6335 matches found
Tribisur 2.0 - SQL Injection
!/usr/bin/php -q And now the bugged code :- : So we can exploit it with this simple PoC: forum.php?action=liste&cat=-1+union+select+0,concatpseudo,0x3a,passe,0,0,0,0,0,0,0,0+from+utiliz+where+id=1 Bug 2 in catmain.php : So like the first we can exploit it with:...
blakord-sql.txt
--==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ Blakord Portal = 0 Exploit2: http://localhost/path/any module?id=1 and exists select from TABLE Example: http://localhost/path/any module?id=1 AND SELECT Count FROM users = 0 Example2:...
CVE-2007-6545
Multiple cross-site scripting XSS vulnerabilities in RunCMS before 1.6.1 allow remote attackers to inject arbitrary web script or HTML via 1 the subject parameter to modules/news/submit.php; 2 the PATHINFO to modules/news/index.php, possibly related to the XoopsPageNav class; or 3 an avatar image...
runcms-sqlids.txt
// / RUNCMS 1.6 BLIND SQL Injection Exploit + IDS evasion / // / exploit get hash of admin password / / / / Exploit is invisible for / / RUNCMS sql injection detecting mechanism / // // / tested on RUNCMS english version 1.6 / // // / Date of Public EXPLOIT: December 25, 2007 / / Written by:...
runcms-sql.txt
// / RUNCMS 1.6 BLIND SQL Injection Exploit get Admin Cookie / // / exploit get admin cookie that can be used / / to login by pasting it into browser Opera / / and then get access to Admin session / / and change Admins password / / / // // / tested on RUNCMS english version 1.6 / // // / Date of...
Blakord Portal <= Beta 1.3.A (all modules) Blind Sql Injection
Blakord Portal = Beta 1.3.A all modules Blind Sql Injection. + Info: Software: Blakord Portal HomePage: http://www.cdv3k.com Exploit: Blind Sql Injection High Where: All Modules Bug Found By: JosS / Jose Luis Gуngora Fernбndez Contact: sys-projectathotmail.com Web: http://www.spanish-hackers.com...
Blakord Portal <= Beta 1.3.A (all modules) SQL Injection Vulnerability
No description provided by source. --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ Blakord Portal = Beta 1.3.A all modules Blind Sql Injection +==-- --==+===================================================================================+==-- +...
Blakord Portal Beta 1.3.A (All Modules) - SQL Injection
Blakord Portal Beta 1.3.A All Modules - SQL Injection --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ Blakord Portal = 0 Exploit2: http://localhost/path/any module?id=1 and exists select from TABLE Example: http://localhost/path/any module?id=1 A...
RunCMS 1.6 Remote Blind SQL Injection Exploit (IDS evasion)
No description provided by source. // / RUNCMS 1.6 BLIND SQL Injection Exploit + IDS evasion / // / exploit get hash of admin password / / / / Exploit is invisible for / / RUNCMS sql injection detecting mechanism / // // / tested on RUNCMS english version 1.6 / // // / Date of Public&...
RunCMS 1.6 Remote Blind SQL Injection Exploit (IDS evasion)
Exploit for unknown platform in category web applications =========================================================== RunCMS 1.6 Remote Blind SQL Injection Exploit IDS evasion =========================================================== // / RUNCMS 1.6 BLIND SQL Injection Exploit + IDS evasion / /...
FreeBSD : gallery2 -- multiple vulnerabilities (4aab7bcd-b294-11dc-a6f0-00a0cce0781e)
The Gallery team reports : Gallery 2.2.4 addresses the following security vulnerabilities : - Publish XP module - Fixed unauthorized album creation and file uploads. - URL rewrite module - Fixed local file inclusion vulnerability in unsecured admin controller and information disclosure in hotlink...
RunCMS 1.6 - Blind SQL Injection (IDS Evasion)
// / RUNCMS 1.6 BLIND SQL Injection Exploit + IDS evasion / // / exploit get hash of admin password / / / / Exploit is invisible for / / RUNCMS sql injection detecting mechanism / // // / tested on RUNCMS english version 1.6 / // // / Date of Public EXPLOIT: December 25, 2007 / / Written by:...
Analysis of Linux Backdoor techniques and practices-the vulnerability of early warning-the black bar safety net
| | Page 1 of: analysis of the Linux Backdoor technique and practice methods --- | --- The back door introduction The intruder complete control of the system, to facilitate the next time you enter and use a technology. Generally by modifying system configuration files and installation of...
gallery2 -- multiple vulnerabilities
The Gallery team reports: Gallery 2.2.4 addresses the following security vulnerabilities: Publish XP module - Fixed unauthorized album creation and file uploads. URL rewrite module - Fixed local file inclusion vulnerability in unsecured admin controller and information disclosure in hotlink...
kernel security update
CentOS Errata and Security Advisory CESA-2007:1104 Updated kernel packages that fix various security issues and several bugs in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix various security issues and several bugs in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...
CVE-2007-6310
Multiple cross-site scripting XSS vulnerabilities in Falt4Extreme RC4 10.9.2007 allow remote attackers to inject arbitrary web script or HTML via the handler parameter to 1 index.php and possibly 2 admin/index.php, and 3 the topic parameter to modules/feed/feed.php aka modules/feed.php...
[SECURITY] Fedora 7 Update: eggdrop-1.6.18-12.fc7
Eggdrop is the world's most popular Open Source IRC bot, designed for flexibility and ease of use. It is extendable with Tcl scripts and/or C modules, has support for the big five IRC networks and is able to form botnets, share partylines and userfiles between bots...
CVE-2007-6299
Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x before 4.7.9 and 5.x before 5.4 allow remote attackers to execute arbitrary SQL commands via modules that pass input to the taxonomyselectnodes function, as demonstrated by the 1 taxonomymenu, 2 ajaxLoader, and 3 ubrowser...
CVE-2007-6299
Multiple SQL injection vulnerabilities in Drupal and vbDrupal 4.7.x before 4.7.9 and 5.x before 5.4 allow remote attackers to execute arbitrary SQL commands via modules that pass input to the taxonomyselectnodes function, as demonstrated by the 1 taxonomymenu, 2 ajaxLoader, and 3 ubrowser...