PHPLive 4.4.8 < 4.5.4 - Password Recovery SQL Injection

Exploit for php platform in category web applications !/bin/env python Exploit title: Password Recovery Sql Injection Exploit Author: Tiago Carvalho Vendor Homepage: http://www.phplivesupport.com/?plk=osicodes-5-ykq-m Version : 4.4.8 - 4.5.4 Product Name: Phplive Tested on: Debian \ Kali linux...

PHPLive 4.4.8 &lt; 4.5.4 - Password Recovery SQL Injection

!/bin/env python Exploit title: Password Recovery Sql Injection Exploit Author: Tiago Carvalho Vendor Homepage: http://www.phplivesupport.com/?plk=osicodes-5-ykq-m Version : 4.4.8 - 4.5.4 Product Name: Phplive Tested on: Debian \ Kali linux 2016-1 """ Their are multiple sql injection...

PHPLive 4.4.8 4.5.4 - Password Recovery SQL Injection

PHPLive 4.4.8 4.5.4 - Password Recovery SQL Injection !/bin/env python Exploit title: Password Recovery Sql Injection Exploit Author: Tiago Carvalho Vendor Homepage: http://www.phplivesupport.com/?plk=osicodes-5-ykq-m Version : 4.4.8 - 4.5.4 Product Name: Phplive Tested on: Debian \ Kali linux...

crminmobiliario.com XSS vulnerability

Vulnerable URL: http://www.crminmobiliario.com/phplive/request.php?l=CRMNew=1=0=%22%3E%3Csvg/onload=alert%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 81172...

PHPLive! 3.2.2 'request.php' SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35718/info PHPLive! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

phpscripte24 Live Shopping Multi Portal System SQL Injection Vuln

Exploit for php platform in category web applications ========================================================================== phpscripte24 Live Shopping Multi Portal System SQL Injection Vulnerability ==========================================================================...

PHP Live! 3.2.1/2 (x) Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl Original discover author banner PhpLive 3.2.1/2 x Blind SQL injection -X | |/ / || |/ | / | \ \ \ / / | \ / / \ | ' | | || | / | \ // / / / | , / ||\|||| ||| // // / // Red n'black i dress eagle on my chest. It's good to be an ALBANIAN...

PHP Live! 3.2.2 Blind SQL Injection

!/usr/bin/perl Original discover author banner PhpLive 3.2.1/2 x Blind SQL injection -X | |/ / || |/ | / | \ \ \ / / | \ / / \ | ' | | || | / | \ // / / / | , / ||\|||| ||| // // / // Red n'black i dress eagle on my chest. It's good to be an ALBANIAN Keep my head up high for that flag i...

PHPLive 3.2.1/2 Blind SQL Injection

PhpLive 3.2.1/2 x Blind SQL injection -X | |/ / || |/ | / | \ \ \ / / | \ / / \ | ' | | || | / | \ // / / / | , / ||\|||| ||| // // / // Red n'black i dress eagle on my chest. It's good to be an ALBANIAN Keep my head up high for that flag i die. Im proud to be an ALBANIAN Author :...

PHP Live! 3.2.12 - x Blind SQL Injection

PHP Live! 3.2.12 - x Blind SQL Injection PhpLive 3.2.1/2 x Blind SQL injection -X | |/ / || |/ | / | \ \ \ / / | \ / / \ | ' | | || | / | \ // / / / | , / ||\|||| ||| // // / // Red n'black i dress eagle on my chest. It's good to be an ALBANIAN Keep my head up high for that flag i die...

PHP Live! 3.2.1/2 - &#039;x&#039; Blind SQL Injection

PhpLive 3.2.1/2 x Blind SQL injection -X | |/ / || |/ | / | \ \ \ / / | \ / / \ | ' | | || | / | \ // / / / | , / ||\|||| ||| // // / // Red n'black i dress eagle on my chest. It's good to be an ALBANIAN Keep my head up high for that flag i die. Im proud to be an ALBANIAN Author :...

PHPLive! 3.2.2 - request.php SQL Injection

PHPLive! 3.2.2 - request.php SQL Injection source: https://www.securityfocus.com/bid/35718/info PHPLive! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

PHPLive! 3.2.2 - &#039;request.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/35718/info PHPLive! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data...

[Full-disclosure] PHPLive ALL VERSION: RFI + XSS

There are numerous XSS vulnerabilities in PHPLive v3.2.2 Maybe others /phplive/chat.php?sid=scriptalert123;/script /phplive/help.php?LANGDEFAULTBRANDING=scriptalert123;/script /phplive/help.php?PHPLIVEVERSION=scriptalert123;/script /phplive/admin/header.php?adminname=scriptalert123;/script...

CVE-2006-6769

CVE-2006-6769 applies to PHP Live! 3.2.2 and earlier, with multiple XSS flaws. Vulnerable components/files include transcripts.php (search_string parameter), index.php (l parameter), phplive/index.php (login field), and phplive/message_box.php (deptid and x parameters). Exploits describe arbitrar...

PHP Live! 3.2.1 - &#039;help.php&#039; Remote File Inclusion

Advisory: PHPLive 3.2 Remote Injection Vulnerability Release Date: 2006/07/23 Author: magnific Discovered: aneurysm.inc security reserach Risk: High Vendor Status: not contacted | no patch available Vendor Site: www.osicodes.com Contact: aneurysmincathotmaildotcom Version: all ----------- Overvie...