Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass Vulnerability

Exploit for php platform in category web applications Exploit Title: Web Based Online Hotel Booking System 0.1.0 - Authentication Bypass Exploit Author: KeopssGroup0day,Inc Vendor Homepage: https://github.com/mrzulkarnine/Web-based-hotel-booking-system Software Link:...

TopicsViewer 3.0 Beta 1 SQL Injection

TopicsViewer v3.0 Beta 1 - Multiple Sql Injection Vulnerabilty =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script : http://www.topicsviewer.com/...

Easy POS System SQL Injection

Exploit: Easy POS System - SQL Injection + Author: vinicius777 + Contact: vinicius777 AT gmail @vinicius777 + Vendor Homepage: http://sourceforge.net/projects/easypossystem/ 1 Sql Injection POST Time Based Blind Note: Time based Injection on POST requests using burp, as output indicated. You...

RTTucson Quotations Database Script - Authentication Bypass

RTTucson Quotations Database Script - Authentication Bypass RTTucson Quotations Database Script Auth Bypass SQL Injection Vulnerability By cr4wl3r http://bastardlabs.info Script: http://www.rttucson.com/files.html Bugs found /quotations/admin/include/login.php --------------------------- 36 if...

Filmis 0.2 Beta Cross Site Scripting / SQL Injection

=================================================================================== Filmis - Version 0.2 Beta SQL Injection and XSS Vulnerabilities =================================================================================== Exploit Title: Filmis - Version 0.2 Beta SQL Injection and XSS...

WordPress Plugin Couponer 1.2 - SQL Injection

Exploit Title: WordPress Couponer plugin = 1.2 SQL Injection Vulnerability Date: 2011-08-31 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/couponer.zip Version: 1.2 tested Note: magicquotes has to be turned off --- PoC ---...

BPanel <= 2.8 BETA2 SE XSS / SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ========================================================== BPanel Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 + Discovered By :...

GDL 4.x (node) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================= GDL 4.x node Remote SQL Injection Vulnerability ================================================= Discovered by g4t3w4y transitory only...

Butterfly Organizer 2.0.1 (view.php id) SQL Injection Vulnerability

No description provided by source. 0x01 Informations: Name : Butterfly Organizer 2.0.1 Sql Injection Download : http://www.hotscripts.com/jump.php?listingid=72677&jumptype=1 Vulnerability : Remote Sql Injection Author : Osirys Contact : osirysatlivedotit Notes : Proud to be Italian : Same bug of...

faqmanager-sql.txt

+---------------------------------------------------------------------------------------+ | | | FAQ Manager 1.2 categorie.php catid Remote SQL Injection Vulnerability | | Bug found by cOndemned | | | | Script site : http://www.4yoursite.nl/scriptfaqmanager.php | | | | Greetz: ZaBeaTy, str0ke,...

mystats-multi.txt

myStats hits.php Multiple Remote Vulnerabilities Exploit url: http://mywebland.com/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk. Author will be not responsible for...

myStats (hits.php) Multiple Remote Vulnerabilities Exploit

Exploit for unknown platform in category web applications ========================================================== myStats hits.php Multiple Remote Vulnerabilities Exploit ========================================================== myStats hits.php Multiple Remote Vulnerabilities Exploit url:...

mystats - hits.php Multiple Vulnerabilities

mystats - hits.php Multiple Vulnerabilities myStats hits.php Multiple Remote Vulnerabilities Exploit url: http://mywebland.com/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your...

ktools-sql.txt

'/ -.- -------------------------oOO------OOo------------------------- | Ktools Photostore = v3.5.2 crumbs.php Remote SQL Injection | | works only with magic quotes = off | | coded by DNX | ----------------------------------------------------------------- ! Discovered.: DNX ! Vendor.....:...

auracms-blindsql.txt

!/usr/bin/perl -w Indonesian Newhack Security Advisory ------------------------------------ AuraCMS 2.x online.php - Remote Blind SQL Injection Exploit Waktu : Feb 15 2008 01:00PM Software : AuraCMS Versi : 2.0 2.1 2.2.1 Vendor : http://www.auracms.org/ ------------------------------------ Audit...

Battle.net Clan Script for PHP 1.5.1 - SQL Injection

Battle.net Clan Script for PHP 1.5.1 - SQL Injection script : Battle.net Clan Script 1.5 file : login.php attack : injection sql auteur : h a c k e r X code : ------------------------------------------------------------------------------------------ line 9 -- $user = $POST'user'; line 10-- $pass ...

ig shop 1.0 - Code Execution SQL Injection

ig shop 1.0 - Code Execution SQL Injection "If eval is the answer, then you are asking the wrong question." --Unknowen ig-shop suffers from two eval's that can be controlled by an attacker: http://127.0.0.1/igshop/cart.php?action=;phpinfo;// ./cart.php line 692: eval "cart$action;";...

Query: BID 6273: PortailPhp SQL Injection Vulnerability.

Hi, Posting on vuln-dev too since this has a generic PHP-MySQL SQL Injection Vuln question as well. I was working on this vulnerability. I came across the following advisory on SecurityFocus-BugTraq: http://online.securityfocus.com/archive/1/301572 I find that Php's mysqlquery only allows one SQL...