CVE-2018-25205 ASP.NET jVideo Kit 1.0 SQL Injection via query Parameter

ASP.NET jVideo Kit 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the 'query' parameter in the search functionality. Attackers can submit malicious SQL payloads via GET or POST requests to the /search endpoint to extract sensitive...

gosql

gosql Auto...

CVE-2025-8987 SourceCodester COVID 19 Testing Management System test-details.php sql injection

A vulnerability was identified in SourceCodester COVID 19 Testing Management System 1.0. This affects an unknown part of the file /test-details.php. The manipulation of the argument remark leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

CVE-2025-8703 Wanzhou WOES Intelligent Optimization Energy Saving System Environmental Real-Time Data Module GetAreaTrendChartData sql injection

A vulnerability classified as critical was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. This vulnerability affects unknown code of the file /WEASHomePage/GetAreaTrendChartData of the component Environmental Real-Time Data Module. The manipulation of the argument energy...

PowerSploit

This is an offensive tool for Windows PowerShell exploitation. It is a collection of PowerShell modules, specifically PowerSploit, which provides various functions for code execution, DLL injection, and antivirus bypass. The tool is designed to be used by penetration testers and red teamers to te...

Wuhan No. No. Technology Co. 99box Game Manager suffers from dll hijacking vulnerability

99box is a very cool gaming service platform. Wuhan No. 99box Game Manager Co., Ltd. has a dll hijacking vulnerability that can be exploited by an attacker to inject an executable DLL file into the client process to perform arbitrary functions...

xycmslyb v1.9 SQL Injection Vulnerability in Background

xycmslyb is a business building software. xycmslyb v1.9 suffers from a SQL injection vulnerability in the backend, which can be exploited by attackers to obtain sensitive information from the database...

WordPress Targeted with Clever SEO Injection Malware

A clever malware built for SEO injection – where a black hat loads up a webpage with spammy links, redirects and ad keywords, unbeknownst to the site owner – has been seen evading detection with an innovative approach that involves appending itself in an unusual place in the back-end code of a...

Frida-Extract - Frida.re Based RunPE (And MapViewOfSection) Extraction Tool

FridaExtract is a Frida.re based RunPE extraction tool. RunPE type injection is a common technique used by malware to hide code within another process. It also happens to be the final stage in a lot of packers : NOTE: Frida now also supports extraction of injected PE files using the...

RIG Exploit Kit Delivering Monero Miner Via PROPagate Injection Technique

Introduction Through FireEye Dynamic Threat Intelligence DTI, we observed RIG Exploit Kit EK delivering a dropper that leverages the PROPagate injection technique to inject code that downloads and executes a Monero miner similar activity has been reported by Trend Micro. Apart from leveraging a...

A coin miner with a “Heaven’s Gate”

You might call the last two years the years of ransomware. Ransomware was, without a doubt, the most popular type of malware. But at the end of last year, we started observing that ransomware was losing its popularity to coin miners. It is very much possible that this trend will grow as 2018...

Gazer: A New Backdoor Targets Ministries and Embassies Worldwide

Security researchers at ESET have discovered a new malware campaign targeting consulates, ministries and embassies worldwide to spy on governments and diplomats. Active since 2016, the malware campaign is leveraging a new backdoor, dubbed Gazer, and is believed to be carried out by Turla advanced...

tgs cms 0.x (xss/sql/fd) Multiple Vulnerabilities

No description provided by source. | | | / | | / | | | \ / | | | / / | |/ \ / / |/ | |/| | | ' \ / | / / | | | | | | | | | | | | | |/ / ||//\||| |||| ||,/| +-+-+-+-+ |C|r|e|w| +-+-+-+-+ TGS CMS Cross Site Scripting,SQL injection,Blind SQL/XPath injection,Source code disclosure, Multiple...

Barracuda Networks Backup Appliance Cross Site Scripting

Document Title: =============== Barracuda Networks Backup Appliance Application - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=784 BARRACUDA NETWORK SECURITY ID: BNSEC-885 Release Date: ============= 2014-02-26 Vulnerabili...

myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique

myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique Software: myBloggie 2.1.6 Severity: High Author: Robin Verton info at robinverton dot de Date: Jun. 12 2011 Vendor: http://mybloggie.mywebland.com/ Software Description: "myBloggie is considered one of the most simple,...

Theeta CMS (Cross Site Scripting,SQL Injection) Multiple

No description provided by source. / \ / | | | \ / | | | | | | | | | | || | | | | | | | | '| | | | | | | | | | |/ \ / |/ / / | | | | || | || | || || | / || | | | / | | || / / |/ || ,|\|,| +-+-+-+-+ |C|r|e|w| +-+-+-+-+ Theeta CMS Cross Site Scripting,SQL Injection Multiple Vulnerabilities...

Coppermine Photo Gallery 1.3.x - Blind SQL Injection

"; $j = 1; $user = ""; while!strstr$user,chr0 for$x=0;$x "; $a = 1; $pass = ""; while!strstr$pass,chr0 for$i=0;$i255;$i++ $xpl = "'' OR 1=...

mybb-sql-115.php.txt

!/usr/bin/php -q -d shortopentag=on ? echo "MyBulletinBoard MyBB = 1.1.5 'CLIENT-IP' SQL injection / create new admin exploit\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork, version specific: "Powered By MyBB" "2006 MyBB Group"\n\n"; / works...

Moving-2 0 0 5 upload vulnerability-vulnerability warning-the black bar safety net

I haven't writtenthe article, this text is mainly to explain two techniques: one is the dexterity of the injection; the second is not into the background subtly Upload a WebShell to. Hope all my friends can draw inferences, inappropriate please master exhibitions. A, injection vulnerabilities...