Design/Logic Flaw

cube-js is a headless business intelligence platform. In version 0.31.23 all authenticated Cube clients could bypass SQL row-level security and run arbitrary SQL via the newly introduced /v1/sql-runner endpoint. This issue has been resolved in version 0.31.24. Users are advised to either upgrade ...

CVE-2022-23510

The CVE-2022-23510 issue affects cube-js: all authenticated Cube clients could bypass SQL row-level security and execute arbitrary SQL via the /v1/sql-runner endpoint. Root cause: a newly introduced endpoint bypassed the modeling layer’s row-level security, enabling arbitrary queries against data...

CVE-2020-35122

The CVE-2020-35122 vulnerability affects the Keysight Database Connector plugin for Atlassian Confluence prior to version 1.5.0. A malicious user could bypass access controls for using a saved database connection profile to submit arbitrary SQL against a saved database connection. Root cause: ins...

ManageEngine OpManager 11.5 Hardcoded Credential / SQL Bypass

Exploit Title: ManageEngine OpManager multiple vulnerabilities Product: ManageEngine OpManager Vulnerable Versions: v11.5 and previous versions Tested Version: v11.5 Windows Advisory Publication: 14/09/2015 Vulnerability Type: hardcoded credentials, SQL query protection bypass Credit: xistence...

FlexBB <= 0.5.5 (/inc/start.php _COOKIE) Remote SQL ByPass Exploit

No description provided by source. !/usr/bin/perl -w FlexBB = 0.5.5 /inc/start.php COOKIE Remote SQL ByPass Exploit , Perl C0d3 Milw0rm ID :- http://www.milw0rm.com/auth.php?id=1539 D3vil-0x1 | Devil-00 BlackHat : DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO...

WHMCompleteSolution (WHMCS) 4.x/5.x - Multiple Web Vulnerabilities

Exploit Title: WHMCS v4.x & v5.x - Multiple Web Vulnerabilities Date: 2013-12-10 Exploit Author: ahwak2000 Vendor Homepage: http://whmcs.com/ Version: 4.x , 5.x Tested on: win 7 +------------------+ | Vulnerability | +------------------+ File : includes\dbfunctions.php function...

CVE-2012-0709

IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 does not properly check variables, which allows remote authenticated users to bypass intended restrictions on viewing table data by leveraging the CREATEIN privilege to execute crafted SQL CREATE VARIABLE statements...

Pre Ads Portal SQL Bypass Vulnerability

Exploit for php platform in category web applications ======================================= Pre Ads Portal SQL Bypass Vulnerability ======================================= In The Name Of GOD + Exploit Title: PRE ADS PORTAL SQL Bypass Vulnerability + Date: 2010-11-13 + Author : Cru3l.b0y +...

Pre Hospital Management System SQL Bypass Vulnerability

Exploit for php platform in category web applications ======================================================= Pre Hospital Management System SQL Bypass Vulnerability ======================================================= In The Name Of GOD + Exploit Title: PRE HOSTPITAL MANAGEMENT SYSTEM SQL...

Pre Jobo .NET - Authentication Bypass

Pre Jobo .NET - Authentication Bypass Title: Pre Jobo .NET SQL Bypass Vulnerability Date: 17/12/2009 Author: bi0 Software Link: http://www.preprojects.com/jobo.asp CVE : /\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \ // // // 01000010 01101001 01001111...

Pre Job Board 1.0 - Authentication Bypass

Pre Job Board 1.0 - Authentication Bypass Title: Pre Job Board 1.0 SQL Bypass Vulnerability Date: 17/12/2009 Author: bi0 Software Link: http://www.preprojects.com/jobs.asp Version : 1.0 CVE : /\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \ // // // 01000010 01101001 01001111...

Pre Jobo .NET SQL Bypass

Exploit for unknown platform in category web applications ======================== Pre Jobo .NET SQL Bypass ======================== Title: Pre Jobo .NET SQL Bypass Vulnerability Date: 17/12/2009 Author: bi0 Software Link: http://www.preprojects.com/jobo.asp CVE : /\ == \ /\ \ /\ \ \ \ \ \ \ \ ...

Pre Jobo .NET - Authentication Bypass

Title: Pre Jobo .NET SQL Bypass Vulnerability Date: 17/12/2009 Author: bi0 Software Link: http://www.preprojects.com/jobo.asp CVE : /\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \ // // // 01000010 01101001 01001111 ---------------------------------------------------------------- + Pre Jobo...

JM CMS 1.0 - Authentication Bypass

JM CMS 1.0 - Authentication Bypass 1337h4x0rZ //Rd / / / \ \ ============================================================================== ? Note : Hacker R0x Lamerz Sux ! ============================================================================== ? JM CMS 1.0 == 1.0 Auth Bypass SQL Injection...

humanCMS - Authentication Bypass

f KHatr Zfaft Zenta9 f Zfaft Galo ya khir CHirbakhzer + humanCMS Auth Bypass SQL Injection Vulnerability + Discovered by next + www.sa3eka.com www.m4r0c-s3curity.cc + vie.0athotmail.com + Home Page : http://www.squarelabel.com "humanCMS site description" + Auth Bypass + expolit : username : ' or'...

prerealestate-sqlbypass.txt

! ! ! OOOO O OOOOOOOOO ! !O O O O O ! !O O O ! !O OOOO OOOO OOOOOO OOOO OOO OO O OOOO OO OO OOOO ! !O OOO OOO O O O O OO O O O O OO O O O ! !O OO OO O O OOOOOO O O O O O O OOOOOO ! !O O OOOO O O O O O O O O O O O ! ! OOOO OO OOOOOO OOOO OOOOOO OOOOOOOOO OOOO OOO OOO OOOO ! ! OO ! ! OO ! ! OO Prou...

Asp Scripter Products &#40;cpLogin.asp&#41; Remote SQL ByPass Injection Vulnerability

Title : Asp Scripter Products cpLogin.asp Remote SQL ByPass Injection Vulnerability Author : ajann Products:: ASP Scripter Easy Portal v1.4 ASP Scripter Live Support v1.3 --------------------------------- http://target/path/LiveSupport/cpLogin.asp http://target/path/EasyPortal/cpLogin.asp Example...

Asp Scripter Products &#40;cpLogin.asp&#41; Remote SQL ByPass Injection Vulnerability

Title : Asp Scripter Products cpLogin.asp Remote SQL ByPass Injection Vulnerability Author : ajann Products:: ASP Scripter Easy Portal v1.4 ASP Scripter Live Support v1.3 --------------------------------- http://target/path/LiveSupport/cpLogin.asp http://target/path/EasyPortal/cpLogin.asp Example...

FlexBB 0.5.5 - incstart.php?_COOKIE SQL Bypass

FlexBB 0.5.5 - incstart.php?COOKIE SQL Bypass !/usr/bin/perl -w FlexBB : DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! use IO::Socket; -- Start -- $host = "127.0.0.1"; $path = "/flexbb/"; -- END -- $host :- The Host Name Without http:// | exm...

FlexBB 0.5.5 - &#039;/inc/start.php?_COOKIE&#039; SQL Bypass

!/usr/bin/perl -w FlexBB : DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! DONT FORGET TO DO YOUR CONFIG !! use IO::Socket; -- Start -- $host = "127.0.0.1"; $path = "/flexbb/"; -- END -- $host :- The Host Name Without http:// | exm. www.vic.com $path :- FlexBB Dir On Server | ex...