uListing < 1.7 - Unauthenticated SQL Injections

The /1/api/ulisting-page-statistics/listing REST route did not sanitise or escape the listingid and userid GET parameters before using them in a SQL statement, leading to an SQL Injection issue. The plugin also did not sanitise and escape the HTTPCLIENTIP and HTTPXFORWARDEDFOR which are then used...

BlueCMS getip()injection vulnerability-vulnerability warning-the black bar safety net

, Description,BlueCMS is a place to classified information portal dedicated CMS system. Procedures in using the getipfunction to get the Client ip when not strictly filter the data, resulting in sql injection vulnerability. Second, the analysis //comment.php $sql = "INSERT INTO ". table'comment'....

TorrentTrader scrape.php脚本SQL注入漏洞

BUGTRAQ ID: 29451 TorrentTrader是用PHP编写的torrent tracker平台。 TorrentTrader在验证访问IP列表时存在SQL漏洞，远程攻击者可能利用此漏洞绕过访问限制。 如果要下载受限制的torrent，用户要登录到TorrentTrader，然后其IP储存在许可用户的列表中。当bittorrent客户端连接时，会检查这个IP地址是否为许可用户列表中的地址。...

MyBulletinBoard (MyBB) 1.2.2 - CLIENT-IP SQL Injection

MyBulletinBoard MyBB 1.2.2 - CLIENT-IP SQL Injection !/usr/bin/perl LOGO Mybb = 4.1 wwork: blind sql-inj ggoogle: Powered By MyBB coded by Elekt antichat.ru Coments Описание: Работа эксплойта основана на sql-инъекции в HTTPCLIENTIP...

MyBulletinBoard (MyBB) 1.2.2 - &#039;CLIENT-IP&#039; SQL Injection

!/usr/bin/perl LOGO Mybb = 4.1 wwork: blind sql-inj ggoogle: Powered By MyBB coded by Elekt antichat.ru Coments Описание: Работа эксплойта основана на sql-инъекции в HTTPCLIENTIP. Неавторизованный пользователь может...

CVE-2005-3010

CVE-2005-3010 affects CuteNews (version 1.4.0 and earlier). A direct static code injection vulnerability in the flood protection feature (inc/shows.inc.php) allows a remote attacker to inject and execute arbitrary PHP code via the HTTP_CLIENT_IP header (Client-Ip), which is injected into data/flo...