Softbiz Recipes Portal Script Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ Softbiz Recipes Portal Script Remote SQL Injection Vulnerability ================================================================ IN THE NAME OF GOD Recipes Portal Script SQL...

Softbiz Jobs Recruitment - SQL Injection

Softbiz Jobs Recruitment - SQL Injection Softbiz Jobs & Recruitment Script SQL INJECTION BY IRCRASH AUTHOR : IRCRASH Dr.Crash Script Download : http://www.softbizscripts.com/ DORK: "Powered by SoftbizScripts" "ALL JOBS" Injection Adress : http://site.com/browsecats.php?cid=sql cod Sql code For se...

ActiveKB Knowledgebase 2.? (catId) Remote SQL Injection Vulnerability

No description provided by source. ActiveKB NX 2.? Powered by ActiveKB Knowledgebase Software index.php SQL Injection Discovered by Luna-Tic and XTErner 19 Years Ukrainian Hackers Vendor:www.interspire.com/activekb/ License:sharewere Exploit:/kb/index.php?ToDo=browse&catId=SQL CODE...

FreeBSD : wordpress -- XMLRPC SQL Injection (0838733d-1698-11dc-a197-0011098b2f36)

Secunia reports : Slappter has discovered a vulnerability in WordPress, which can be exploited by malicious users to conduct SQL injection attacks. Input passed to the 'wp.suggestCategories' method in xmlrpc.php is not properly sanitised before being used in SQL queries. This can be exploited to...

wordpress -- XMLRPC SQL Injection

Secunia reports: Slappter has discovered a vulnerability in WordPress, which can be exploited by malicious users to conduct SQL injection attacks. Input passed to the "wp.suggestCategories" method in xmlrpc.php is not properly sanitised before being used in SQL queries. This can be exploited to...

Sql_Vulnerability_EasymoBlog.txt

·= Security Advisory =· Issue: Sql injection Vulnerability in EasyMoblog by Umberto Caldera. Discovered Date: 30/01/07 Author: Tal Argoni, LegendaryZion. talargoni at gmail.com Product Vendor: http://sourceforge.net/project/showfiles.php?groupid=88633 Ver: easymoblog-0.5.1 Details: EasyMoblog is...

[Full-disclosure] Remote Sql Injection in EasyMoblog 0.5.1

·= Security Advisory =· Issue: Sql injection Vulnerability in EasyMoblog by Umberto Caldera. Discovered Date: 30/01/07 Author: Tal Argoni, LegendaryZion. talargoni at gmail.com Product Vendor: http://sourceforge.net/project/showfiles.php?groupid=88633 Ver: easymoblog-0.5.1 Details: EasyMoblog is...

AIOCP SQL Injection Vulnerability

i Product Name: AIOCP - All In One Control Panel i Vulnerable Versions: = 1.3.009 i Bug found by: Coloss i Contact: [email protected] i Date: 9.1.2007 i Spec: Parameter 'did' is not checked before it's used in a SQL Query so you are able to inject some evil SQL code Example shows how to retrieve...

15061124.txt

!/usr/bin/perl INFORMATIONS ============ Affected.scr..: Cahier de texte V2.0 Poc.ID........: 15061124 Type..........: Predictable backup filename, Source disclosure Risk.level....: High Conditions....: registerglobals = on Src.download..: www.etab.ac-caen.fr/bsauveur/cahierdetexte/ Poc.link........

Cahier de texte 2.0 (Database Backup/Source Disclosure) Remote Exploit

No description provided by source. !/usr/bin/perl INFORMATIONS ============ Affected.scr..: Cahier de texte V2.0 Poc.ID........: 15061124 Type..........: Predictable backup filename, Source disclosure Risk.level....: High Conditions....: registerglobals = on Src.download..:...

Cahier de texte V2.0 SQL Code Execution Exploit

!/usr/bin/perl INFORMATIONS ============ Affected.scr..: Cahier de texte V2.0 Poc.ID........: 15061124 Type..........: Predictable backup filename, Source disclosure Risk.level....: High Conditions....: registerglobals = on Src.download..: www.etab.ac-caen.fr/bsauveur/cahierdetexte/ Poc.link........

Cahier de texte 2.0 - Database Backup Source Disclosure

Cahier de texte 2.0 - Database Backup Source Disclosure !/usr/bin/perl INFORMATIONS ============ Affected.scr..: Cahier de texte V2.0 Poc.ID........: 15061124 Type..........: Predictable backup filename, Source disclosure Risk.level....: High Conditions....: registerglobals = on Src.download..:...

Cahier de texte 2.0 (Database Backup/Source Disclosure) Remote Exploit

Exploit for unknown platform in category web applications ====================================================================== Cahier de texte 2.0 Database Backup/Source Disclosure Remote Exploit ====================================================================== !/usr/bin/perl INFORMATIONS...

eshopping.txt

Aria-Security Team Advisory Original Advisory : http://aria-security.net/advisory/eShopping.txt ----------------------------------------------------------- Software: eShopping Cart Method : SQL Injection PoC: http://target/productdetail.asp?ProductID=SQL CODE...

bpg.txt

Aria-Security Team Advisory Original Advisory : http://aria-security.net/advisory/bpg.txt ----------------------------------------------------------- Software: BPG Content Management System Method: SQL Injection PoC: http://target/path/publicationview.asp?InfoID=SQL CODE...

Debian DSA-951-2 : trac - missing input sanitising

This update corrects the search feature in trac, an enhanced wiki and issue tracking system for software development projects, which broke with the last security update. For completeness please find below the original advisory text : Several vulnerabilities have been discovered in trac, an enhanc...

Cahier de textes 2.0 Remote SQL injection Exploit

Cahier de textes Pierre Lemaitre - St Lф France - Ver 2.0 Remote SQL injection Exploit Discovred By s4mi s4miatlinuxmaildotorg exploit http://localhost/PATH/lire.php?classeID=1&matiereID=SQL or http://localhost/PATH/lireafaire.php?classeID=SQL expemle of sql code to get admin user and password...

mambo -- SQL injection vulnerabilities

The Team Mambo reports that two SQL injection vulnerabilities have been found in Mambo. The vulnerabilities exists due to missing sanitation of the title and catid parameters in the weblinks.php page and can lead to execution of arbitrary SQL code...

lifetype -- ADOdb "server.php" Insecure Test Script Security Issue

Secunia reports: A security issue has been discovered in LifeType, which can be exploited by malicious people to execute arbitrary SQL code and potentially compromise a vulnerable system. The problem is caused due to the presence of the insecure "server.php" test script...

[SA19563] MAXdev MD-Pro ADOdb "server.php" Insecure Test Script Security Issue

TITLE: MAXdev MD-Pro ADOdb "server.php" Insecure Test Script Security Issue SECUNIA ADVISORY ID: SA19563 VERIFY ADVISORY: http://secunia.com/advisories/19563/ CRITICAL: Moderately critical IMPACT: Security Bypass, System access WHERE: From remote SOFTWARE: MAXdev MD-Pro 1.x...