1445 matches found
PHPEasyData 1.5.4 - admin/login.php username Field SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/29659/info PHPEasyData is prone to multiple SQL-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage the cross-site scripting issues to...
Infront SQL Injection Vulnerability
No description provided by source. Exploit Title: Infront SQL Injection Vulnerability Date: 12-06-2010 Author: TheMaster [email protected] Software Link: http://www.infront.com/ Version: N/A Tested on: Windows XP SP3 Author : TheMaster [email protected] Dork : intext:Powered by Infront Type of attack :...
GLLCTS2 <= 4.2.4 - (login.php detail) SQL Injection Exploit
No description provided by source. ?php / 08000000088@M@@@M@2ZZZ8@aZX;ii,,:,iir777777777777777777777777r;i:, i ,@X:i:0a7 BMMM88000000000 08888888882aMMMMM,SZZ0WZ ........ 7a2MMMMM : MMM@aZ888888888 08888888888WMMMMM78aSXi XBMMMMMMMMMMMMMM2: MB.X:. ,SMMMMMMMMMMMM. r: MMM0a8888888888...
MemHT Portal 4.0.1 - SQL Injection Code Execution Exploit
No description provided by source. !/usr/bin/perl =about MemHT 4.0.1 Perl exploit AUTHOR discovered & written by Ams ax330d doggy gmail dot com VULN. DESCRIPTION: Due to weak params filtering we are able to make SQL-Injection. So, 1. Look at 'inc/ajax/ajaxrating.php', line 29. It is not enough to...
phpwcms <= 1.2.6 (Cookie: wcs_user_lang) Local File Include Exploit
No description provided by source. ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...
Koobi Pro 6.1 - Gallery (img_id)
No description provided by source. Koobi Pro v6.1 gallery imgid AUTHOR : BILGEKAGAN HOME : http://www.1923turk.biz DORK 1 : allinurl: index.php?p=gallerypic imgid EXPLOiT: index.php?p=gallerypic&imgid=-1+union+select+0,1,2,concatemail,0x3a,pass,4,5,6,7,8+from+kpro6user aDMN PANEL: admin/login.php...
AckerTodo 4.2 Login.PHP Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/20372/info ackerTodo is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an attacker t...
Dark Hart Portal (login.php) Remote File Inclusion Vulnerability
No description provided by source. ------------------------------------------------------------------------------------- Dark Portal login.php Remote File Inclusion Vulnerability ------------------------------------------------------------------------------------- Author: CoBRa21 Mail:...
ourvideo CMS 9.5 phpi/login.php XSS Vulnerabilities
No description provided by source...
UBBCentral UBB.threads 6.2.3/6.5 login.php Cat Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/11900/info It is reported that UBB.threads is affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied URI input prior to including...
ShopWeezle 2.0 login.php itemID Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17441/info ShopWeezle is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. A successful exploit...
Spaminator <= 1.7 (page) Remote File Include Vulnerability
No description provided by source. Spaminator 1.7. $page Remote File Include CreW: ToXiC BuG Found By Drago84 SourcE CodE: http://freshmeat.net/redir/spaminator/16281/urltgz/spaminator-1.7.tar.gz Page Affect is: /src/Login.php Problem is include $page.php; Path : Declare $page ExpL:...
myBloggie 2.1.5 login.php PATH_INFO Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22097/info MyBloggie is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...
acute control panel 1.0.0 (sql/rfi) Multiple Vulnerabilities
No description provided by source. + Acute Control Panel 1.0.0 RFI/SQL Injection Auth Bypass + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote File Inclusion Vulnerable code in container.php ----------------------------------------------------------- ?php...
Invision Power Board <= 1.3.1 Login.PHP SQL Injection (working)
No description provided by source. ?php / = 1.3.1 Final /str0ke / $server = SERVER; $port = 80; $file = PATH; $target = 81; / User id and password used to fake-logon are not important. '10' is a random number. / $id = 10; $pass = ; $hex = 0123456789abcdef; for$i = 1; $i = 32; $i++ $idx = 0; $foun...
Indexu 5.0/5.3 login.php error_msg Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22084/info Indexu is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code execute in the...
4xcms 'login.php' Multiple SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/39840/info 4xcms is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting these issues could allow an attacker to compromi...
PunBB Mod PunPortal 0.1 - Local File Inclusion Exploit
No description provided by source. !/usr/bin/perl =about PunBB PunPortal 0.1 Local File Inclusion Exploit -------------------------------------------------- by athos - stakerathotmaildotit download mod http://www.punres.org/download.php?id=1108 download cms http://punbb.org register globals = 1...
psipuss 1.0 - Multiple Remote SQL Injection Vulnerabilities
No description provided by source. ...:::::psipuss version 1.0 SQL Injection Vulnerabilities ::::.... Virangar Security Team www.virangar.net www.virangar.ir -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all...
WebCalendar 0.9.x Multiple Module SQL Injection Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/8540/info It has been reported that WebCalendar may be prone to multiple SQL injection issues in the viewt.php, vieww.php, viewv.php, and login.php modules of the software. The problems arise from a lack of sufficient...