Sql injection

SQL injection vulnerability in tsother.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to execute arbitrary SQL commands via the userid parameter in a modboard action...

CVE-2010-1338

CVE-2010-1338 affects the WoltLab Burning Board’s Teamsite Hack plugin (versions 3.0 and earlier) via ts_other.php. The vulnerability is a SQL injection in the modboard action, exploitable through the userid parameter, allowing remote attackers to execute arbitrary SQL commands. Documented impact...

CVE-2010-1339

CVE-2010-1339 is a cross-site scripting (XSS) vulnerability affecting the WoltLab Burning Board installation using the Teamsite Hack plugin (3.0 and earlier). The issue is triggered by the userid parameter in a modboard action within ts_other.php, where user input is inappropriately handled insid...

CVE-2010-1339

Cross-site scripting XSS vulnerability in tsother.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to inject arbitrary web script or HTML via the userid parameter in a modboard action, which is not properly handled in a forced SQL error message...

Adobe, FoxIt Investigating Way to Mitigate PDF Hack

Security response teams at Adobe and FoxIt are investigating ways to mitigate a new PDF hack that allows the execution of an embedded executable without exploiting any security vulnerabilities. A demo of the PDF hack has been published to show how a hacker could employ social engineering techniqu...

Easy-Clanpage <= v2.2 multiple SQL Injection Vulnerability + Exploit

Exploit for php platform in category web applications ==================================================================== Easy-Clanpage 2.2 http://www.easy-clanpage.de /?section=downloads&action=viewdl&id=18 +Price : for free +Language : PHP +Discovered by Easy Laster...

Adobe Reader - Escape From &#039;.PDF&#039; Execute Embedded Executable

Title : Escape From PDF Author : Didier Stevens Date : 03/29/2010 Source : http://blog.didierstevens.com/2010/03/29/escape-from-pdf/ This is a special PDF hack: I managed to make a PoC PDF to execute an embedded executable without exploiting any vulnerability! I use a launch action triggered by t...

Hash brute force attack-vulnerability warning-the black bar safety net

Name: the end Tutorial: Hash brute force attack Nature: the translation of the article Time: 2 0 1 0 3 2 7 on Saturday ------------------------------------The above information↑------------------------------------ --------------------------------------The content of the...

Woltlab Burning Board Teamsite Hack 3.0 SQL Injection

----------------------------Information----------------------------------------------------- +Name : Woltlab Burning Board Teamsite Hack V3.0 tsother.php SQL Injection Exploit Python +Autor : Easy Laster +Date : 21.03.2010 +Script : Woltlab Burning Board Teamsite Hack V3.0 +Google Door : Teamsite...

Woltlab Burning Board Teamsite Hack 3.0 - ts_other.php SQL Injection

Woltlab Burning Board Teamsite Hack 3.0 - tsother.php SQL Injection ----------------------------Information----------------------------------------------------- +Name : Woltlab Burning Board Teamsite Hack V3.0 tsother.php SQL Injection Exploit Python +Autor : Easy Laster +Date : 21.03.2010 +Scrip...

Woltlab Burning Board Teamsite Hack v3.0 (ts_other.php) SQL Injection

Exploit for unknown platform in category web applications ======================================================================== Woltlab Burning Board Teamsite Hack " print " python...

Woltlab Burning Board Teamsite Hack 3.0 - &#039;ts_other.php&#039; SQL Injection

----------------------------Information----------------------------------------------------- +Name : Woltlab Burning Board Teamsite Hack V3.0 tsother.php SQL Injection Exploit Python +Autor : Easy Laster +Date : 21.03.2010 +Script : Woltlab Burning Board Teamsite Hack V3.0 +Google Door : Teamsite...

PHPWind version 6.0 Cross Site Scripting Vulnerability

Exploit for unknown platform in category web applications ====================================================== PHPWind version 6.0 Cross Site Scripting Vulnerability ====================================================== I found the PHPWind v6.0 just filter the xss code when the visitors login...

Pwn2Own Predictions: Apple iPhone Will Fall

Hackers at this year’s CanSecWest Pwn2Own contest will definitely break into an Apple iPhone by exploiting a remote code execution vulnerability. That’s the prediction from Charlie Miller and Aaron Portnoy, two security researchers who are monitoring events leading to next week’s hacker challenge...

Another TJX Accomplice Gets Nearly 4-Year Sentence

Humza Zaman, a co-conspirator in the hack of TJX and other companies, was sentenced Thursday in Boston to 46 months in prison and fined $75,000 for his role in the conspiracy. The sentence matches what prosecutors were seeking. Read the full article. Wired...

PHP Ask & Answer (XSS) Cross Site Scripting Vulnerability

Exploit for unknown platform in category web applications ========================================================= PHP Ask & Answer XSS Cross Site Scripting Vulnerability =========================================================...

SBD Directory 4.0 (XSS) Cross Site Scripting Vulnerability

Exploit for unknown platform in category web applications ========================================================== SBD Directory 4.0 XSS Cross Site Scripting Vulnerability ==========================================================...

Phpwind7. 5 Background local include exploit-vulnerability warning-the black bar safety net

Affected version:Phpwind7. 5 File: hack\rate\admin.php Source: Then look at the hack\rate\template\layout.php to: EOT; requireonce $filepath; the includeonce PrintEot 'adminbottom' ; ? $job can be customized to trigger a local include, but addslashes, and therefore can not pass%0 0 truncated; but...

Phpwind7.5 后台本地包含漏洞

文件：hack\rate\admin.php 源码： ?php !functionexists'readover' && exit'Forbidden'; define "HR", RP . "hack/rate/" ; define "LR", RP . "lib/" ; InitGP array 'ajax' ; $action = strtolower $job ? $job : "admin" ; $filepath = HR . "action/" . $action . "Action.php"; ! fileexists $filepath && exit ; if $jo...

United Way Hack Exposes Work-at-Home Scam

Hackers broke into computer systems at a Massachusetts chapter of the United Way last month and attempted to make off with more than $150,000 from one of the nation’s largest charities with the use of a money mule duped by a “Work-at-home” scam. Read the full article. KrebsonSecurity...