Php Blue Dragon CMS 3.0.0 - Remote SQL Injection Exploit

No description provided by source. ? // Exploit Name: Php Blue Dragon CMS 3.0.0 Remote SQL Injection Exploit //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zapraszam na...

exV2 <= 2.0.4.3 - (sort) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? printr' ------------------------------------------------------------------------------- exV2 = 2.0.4.3 sort SQL injection / administrative credentials disclosure exploit mail: [email protected] site:...

webSPELL <= 4.01 (title_op) Remote SQL Injection Exploit

No description provided by source. ? errorreportingEERROR; function xssinit if !extensionloaded'phpcurl' if !dl'curl.so' and !dl'phpcurl.so' and !dl'phpcurl.dll' die oo error - cannot load curl extension!; function xssheader echo...

Pentacle In-Out Board <= 6.03 (newsdetailsview) Remote SQL Injection

No description provided by source. !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Usage: penta.pl victim directory Original Advisory: http://www.nukedx.com/?viewdoc=14 use IO::Socket; if@ARGV 3 print ++ +Pentacle In-Out...

Invision Power Board 2.1 <= 2.1.6 - Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Invision Power Board v2.1 = 2.1.6 sql injection exploit by RST/GHC Based on LOCALIP bug, more info in RST/GHC Advisory41 http://rst.void.ru/papers/advisory41.txt tested on 2.1.3, 2.1.6 08.06.06 coded by 1dt.w0lf RST/GHC http://rst.void.ru...

SimpleBlog <= 2.0 (comments.asp) Remote SQL Injection Vulnerability

No description provided by source. SimpleBlog 2.0 = comments.asp SQL Injection Exploit - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Credit by | Chironex Fleckeri Mail | [email protected] Googledork | Powered By SimpleBlog 2.0 - - - - - - - - - - - - - - - - - - -...

4Site CMS <= 2.6 - Multiple Remote SQL Injection Vulnerabilities

No description provided by source. WSEC-09-002 4Site CMS = 2.6 Multiple Remote SQL Injections Developer site: http://www.4site.ru/ Discovered by D.Mortalov // wsec.ru 1. Auth Bypass Login: 1'or'1 Password: 1'or’1 2. Multiple Remote SQL Injections in 4site CMS modules Pages module:...

minibb 2.2 (css/sql/fpd) Multiple Vulnerabilities

No description provided by source. Author: GiReX Homepage: girex.altervista.org Date: 21/04/2008 CMS: miniBB 2.2 and maybe prior Site: minibb.net Bug 1: Full Path Disclosure Bug 2: Cross Site Scripting Bug 3: Remote SQL Injection Need: registerglobals = On ---------------------------------------...

Libera CMS <= 1.12 (Cookie) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl ---------------------------------------------------------- Libera CMS = 1.12 Cookie Remote SQL Injection Exploit Perl Exploit - Add a new admin with your credentials! Author: StAkeR - StAkeRathotmaildotit...

Joomla AJAX Shoutbox <= 1.6 - Remote SQL Injection Vulnerability

Exploit for php platform in category web applications + Details: - include "helper.php"; - parameter: jallastID - Code: 113 $jallastID = JRequest::getVar 'jallastID', 0 ; 114 115 $query = 'SELECT FROM shoutbox WHERE id '.$jallastID.' ORDER BY id DESC'; - Exploit:...

DEBIAN-CVE-2014-1471

SQL injection vulnerability in the StateGetStatesByType function in Kernel/System/State.pm in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allows remote attackers to execute arbitrary SQL commands via vectors related to a ticket search URL...

Barracuda CudaTel 2.6.02.040 - Remote SQL Injection Vulnerability

Title: ====== Barracuda CudaTel 2.6.02.040 - Remote SQL Injection Vulnerability Date: ===== 2013-07-20 References: =========== http://vulnerability-lab.com/getcontent.php?id=775 BARRACUDA NETWORK SECURITY ID: BNSEC-723 VL-ID: ===== 775 Common Vulnerability Scoring System:...

phpLiteAdmin v1.8.x->1.9.x (SQLi/FD) <= Multiple Vulnerabilities

phpLiteAdmin is suffer from multiple vulnerabilities / bugs in v1.8.x to- 1.9.x , the attacker can use some bug in the Script to inject some remote SQL command/code , and Disclosure the Full Path. Bugs : Authentication Bypass SQL Injection/Exec Full Path Disclosure...

DEBIAN-CVE-2012-6496

SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use...

WordPress Plugin - W3 Total Cache Remote Sql Injection Exploit

Exploit for php platform in category web applications From the developers' description 1, W3 Total Cache is: The most complete WordPress performance framework. Recommended by web hosts like: MediaTemple, Host Gator, Page.ly and WP Engine and countless more. Trusted by countless sites like:...

FocusAbacus Estate - Remote SQL Injection Vulnerability

Exploit for php platform in category web applications FocusAbacus Estate - Remote SQL Injection Vulnerability 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by...

CVE-2011-5111

Multiple SQL injection vulnerabilities in Kajian Website CMS Balitbang 3.x allow remote attackers to execute arbitrary SQL commands via the hal parameter to 1 the data module in alumni.php; or the 2 lihbuku, 3 artikel, 4 album, or 5 berita module in index.php...

PT-2012-4127 · Ipswitch · Ipswitch Whatsup Gold

Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold version 15.02 Description: The issue allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter in the "WrVMwareHostList.asp" file. This enables attackers to manipulate database queries,...

ProQuiz v2.0.2 Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: ProQuiz v2.0.2 - Multiple Vulnerabilities Date: 18/7/2012 Author: L0n3ly-H34rT My Site: http://se3c.blogspot.com/ Contact: email protected Vendor Homepage: http://proquiz.softon.org/ Software Link:...

phpProfiles 4.5.4 Beta XSS / RFI / SQL Injection

Exploit for php platform in category web applications Exploit Title: phpProfiles v4.5.4 Beta - Multiple Vulnerabilities Date: 24/7/2012 Author: L0n3ly-H34rT My Site: http://se3c.tk/ Contact: email protected Software Link: http://sourceforge.net/projects/phpprofiles/files/latest/download Tested on...