EUVD-2007-3111

Malware in sbrugna...

EUVD-2007-2884

Malware in sbrugna...

Shop7z v2.9 News.asp 文件 l_id 参数 SQL注入漏洞

No description provided by source...

shop7z 注入漏洞2

简要描述： shop7z 注入漏洞2 详细说明： News.asp 漏洞证明： 测试 192.168.236.131/news.asp?lid=1' http://www.shop7z.com/Demo/news.asp?lid=1%27...

Quantum Art QP7.Enterprise news.asp p_news_id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/16022/info QP7.Enterprise is prone to multiple SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful...

Prominent Technologies CMS SQL Injection

Exploit Title : prominenttech Cms Sql Injection Vulnerabilitiy Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://www.prominenttech.com Security Risk : High Version : All Version Tested on : GNU/Linux Ubuntu - Windows Server - win7 Dork : "Powered by...

RaksoCT SQL Injection

Title : RaksoCT Web Design Vulnerable to Multiples SQL Injection Web : http://raksoct.com/ Found By : p0pc0rn 25/02/2011 Blind SQL ---------- 1 - Parameter gallerydetails.asp?aid=Blind SQL POC --- http://site.com//gallerydetails.asp?aid=12' and '1'='1 TRUE...

DibiWeb (News.asp) SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================== DibiWeb News.asp SQL Injection Vulnerability ============================================== Exploit Title: DibiWeb News.asp SQL Injection Vulnerability Software Site: http://www.dibiweb.it/ CVE :...

ArticleLive (Interspire Website Publisher) - SQL Injection

ArticleLive Interspire Website Publisher - SQL Injection Author : ra3ch Product : ArticleLive Interspire Website Publisher Price : N/A Site : www.dz4all.com/cc Dork : "Website by Spokane Web Communications" Risk : High Vulnerable script: news.asp?id= SQL-injection...

Unfixed XSS vulnerability at www.sunway.com.my

Security researcher DerickTham, has submitted on 18/12/2007 a cross-site-scripting XSS vulnerability affecting www.sunway.com.my, which at the time of submission ranked 87836 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/01/2008. It is...

Sql injection

SQL injection vulnerability in news.asp in Kartli Alisveris Sistemi aka Free-PayPal-Shopping-Cart 1.0 allows remote attackers to execute arbitrary SQL commands via the newsid parameter...

CVE-2007-3119

CVE-2007-3119 describes a SQL injection vulnerability in the News feature (news.asp) of Kartli Alisveris Sistemi (aka Free-PayPal-Shopping-Cart) version 1.0. The flaw allows an attacker to craft the news_id parameter to execute arbitrary SQL commands on the backend database. The description expli...

CVE-2007-2892

CVE-2007-2892 affects ASP-Nuke 2.0.7, specifically the news.asp module. The vulnerability is a cross-site scripting (XSS) flaw that allows a remote attacker to inject arbitrary web script or HTML via the id parameter. The provided sources describe the impact as allowing script injection but do no...

CVE-2007-2892

Cross-site scripting XSS vulnerability in news.asp in ASP-Nuke 2.0.7 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

MiniNukeSQL.txt

--Security Report-- Advisory: MiniNuke CMS System http://site/news.asp?Action=Print&hid=SQLQuery http://www.miniex.net/news.asp?Action=Print&hid=66%20union+select+0,sifre,0,0,0,0,0,0,0,0+from+members+where+uyeid=52 Columns of MEMBERS: uyeid = userid sifre = md5 password hash gsoru = secret...

MiniNuke <= 1.8.2 (news.asp hid) SQL Injection Exploit

Exploit for unknown platform in category web applications ====================================================== MiniNuke new Proto = "tcp", PeerAddr = $proxyAddr?"$proxyAddr":"$serv", PeerPort = $proxyPort?"$proxyPort":"80" || die "can't connect to: $serv\n";...

MiniNuke &lt;= 1.8.2 (news.asp hid) SQL Injection Exploit

No description provided by source. !/usr/bin/perl MiniNuke www.miniex.net Version: = 1.8.2 SQL-injection exploit. This exploit uses the vulnerability discovered by [email protected]. Exploit uses SQl-injection to give you the hash from user with chosen id. DetMyl, 2006 [email protected] use IO::Socket...