Code injection

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service server crash via crafted arguments to extreme-value functions such as 1 LEAST and 2 GREATEST, related to KILLBADDATA and a "CREATE...

CVE-2010-3833

CVE-2010-3833 affects MySQL 5.0/5.1/5.5 where type errors are not properly propagated, enabling remote DoS (server crash) from crafted inputs to functions like LEAST and GREATEST, tied to KILL_BAD_DATA and a CREATE TABLE ... SELECT. The MiracleLinux advisories AXSA:2011-32:01 and AXSA:2010-485:04...

CVE-2011-0265

Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long dataselect1 parameter...

Virtual Store Open 3.0 - Acess SQL Injection

!/usr/bin/perl Script Name: Virtual Store Open = 3.0 Link1 : http://www.virtuastore.com.br/shopping.asp?link=ShoppingVirtuaStore Link2 : http://www.virtuastore2010.com.br/ Link3 Yahoo Group : http://br.groups.yahoo.com/group/virtuastore/ Bug: Acess Sql Injection Found: Br0ly google dork:...

Microsoft Internet Explorer Recursive Select Element Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Wordpress function do_trackbacks() SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================================== Wordpress function dotrackbacks SQL Injection Vulnerability ============================================================== Description: SQL injection vulnerability in dotrackbacks...

PHP Place SQL Injection

=========================================== PHP Place SQL Injection Vulnerability =========================================== +Title : PHP Place SQL Injection Vulnerability +Software : PHP Place +Vendor : NN +Download : NN +Author : josalijoe +Contact : josalijoeatyahoodotcom +Home :...

'Free Simple Software' SQL Injection Vulnerability (CVE-2010-4298)

'Free Simple Software' SQL Injection Vulnerability CVE-2010-4298 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Free Simple Software' download module which allows for a 'UNION SELECT' to easily expose the application...

WSN Links - SQL Injection

'WSN Links' SQL Injection Vulnerability CVE-2010-4006 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the search.php code that allows for SQL injection of various parameters. By assembling portions of SQL code between the...

MySQL: CREATE TABLE ... SELECT causes crash when KILL_BAD_DATA is returned (MySQL Bug#55826)

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service server crash via crafted arguments to extreme-value functions such as 1 LEAST and 2 GREATEST, related to KILLBADDATA and a "CREATE...

Webspell 4.X safe_query Bypass Vulnerability

Exploit for php platform in category web applications ============================================ Webspell 4.X safequery Bypass Vulnerability ============================================ INFORMATION +Name : Webspell 4.X safequery bypass Vulnerability +Author : silent vapor +Date : 29.09.2010...

Webspell 4.x - safe_query Bypass

INFORMATION +Name : Webspell 4.X safequery bypass Vulnerability +Author : silent vapor +Date : 29.09.2010 +Script : webspell +Price : free +Language :PHP +Discovered by silent vapor +Underground Agents +Greetz to Team-Internet, 4004-Security-Project, Easy Laster +Vulnerability :...

Joomla Component com_taxes SQL Injection Vulnerability

Exploit for php platform in category web applications ====================================================== Joomla Component comtaxes SQL Injection Vulnerability ====================================================== ========================================================================== x...

Joomla! Component com_yellowpages - SQL Injection

Joomla! Component comyellowpages - SQL Injection =============================================================== Joomla Component comyellowpages SQL Injection Vulnerability =============================================================== Exploit Title : Joomla "comyellowpages" Sql Injection...

sX-Shop Multiple SQL Injection Vulnerability

Exploit for php platform in category web applications =================================== sX-Shop SQL Injection Vulnerability =================================== Author : CoBRa21 Author Web Page :http://ipbul.org Dork : "powered by sX-Shop" Script Page : http://www.source-worx.de/ Demo :...

PT-2010-4293 · Zabbix · Zabbix

Name of the Vulnerable Software and Affected Versions: Zabbix versions prior to 1.8.3rc1 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities in the formatQuery function. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific...

PHP5.2.6 (content.phpid) SQL Injection Vulnerability

Exploit for php platform in category web applications ==================================================== PHP5.2.6 content.phpid SQL Injection Vulnerability ==================================================== Author : Amine92 home : http://vbhacker.net/ Dork : "Powered by PHP/5.2.6" Download Pa...

Joomla Beamospetition SQL Injection

Exploit Title : Joomla "combeamospetition" Sql Injection Vulnerability Date : 29 - 7 - 2010 Author : Forza-Dz Vendor : http://code.joomla.org/gf/project/beamospetition/frs/ Version : All Versions Tested on : Win Sp2 and Mc Dork = inurl:"combeamospetition" --- SQL Injection Vulenrability --- SQL...

eSmart-Vision Trading SQL Injection

eSmart-Vision Trading Multiple SQL Injection Exploit http://www.esmart-vision.com/application.htm By cr4wl3r inj3ct0r team PoC: http://www.target.com/newsdetail.php?id=-9999 UniOn aLL SeLeCt 1,ConCatEmail,0x3a,Password,3,4,5,6,7 fRoM userinfo-- http://www.target.com/proddetails.php?id=-9999 UniOn...

Joomla! Component com_beamospetition - SQL Injection

Joomla! Component combeamospetition - SQL Injection Exploit Title : Joomla "combeamospetition" Sql Injection Vulnerability Date : 29 - 7 - 2010 Author : Forza-Dz Vendor : http://code.joomla.org/gf/project/beamospetition/frs/ Version : All Versions Tested on : Win Sp2 and Mc Dork =...