a server crash CVE-2010-3680. - The server could crash if there we...

CVE-2010-3837

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service server crash via a prepared statement that uses GROUPCONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in...

MySQL: crash when group_concat and "with rollup" in prepared statements (MySQL Bug#54476)

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service server crash via a prepared statement that uses GROUPCONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in...

MySQL Community Server < 5.1.51 Multiple Vulnerabilities

The version of MySQL Community Server installed on the remote host is earlier than 5.1.51 and is, therefore, potentially affected by multiple vulnerabilities: - A privilege escalation vulnerability exists when using statement-based replication. Version specific comments used on a master server wi...

MySQL Community Server 5.1 < 5.1.51 Multiple Denial of Service Vulnerabilities

Binary data 801142.prm...