CVE-2012-2748

CVE-2012-2748 affects Joomla! 2.5.x prior to 2.5.5. The vulnerability enables remote attackers to obtain sensitive information due to inadequate input filtering and an SQL error, as described in multiple sources. The issue is a information disclosure in the Joomla! core; explicit exploit details ...

CVE-2012-2748

Unspecified vulnerability in Joomla! 2.5.x before 2.5.5 allows remote attackers to obtain sensitive information via vectors related to "Inadequate filtering" and a "SQL error."...

Dotcombinat SQL Injection

-------------------- IN The NAme OF God -------------------- -====Dotcombinat Remote Sql Injection Vulnerability====- Exploit Title: Dotcombinat Remote Sql Injection Vulnerability Exploit Author: Mr.XpR SCript Download : http://www.dotcombinat.net Tested on: BackTrack , 7 , Redhat MAil :...

[20120602] - Core - Information Disclosure

Inadequate filtering leads SQL error and information disclosure...

ME Monitoring Manager Cross Site Scripting / SQL Injection

Title: ====== ME Monitoring Manager v9.x; v10.x - Multiple Vulnerabilities Date: ===== 2012-01-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=115 VL-ID: ===== 115 Introduction: ============= Mit dem ManageEngine Applications Manager können IT-Administratoren von...

Facebook Applications Null Byte Injection

Title ===== Facebook Application Null Byte Injection Date ==== 25/01/2012 Author ====== Bug === Null Byte Injection Introduction ============ The application is currently included and viewable by all facebook users. Facebook is a social networking service and website launched in February 2004,...

Unfixed XSS vulnerability at www.diglib.um.edu.my

Security researcher s3m00t, has submitted on 16/01/2012 a cross-site-scripting XSS vulnerability affecting www.diglib.um.edu.my, which at the time of submission ranked 45023 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 25/01/2012. It is...

MangosWeb - SQL Injection

MangosWeb - SQL Injection EXPLOIT TITLE: MangosWeb SQL Vulnerability DATE: 1/7/2012 BY Hood3dRob1n AFFECTED PRODUCTS: MangosWeb Enhanced Version 3.0.3 SW LINK: http://code.google.com/p/mwenhanced/ CATEGORY: WebApp 0day DORK: intext:MangosWeb ENhanced Version 3.0.3 @2009-2011, KeysWow Dev Team...

MG For Media Solutions SQL Injection

=============================================================== Exploit Title : MG for media solutions SQL inj: vulnerable Google Dork : intext:"Powered by MG for media solutions Date : 27-10-2011 Author : nGa Sa Lu GaNgst3r Service Provider : http://www.mg-me.com/ourservices Tested on : Vista...

PHPCMS V9 sys_auth()multiple SQL injection vulnerabilities-vulnerability warning-the black bar safety net

by Flyh4t mail: phpsechotmail.com A description of Syria: the phpcms use sysauth function plus decryption of the cookie information,system more files directly from the cookie in the Get variables into the program flow. Due to the sysauth function in the design and use of the process in the presen...

ClearMindGraphics SQL Injection

Exploit Title: ClearMindGraphics SQL Injection Vulnerability -Google Dork-: "Site by: ClearMindGraphics" Date: 2011-18-09 Author: nGa Sa Lu GaNgst3r Service Link: http://www.clearmindgraphics.com/ Tested on: Vista Platform : php Google Dork : "Site by: ClearMindGraphics"...

Intellasoft SQL Injection

Exploit Title: Intellasoft SQL INJECTION Vulnerabilities Date: 12/09/2011 Author: nGa Sa Lu N-S-L Service Link: http://www.intellasoft.ca Tested on: Vista Google Dork: "Site designed by Intellasoft" SQL Error Statement ERROR - Please try again - if this error keeps occurring please notify site...

Web development by Discover Web Solutions SQL injection Vulnerability

Exploit for php platform in category web applications ‡‡‡‡‡‡‡‡‡‡‡‡‡‡ + Exploit Title : Web development by Discover Web Solutions.. SQL injection Vulnerability + Date : 08 June 2011 + Author : k's0uR! + Category : WebApps + d0rk : "Web development by Discover Web...

CVE-2010-4753

Cross-site scripting XSS vulnerability in LightNEasy.php in LightNEasy 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, which is not properly handled in a forced SQL error message...

Cross site scripting

Cross-site scripting XSS vulnerability in LightNEasy.php in LightNEasy 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, which is not properly handled in a forced SQL error message...

CVE-2010-4753

Cross-site scripting XSS vulnerability in LightNEasy.php in LightNEasy 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter, which is not properly handled in a forced SQL error message...

Joomla! 1.5.x - SQL Error Information Disclosure

source: https://www.securityfocus.com/bid/44674/info Joomla! is prone to an information-disclosure vulnerability due to an SQL error. Exploiting this issue can allow attackers to gain access to sensitive information contained in the application's database. Successful exploits may lead to other...

Joomla! 1.5.x - SQL Error Information Disclosure

Joomla! 1.5.x - SQL Error Information Disclosure source: https://www.securityfocus.com/bid/44674/info Joomla! is prone to an information-disclosure vulnerability due to an SQL error. Exploiting this issue can allow attackers to gain access to sensitive information contained in the application's...

phpMyShopping 1.0.1505 - Multiple Vulnerabilities

.:. Author : Metropolis .:. Home : www.metropolis.fr.cr .:. Script : PhpMyShopping .:. Version : v1.0.1505 .:. Download Script: http://www.phpmyshopping.org/nightbuild/PhpMyShoppingmonoboutiquev1.0.1505.tar.gz .:. Bug Type : Multiple Vulnerabilities / Blind SQL Injections / XSS === Blind Sql...

Nuked-Klan Partenaires NK 1.5 Blind SQL Injection

.:. Author : Metropolis .:. Home : www.metropolis.fr.cr .:. Script : Nuked-Klan Module Partenaires NK 1.5 .:. Version : 1.5 .:. Download Script: http://www.nuked-klan.org/index.php?file=Download&op=description&dlid=317 .:. Bug Type : Blind Sql Injection .:. Dork :...