5 matches found
Malicious code in dorado-leda-module-repository (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 473ac230a1d7605a528320678f1622a86249ae3a4271e3a13c1157044eb153a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
XOOPS Module Repository ViewCat.PHP SQL注入漏洞
XOOPS Module Repository是一款基于PHP的WEB应用程序。 XOOPS Module Repository不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可获得敏感信息。 问题是'ViewCat.PHP'脚本对用户提交的'cid'参数缺少过滤,提交恶意SQL代码作为参数数据,可导致更改原来的SQL逻辑,获得敏感信息。 Xoops Module Repository 目前没有解决方案提供: http://www.xoops.org/modules/repository/ http://www.sebug.net/show-exp-1622.html...
XOOPS Module Repository (viewcat.php) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================== XOOPS Module Repository viewcat.php Remote SQL Injection Exploit ================================================================== !/usr/bin/perl Script Name: XOOPS Module...
XOOPS Module Repository - viewcat.php SQL Injection
XOOPS Module Repository - viewcat.php SQL Injection !/usr/bin/perl Script Name: XOOPS Module Repository viewcat.php BLIND SQL Injection Exploit Coded by : ajann Author : ajann Dork : "inurl:/modules/repository/" Contact : : S.Page : http://www.xoops.org/ $$ : ?? . : Tested on xoops.org and...
XOOPS Module Repository - 'viewcat.php' SQL Injection
!/usr/bin/perl Script Name: XOOPS Module Repository viewcat.php BLIND SQL Injection Exploit Coded by : ajann Author : ajann Dork : "inurl:/modules/repository/" Contact : : S.Page : http://www.xoops.org/ $$ : ?? . : Tested on xoops.org and xoops.pr.gov.br .. : ajann,Turkey use IO::Socket; if@ARGV ...