Lucene search
K

89 matches found

Zero Day Initiative
Zero Day Initiative
added 2014/08/01 12:0 a.m.27 views

AlienVault OSSIM ws_data SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AlienVault OSSIM. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ossim-framework service. The issue lies in the handling of the wsdata parameter d...

7.5CVSS7.5AI score0.01264EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2013/11/15 12:0 a.m.27 views

Eclipse.org SQL Injection

Vulnerability: Eclipse.org Error Based SQL Injection Authors: Shahmeer Amir And Rafay Baloch Company: RHA INFOSEC Website: http://services.rafayhackingarticles.net Url...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2011/07/03 12:0 a.m.29 views

phpDealerLocator SQL Injection

Exploit Title: phpDealerLocator - Multiple SQL Injection vulnerabilities Date: 7/3/2011 Author: Robert Cooper adminatwebsiteauditing.org Software Link: phpdealerlocator.yourphppro.com Tested on: Linux/Windows 7 Vulnerable Parameters: record.php?DealerID= recordcountry.php?DealerID=...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2011/04/05 2:41 p.m.10 views

Lessons Learned From the LizaMoon SQL Injection Attack

Last week, a large scale SQL Injection attack dubbed LizaMoon, referencing one of the domain names used in the attack, surfaced. This attack targets websites by injecting code that redirects visitors to a rogue anti-virus AV site. While on the AV site, visitors are presented with fake antivirus...

8.2AI score
Exploits0References2
securityvulns
securityvulns
added 2011/02/14 12:0 a.m.72 views

Kunena SQL Injection Vulnerability & Information Leakage

Vendor/Product: Kunena Vulnerable Versions: 1.5.14; 1.6.3 Vulnerability Type: SQL Injection & information leakage Risk level: High Vulnerability Details: Because parameterized queries were not used, and adequate input sanitization was not done on the catids parameter on the advanced search page, ...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2011/02/11 12:0 a.m.20 views

Kunena SQL Injection

Vendor/Product: Kunena Vulnerable Versions: 1.5.14; 1.6.3 Vulnerability Type: SQL Injection & information leakage Risk level: High Vulnerability Details: Because parameterized queries were not used, and adequate input sanitization was not done on the catids parameter on the advanced search page, ...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2011/02/11 12:0 a.m.21 views

Kunena < 1.5.13 / < 1.6.3 - SQL Injection

Vendor/Product: Kunena Vulnerable Versions: 1.5.14; 1.6.3 Vulnerability Type: SQL Injection & information leakage Risk level: High Vulnerability Details: Because parameterized queries were not used, and adequate input sanitization was not done on the catids parameter on the advanced search page, ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2011/02/11 12:0 a.m.11 views

Kunena 1.5.13 1.6.3 - SQL Injection

Kunena 1.5.13 1.6.3 - SQL Injection Vendor/Product: Kunena Vulnerable Versions: 1.5.14; 1.6.3 Vulnerability Type: SQL Injection & information leakage Risk level: High Vulnerability Details: Because parameterized queries were not used, and adequate input sanitization was not done on the catids...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2010/12/28 12:0 a.m.31 views

OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass SQL Injection Persistent Cross-Site Scripting on FrontPage

OpenClassifieds 1.7.0.3 - Chained: Captcha Bypass SQL Injection Persistent Cross-Site Scripting on FrontPage Author:Michael Brooks Rook Application:OpenClassifieds 1.7.0.3 download: http://open-classifieds.com/download/ Exploit chain:captcha bypass-sqliinsert-persistant xss on front page If...

0.5AI score
Exploits0
Rows per page
Query Builder