NewsLetter MX 1.0.2 - ID SQL Injection

NewsLetter MX 1.0.2 - ID SQL Injection !/usr/bin/perl Script Name: Newsletter MX : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User : "; $ID = ; chop $ID; if $ID = /exit/ print "--...

Newsletter MX <= 1.0.2 (ID) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================== Newsletter MX : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User : "...

NewsLetter MX 1.0.2 - &#039;ID&#039; SQL Injection

!/usr/bin/perl Script Name: Newsletter MX : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User : "; $ID = ; chop $ID; if $ID = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit;...

Calendar MX BASIC &lt;= 1.0.2 (ID) Remote SQL Injection Vulnerability

No description provided by source. Title : Calendar MX BASIC = 1.0.2 ID Remote SQL Injection Vulnerability Author : ajann Contact : : $$ : Free SQL--------------------------------------------------------- http://target/path//calendardetail.asp?ID=SQL Example:...

Calendar MX BASIC 1.0.2 - ID SQL Injection

Calendar MX BASIC 1.0.2 - ID SQL Injection Title : Calendar MX BASIC = 1.0.2 ID Remote SQL Injection Vulnerability Author : ajann Contact : : $$ : Free SQL--------------------------------------------------------- http://target/path//calendardetail.asp?ID=SQL Example:...

Calendar MX BASIC 1.0.2 - &#039;ID&#039; SQL Injection

Title : Calendar MX BASIC = 1.0.2 ID Remote SQL Injection Vulnerability Author : ajann Contact : : $$ : Free SQL--------------------------------------------------------- http://target/path//calendardetail.asp?ID=SQL Example:...

mxbb module charts 1.0.0 - Remote File Inclusion

mxbb module charts 1.0.0 - Remote File Inclusion Title : mxBB Module Charts = 1.0.0modulerootpath Remote File Include Vulnerability Author : ajann Contact : : S.Page : http://www.mx-system.com ERROR------------------------------------------------------ .... .. include$modulerootpath...

mxBB Module WebLinks 2.05 - Remote File Inclusion

mxBB Module WebLinks 2.05 - Remote File Inclusion Title : mxBB Module WebLinks = 2.05mxrootpath Remote File Include Vulnerability Author : ajann Contact : : S.Page : http://www.mx-system.com Dork : /modules/mxlinks/ ERROR------------------------------------------------------ .... .. includeonce...

mxBB Module WebLinks <= 2.05 Remote Inclusion Vulnerability

Exploit for unknown platform in category web applications =========================================================== mxBB Module WebLinks = 2.05 Remote Inclusion Vulnerability =========================================================== Title : mxBB Module WebLinks = 2.05mxrootpath Remote File...

mxBB Module WebLinks 2.05 - Remote File Inclusion

Title : mxBB Module WebLinks = 2.05mxrootpath Remote File Include Vulnerability Author : ajann Contact : : S.Page : http://www.mx-system.com Dork : /modules/mxlinks/ ERROR------------------------------------------------------ .... .. includeonce $mxrootpath...

CVE-2006-6483

Affected software : Adobe ColdFusion MX 7.x before 7.0.2. Vulnerability : improper sanitization of HTML tags when mitigating XSS, allowing a NULL byte (%00) in certain tags to bypass filters and inject arbitrary web script or HTML. Impact : remote attacker could execute script in the context of t...

CVE-2006-6295

PHP remote file inclusion vulnerability in includes/mxcommon.php in the mxtinies 1.3.0 Module for MxBB Portal 1.06 allows remote attackers to execute arbitrary PHP code via a URL in the modulerootpath parameter...

mxBB Module calsnails 1.06 - &#039;mx_common.php&#039; File Inclusion

mxBB calsnails module 1.06 Remote File Inclusion Vulnerability Bugfounder: bd0rk || SOH-Crew Website: www.soh-crew.it.tt Gr33tings: nukedx, DeeJay, TheJT, str0ke Mod-Download: http://www.mx-system.com/modules/mxpafiledb/dload.php?action=download&fileid=21 Vulnerable Code: includeonce$modulerootpa...

MX Smartor Album Module Remote File Include

MX Smartor Album Module Remote File Include Discovered by Paul Bakoyiannis winsec ------------------------------------------------- Vulnerable Code: if $mode == 'albumcat' include$modulerootpath. 'includes/albumcat.'.$phpEx; the rest of the vulnerable code removed for brevity Vulnerability:...

ColdFusion MX Remote Development Service Exploit

No description provided by source. !/usr/bin/perl RDScDump.pl By angry packet THIS IS AN UNPATCHED VULNERABILITY - THIS IS AN UNPATCHED VULNERABILITY ColdFusion 6 MX Server does several things in order to get remote dir structure so we will need to recreate these functions. This is a "almost"...

CVE-2006-3978

The CVE-2006-3978 entry covers an unspecified vulnerability in a Verity third‑party library used by Adobe ColdFusion MX 7 through MX 7.0.2 (and possibly other products). The vulnerability is described as allowing local users to execute arbitrary code via unknown attack vectors, i.e., a local priv...

CVE-2006-4725

Adobe ColdFusion MX 7 and 7.01 are affected by an issue that allows local users to bypass security restrictions and call components (CFC) within a sandbox from CFML templates located outside the sandbox. Affected product: ColdFusion MX 7/7.01. Underlying cause: sandbox bypass enabling access to C...

CVE-2006-4725

Adobe ColdFusion MX 7 and 7.01 allows local users to bypass security restrictions and call components CFC within a sandbox from CFML templates that are located outside of the sandbox...

CVE-2006-3979

The AdminAPI of ColdFusion MX 7 allows attackers to bypass authentication by using "programmatic access" to the adminAPI instead of the ColdFusion Administrator...

CVE-2006-3979

CVE-2006-3979 affects ColdFusion MX 7 AdminAPI, where attackers can bypass authentication by using programmatic access to the adminAPI instead of the ColdFusion Administrator. The NVD entry assigns a CVSSv2 base score of 7.2 (HIGH) with local attack vector, low attack complexity, no authenticatio...