70 matches found
phpLiteAdmin v1.X.X Auth Bypass/Download DB vulnerabilities
Exploit for php platform in category web applications X-------------------------------------------------------------X | | | | | \ | | / | |/ \ | \ | | / \ \ / / \ | \ | | | | | | | | | | \ --. | | / /\ | | | | / /\ V /| |/ / | | |/ / | | | | | | . | | | --. \ | | | || . | | | \ / | \ || / | | |...
phpLiteAdmin 'table' 参数SQL注入漏洞
BUGTRAQ ID: 57431 phpLiteAdmin 是基于 web 的 SQLite 数据库管理工具,支持 SQLite2 和 SQLite3 PHP 。 phpLiteAdmin 1.8.x、1.9.x在没有正确验证phpliteadmin.php内'table'参数值的合法性,在实现上存在SQL注入漏洞,成功利用后可允许攻击者执行未授权数据库操作。 0 phpLiteAdmin 1.9.x phpLiteAdmin 1.8.x 厂商补丁: phpLiteAdmin ------------...
phpLiteAdmin 'phpliteadmin.php'远程PHP代码注入漏洞
phpLiteAdmin是一款基于web的SQLite数据库管理工具 phpLiteAdmin 'phpliteadmin.php'创建新数据库时不正确过滤用户提交的数据,允许攻击者利用漏洞注入恶意文件,并以WEB权限执行 0 phpLiteAdmin =1.9.3 厂商解决方案 目前没有详细解决方案提供: http://code.google.com/p/phpliteadmin/...
phpLiteAdmin - 'table' SQL Injection
source: https://www.securityfocus.com/bid/57431/info phpLiteAdmin is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...
phpLiteAdmin - table SQL Injection
phpLiteAdmin - table SQL Injection source: https://www.securityfocus.com/bid/57431/info phpLiteAdmin is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. Exploiting this issue could allow an attacker to compromise th...
phpLiteAdmin 1.8.x / 1.9.x SQL Injection
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
phpLiteAdmin v1.8.x->1.9.x (SQLi/FD) <= Multiple Vulnerabilities
phpLiteAdmin is suffer from multiple vulnerabilities / bugs in v1.8.x to- 1.9.x , the attacker can use some bug in the Script to inject some remote SQL command/code , and Disclosure the Full Path. Bugs : Authentication Bypass SQL Injection/Exec Full Path Disclosure...
phpliteadmin <= 1.9.3 Remote PHP Code Injection Vulnerability
PHP Lite Admin versions 1.9.3 and below suffer from a PHP code injection vulnerability. Exploit Title: phpliteadmin phpliteadmin.php1785: 'When you create a new database, the name you entered will be appended with the appropriate file extension .db, .db3, .sqlite, etc. if you do not include it...
PHPLiteAdmin 1.9.3 - Remote PHP Code Injection
Exploit Title: phpliteadmin phpliteadmin.php1785: 'When you create a new database, the name you entered will be appended with the appropriate file extension .db, .db3, .sqlite, etc. if you do not include it yourself. The database will be created in the directory you specified as the $directory...
PHPLiteAdmin 1.9.3 - Remote PHP Code Injection
PHPLiteAdmin 1.9.3 - Remote PHP Code Injection Exploit Title: phpliteadmin phpliteadmin.php1785: 'When you create a new database, the name you entered will be appended with the appropriate file extension .db, .db3, .sqlite, etc. if you do not include it yourself. The database will be created in t...