205 matches found
EUVD-2001-0539
Malware in sbrugna...
EUVD-2002-0637
Malware in sbrugna...
CVE-2012-4015
Cross-site scripting XSS vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry...
Cisco Meeting Server Web Management Interface Denial of Service Vulnerability
Cisco Acano X-Series, Meeting Server 1000, and Meeting Server 2000 are video conferencing solutions from Cisco.Web Admin Interface is one of the web-based management interfaces. An input validation vulnerability exists in the Web Admin Interface in the Cisco Acano X-Series, Meeting Server 1000, a...
CVE-2018-0371
A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to insufficient validation of incoming HTTP requests. An attacker could exploit this vulnerability by sending a...
MS12-060: Description of the security update for SQL Server 2000 Service Pack 4 QFE: August 14, 2012
MS12-060: Description of the security update for SQL Server 2000 Service Pack 4 QFE: August 14, 2012 View products that this article applies to.Microsoft has released the security bulletin MS12-060. You can view the complete security bulletin by going to of the following Microsoft websites: Home...
某通用型政府建站系统SQL注入
简要描述: RT 详细说明: 山东农友软件公司官网:http://www.nongyou.com.cn/ 案例如下: http://222.135.127.190:7000/gov/SearchInfoSum.aspx?keyword= http://221.2.171.59:8000/gov/SearchInfoSum.aspx?keyword= http://222.135.109.70:8100/gov/SearchInfoSum.aspx?keyword= http://61.133.119.187:8089/gov/SearchInfoSum.aspx?keyword=...
某投稿系统通用型SQL注射漏洞(影响众多企事业单位及学校)
简要描述: 某投稿系统通用型SQL注射漏洞 详细说明: 南京杰诺瀚软件科技有限公司的投稿系统SQL注射漏洞 intitle:投稿系统 技术支持:南京杰诺瀚软件科技有限公司 Web/Login.aspx 页面的 username 参数存在问题 DBA 权限注射 URL:...
Microsoft SQL Server Resolution Overflow
No description provided by source. $Id: ms02039slammer.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
Microsoft SQL Server 2000 SQLXML Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5005/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various methods of communication...
Microsoft SQL Server 2000 SQLXML Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5004/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various methods of communication...
Web Wiz Forums 9.68 SQLi Vulnerability
No description provided by source. ========================================= Web Wiz Forums 9.68 SQLi Vulnerability ========================================= Name : Web Wiz Forums 9.68 SQLi Vulnerability Date : june, 9 2010 Vendor url :http://www.webwiz.co.uk/webwizforums/ Platform: Windows...
Microsoft SQL Server 2000 Resolution Service Heap Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5310/info A vulnerability in Microsoft SQL Server 2000 could allow remote attackers to access target hosts. A problem in the SQL Server Resolution Service allows a remote attacker to execute arbitrary code on a vulnerable...
Microsoft SQL Server 2000 Database Consistency Checkers Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5307/info Microsoft SQL Server 2000 includes utilities called Database Consistency Checkers DBCC. Several of these programs contain identical buffer overflows that, when exploited, could allow an attacker to execute...
Quick FTP Pro 2.1 Transfer-Mode Overflow
No description provided by source. $Id: quicktftppromode.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
Microsoft SQL Server 2000 sp_MScopyscript SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5309/info The Microsoft SQL Server 2000 spMScopyscript stored procedure does not sufficiently validate input before passing it to the xpcmdshell extended stored procedure. An attacker with the ability to execute a query o...
大汉版通政府信息公开系统SQL注射2
简要描述: SQL 详细说明: 政府信息公开系统 某处sql注射漏洞 另一个文件里的参数 注入点 zfxxgk/serviceobjectinfo.jsp?servicebm= servicebm过滤不严存在注射 政府网站案例 sqlmap.py -u "http://xxgk.sihong.gov.cn/zfxxgk/serviceobjectinfo.jsp?s ervicebm=" --is-dba --dbs --- Place: GET Parameter: servicebm Type: boolean-based blind Title: AND boolean-based...
大汉版通政府信息公开系统SQL注射
简要描述: 政府信息公开系统 详细说明: 政府信息公开系统 某处sql注射漏洞 注入点 zfxxgk/subjectinfo.jsp?subjectbm= subjectbm参数过滤不严,导致注入 政府网站案例 sqlmap.py -u "http://xxgk.sihong.gov.cn/zfxxgk/subjectinfo.jsp?subjectbm=" --is-dba --dbs payload Place: GET Parameter: subjectbm Type: boolean-based blind Title: AND boolean-based blind -...
360 Systems Image Server 2000 Series Remote Root Access
Overview This updated advisory is a follow-up to the original advisory titled ICSA-13-038-01—360 Systems Image Server 2000 Series Remote Root Access that was published March 06, 2013, on the ICS-CERT Web site. This advisory provides mitigation details for a vulnerability that impacts the 360...
[aidSQL] A tool that will aid you when trying to find vulnerable spots in your site
Is a PHP application provided for detecting security holes in your website/s. It's a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. 2013-05-27 NEW aidSQL Release which supports MS SQL SERVER 2000 Database injection and reverse...