89 matches found
AlienVault OSSIM ws_data SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AlienVault OSSIM. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ossim-framework service. The issue lies in the handling of the wsdata parameter d...
Eclipse.org SQL Injection
Vulnerability: Eclipse.org Error Based SQL Injection Authors: Shahmeer Amir And Rafay Baloch Company: RHA INFOSEC Website: http://services.rafayhackingarticles.net Url...
phpDealerLocator SQL Injection
Exploit Title: phpDealerLocator - Multiple SQL Injection vulnerabilities Date: 7/3/2011 Author: Robert Cooper adminatwebsiteauditing.org Software Link: phpdealerlocator.yourphppro.com Tested on: Linux/Windows 7 Vulnerable Parameters: record.php?DealerID= recordcountry.php?DealerID=...
Lessons Learned From the LizaMoon SQL Injection Attack
Last week, a large scale SQL Injection attack dubbed LizaMoon, referencing one of the domain names used in the attack, surfaced. This attack targets websites by injecting code that redirects visitors to a rogue anti-virus AV site. While on the AV site, visitors are presented with fake antivirus...
Kunena SQL Injection Vulnerability & Information Leakage
Vendor/Product: Kunena Vulnerable Versions: 1.5.14; 1.6.3 Vulnerability Type: SQL Injection & information leakage Risk level: High Vulnerability Details: Because parameterized queries were not used, and adequate input sanitization was not done on the catids parameter on the advanced search page, ...
Kunena SQL Injection
Vendor/Product: Kunena Vulnerable Versions: 1.5.14; 1.6.3 Vulnerability Type: SQL Injection & information leakage Risk level: High Vulnerability Details: Because parameterized queries were not used, and adequate input sanitization was not done on the catids parameter on the advanced search page, ...
Kunena < 1.5.13 / < 1.6.3 - SQL Injection
Vendor/Product: Kunena Vulnerable Versions: 1.5.14; 1.6.3 Vulnerability Type: SQL Injection & information leakage Risk level: High Vulnerability Details: Because parameterized queries were not used, and adequate input sanitization was not done on the catids parameter on the advanced search page, ...
Kunena 1.5.13 1.6.3 - SQL Injection
Kunena 1.5.13 1.6.3 - SQL Injection Vendor/Product: Kunena Vulnerable Versions: 1.5.14; 1.6.3 Vulnerability Type: SQL Injection & information leakage Risk level: High Vulnerability Details: Because parameterized queries were not used, and adequate input sanitization was not done on the catids...
OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass SQL Injection Persistent Cross-Site Scripting on FrontPage
OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass SQL Injection Persistent Cross-Site Scripting on FrontPage Author:Michael Brooks Rook Application:OpenClassifieds 1.7.0.3 download: http://open-classifieds.com/download/ Exploit chain:captcha bypass-sqliinsert-persistant xss on front page If...