21 matches found
myBloggie <= 2.1.4 (trackback.php) Multiple SQL Injections Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo MyBloggie = 2.1.4 trackback.php multiple SQL injections vulnerability /\n; echo administrative credentials disclosure exploit\n; echo by rgod [email protected]\n; echo site: http://retrogod.altervista.org\n\n; / works...
FlexBB <= 0.6.3 Cookies Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl use Tk; use Tk::BrowseEntry; use Tk::DialogBox; use LWP::UserAgent; $mw = new MainWindowtitle = UnderWHAT?! ; $mw-geometry '420x343' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 8',-foreground='red'-pack; $mw-Label-text = 'FlexBB =...
Docebo <= 3.5.0.3 (lib.regset.php/non-blind) SQL Injection Exploit
No description provided by source. ?php printr' ----------------------------------------------------------------------------- Docebo Suite = 3.5.0.3 lib.regset.php/non-blind SQL injection exploit by rgod bug found by EgiX working with Mysql = 4.1 PHP 5.X needed by Docebo regardless of php.ini...
Web Wiz Forums 9.68 SQLi Vulnerability
No description provided by source. ========================================= Web Wiz Forums 9.68 SQLi Vulnerability ========================================= Name : Web Wiz Forums 9.68 SQLi Vulnerability Date : june, 9 2010 Vendor url :http://www.webwiz.co.uk/webwizforums/ Platform: Windows...
exV2 <= 2.0.4.3 - (sort) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? printr' ------------------------------------------------------------------------------- exV2 = 2.0.4.3 sort SQL injection / administrative credentials disclosure exploit mail: [email protected] site:...
MYSQL UDF - Can't open shared library studies-vulnerability and early warning-the black bar safety net
Ninty 's blog mysqlin support of the UDF extension, so that we can call the DLL inside the function to achieve some special features. But for the UDF specific limits, MYSQL versions are different. The following recording: I heard, just heard, didn't do testing on MYSQL 4.1 previously, can be all...
glFusion <= 1.1.2 COM_applyFilter()/order sql injection exploit
?php / glFusion = 1.1.2 COMapplyFilter/order sql injection exploit by Nine:Situations:Group::bookoo working against Mysql = 4.1 php.ini independent our site: http://retrogod.altervista.org/ software site: http://www.glfusion.org/ google dork: "Page created in" "seconds by glFusion" +RSS...
Discuz! 6.0.1 - searchid SQL Injection
Discuz! 6.0.1 - searchid SQL Injection =5 & mysql=4.1 BY james +------------------------------------------------------------------+ "; if$argc4 $host=$argv1; $port=$argv2; $path=$argv3; $uid=$argv4; else echo "Usage: php ".$argv0." host port path uid\n"; echo "host: target server \n"; echo "port:...
Seditio CMS 121 - SQL Injection
Seditio CMS 121 - SQL Injection = 4.1, magicquotesgpc=Off echo "------------------------------------------------------------\n"; echo "Seditio CMS - use specific prefix default sed\n"; echo "-id= - use specific user id default 1\n\n"; echo "examples:\n"; echo "php $argv0 http://site.com/ -p=cms\n...
Seditio CMS <= 121 Remote SQL Injection Exploit
Exploit for unknown platform in category web applications =============================================== Seditio CMS = 4.1, magicquotesgpc=Off echo "------------------------------------------------------------\n"; echo "Seditio CMS - use specific prefix default sed\n"; echo "-id= - use specific...
Vanilla 1.1.3 - Blind SQL Injection
= 4.1, magicquotesgpc=Off Tested on versions 1.1.3, 1.1.2, 1.0.1 echo "------------------------------------------------------------\n"; echo "Vanilla - use specific prefix default LUM\n"; echo "-id= - use specific user id default 1\n"; echo "-c= - benchmark's loop count default 300000\n"; echo "-...
MyBulletinBoard (MyBB) <= 1.2.2 (CLIENT-IP) SQL Injection Exploit
No description provided by source. !/usr/bin/perl LOGO Mybb = 1.2.2 Remote SQL Injecton Exploit v.2.0 uused: SQL CLIENTIP vulnerability !need: Mysql = 4.1 wwork: blind sql-inj ggoogle: Powered By MyBB coded by Elekt antichat.ru Coments ОпиÑание: Работа ÑкÑплойта...
Woltlab Burning Board Lite 1.0.2pl3e - pms.php SQL Injection
Woltlab Burning Board Lite 1.0.2pl3e - pms.php SQL Injection = 4.1 / if $argc6 printr' ------------------------------------------------------------------------------- Usage: php '.$argv0.' host path user pass action OPTIONS host: target server ip/hostname path: path to wbblite user/pass: valid us...
[SECURITY] [DSA 1092-1] New MySQL 4.1 packages fix SQL injection
-------------------------------------------------------------------------- Debian Security Advisory DSA 1092-1 [email protected] http://www.debian.org/security/ Martin Schulze June 8th, 2006 http://www.debian.org/security/faq -...
Mandrake Linux Security Advisory : MySQL (MDKSA-2006:097)
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysqlrealescape function is...
CVE-2006-2753
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 and 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysqlrealescape function is...
MySQL 4.1.18/5.0.20 - Local/Remote Information Leakage
/ April 21.st 2006 myanondbleak.c MySql Anonimous Login Memory Leak MySql / we need MSGWAITALL - that's why this ugly ifdef, why doesn't glibc2 have MSGWAITALL in its ?? / ifdef linux include else include endif include include include include include include include include include include includ...
USN-180-2: MySQL 4.1 vulnerability
USN-180-1 fixed a vulnerability in the mysql-server package which ships version 4.0. Version 4.1 is vulnerable against the same flaw. Please note that this package is not officially supported in Ubuntu 5.10. Origial advisory: "AppSecInc Team SHATTER discovered a buffer overflow in the "CREATE...
Mambo 4.5.2.1 - SQL Injection
Mambo 4.5.2.1 - SQL Injection !/usr/bin/perl Mambo 4.1 sql injection exploit by RST/GHC coded by 1dt.w0lf , 21.06.05 http://rst.void.ru , http://ghc.ru use IO::Socket; if @ARGV 0 print qq\b\b DONE --------------------------------------------------------------- USER ID : $memberid HASH : $allchar...
MercuryBoard 1.1.4 - SQL Injection
MercuryBoard 1.1.4 - SQL Injection !/usr/bin/perl MercuryBoard 4.1 sql injection exploit by RST/GHC note: you need first register on forum for get id and login after what logout from forum and run exploit note2: edit timestamp in sources if exploit not work ; coded by 1dt.w0lf RST/GHC -...