Lucene search
K

64 matches found

myhack58
myhack58
added 2009/09/24 12:0 a.m.19 views

dedecms injection vulnerability affecting version 5. 3 – 5.5 Posted in php-vulnerability warning-the black bar safety net

Excerpt from: hacking notes dedecms5. 3 and 5. The 5-Series version, there is a major injection vulnerability, Please note the following offensive, only for research. Exploit this vulnerability to illegal activities, at your peril. Suppose domain name is: www. abc. com the attack steps are as...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2009/03/26 12:0 a.m.21 views

Acute Control Panel 1.0.0 RFI / SQL Injection

Acute Control Panel 1.0.0 RFI/SQL Injection Auth Bypass + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote File Inclusion Vulnerable code in container.php ----------------------------------------------------------- -----------------------------------------------------------...

0.6AI score
Exploits0
FreeBSD
FreeBSD
added 2008/04/22 12:0 a.m.31 views

serendipity -- multiple cross site scripting vulnerabilities

Hanno Boeck reports: The installer of serendipity 1.3 has various Cross Site Scripting issues. This is considered low priority, as attack scenarios are very unlikely. Various path fields are not escaped properly, thus filling them with javascript code will lead to XSS. MySQL error messages are no...

4.3CVSS6.5AI score0.04501EPSS
Exploits3References3
Exploit DB
Exploit DB
added 2008/02/20 12:0 a.m.39 views

Woltlab Burning Board 3.0.x - Blind SQL Injection

$char,BENCHMARK3000000,MD523,1"; // Edit 3000000 if the stuff doesn't work or taking long times. / Place here youre autologin cookie / $cookie = "wcfcookieHash=; wcfboardLastActivityTime=; wcfuserID=; wcfpassword=;"; $starttime = time; $connection = fsockopen$host, 80; fputs$connection, "GET:...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/11/28 12:0 a.m.17 views

Eurologon CMS Multiple Remote SQL Injection Vulnerabilities

No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / &nb...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/06/25 12:0 a.m.16 views

Pharmacy System 2.0 (index.php ID) Remote SQL Injection Vulnerability

No description provided by source. --==+================================================================================+==-- --==+ Pharmacy System v2 AND PRIOR SQL INJECTION VULNERBILITYS +==-- --==+================================================================================+==-- AUTHOR:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/06/24 12:0 a.m.15 views

Pharmacy System 2.0 - index.php?ID SQL Injection

Pharmacy System 2.0 - index.php?ID SQL Injection --==+================================================================================+==-- --==+ Pharmacy System v2 AND PRIOR SQL INJECTION VULNERBILITYS +==-- --==+================================================================================+==...

0.2AI score
Exploits0
0day.today
0day.today
added 2007/06/22 12:0 a.m.35 views

NetClassifieds (SQL/XSS/Full Path) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ================================================================== NetClassifieds SQL/XSS/Full Path Multiple Remote Vulnerabilities ================================================================== Application: NetClassifieds: -Free Editi...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/06/20 12:0 a.m.63 views

LiveCMS 3.4 - categoria.php?cid SQL Injection

LiveCMS 3.4 - categoria.php?cid SQL Injection !/usr/bin/perl / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title LiveCMS = 3.4 SQL Injection, Absolute Path Disclosure, XSS Injection, Arbitrary File...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2007/04/12 12:0 a.m.37 views

MyBulletinBoard (MyBB) 1.2.2 - CLIENT-IP SQL Injection

MyBulletinBoard MyBB 1.2.2 - CLIENT-IP SQL Injection !/usr/bin/perl LOGO Mybb = 4.1 wwork: blind sql-inj ggoogle: Powered By MyBB coded by Elekt antichat.ru Coments Описание: Работа эксплойта основана на sql-инъекции в HTTPCLIENTIP...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/02/26 12:0 a.m.113 views

sitex multiple vulnerabilities

global risk:critical upload vulnerability: in user profile upload an avatar with a double extension like : file.php.jpg once it's done,you gone get an error like:Fatal error: Call to undefined function imagedestroy in /. but the last extension jpg will be removed by the script, and stored in :...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2006/06/26 12:0 a.m.35 views

v3chatIM.txt

V3 Chat Instant Messenger http://www.v3chat.com/ Affected files: /mail/index.php /mail/reply.php isonline.php online.php profile.php profileview.php search.php mycontacts.php expire.php Editing your profile: - input boxes ------------------------------------------ Mail Vulnerabilities: Full path...

7.4AI score
Exploits0
Prion
Prion
added 2006/03/09 1:6 p.m.15 views

Design/Logic Flaw

Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message...

5CVSS6.6AI score0.03127EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2006/03/09 1:6 p.m.12 views

Sql injection

Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "/" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection...

7.5CVSS7.9AI score0.01154EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2006/03/09 1:6 p.m.14 views

CVE-2006-1112

Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message...

5CVSS6AI score0.03127EPSS
Exploits1References5
Cvelist
Cvelist
added 2006/03/09 11:0 a.m.21 views

CVE-2006-1112

Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message...

6AI score0.03127EPSS
Exploits1References5
Cvelist
Cvelist
added 2006/03/09 11:0 a.m.18 views

CVE-2006-1111

Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "/" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection...

7.1AI score0.01154EPSS
Exploits1References5
securityvulns
securityvulns
added 2006/03/03 12:0 a.m.23 views

AZTEK forums 4.0 multiple vulnerabilities (PoC)

/==========================================/ // AZTEK forums 4.0 multiple vulnerabilities PoC // Product: AZTEK forums // URL: http://www.forum-aztek.com/ // RISK: high /==========================================/ PoC 1- XSS - Post a message including the following line:...

Exploits0
exploitpack
exploitpack
added 2006/03/02 12:0 a.m.10 views

Aztek Forum 4.00 - Cross-Site Scripting SQL Injection

Aztek Forum 4.00 - Cross-Site Scripting SQL Injection /==========================================/ // AZTEK forums 4.0 multiple vulnerabilities PoC // Product: AZTEK forums // URL: http://www.forum-aztek.com/ // RISK: high /==========================================/ PoC 1- XSS - Post a message...

0.6AI score
Exploits0
0day.today
0day.today
added 2006/03/02 12:0 a.m.107 views

Aztek Forum 4.00 (XSS/SQL) Multiple Vulnerabilities (PoC)

Exploit for unknown platform in category web applications ========================================================= Aztek Forum 4.00 XSS/SQL Multiple Vulnerabilities PoC ========================================================= /==========================================/ // AZTEK forums 4.0...

7.1AI score
Exploits0
Rows per page
Query Builder