545 matches found
Drupal 7.x < 7.32 SQLi
The remote web server is running a version of Drupal that is 7.x prior to 7.32. It is, therefore, potentially affected by a SQL injection vulnerability due to a flaw in the Drupal database abstraction API, which allows a remote attacker to use specially crafted requests that can result in arbitra...
drupal7 -- SQL injection
Drupal Security Team reports: Drupal 7 includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution...
PT-2014-6183 · Bmc · Bmc Track-It!
Name of the Vulnerable Software and Affected Versions: BMC Track-It! version 11.3.0.355 Description: The issue allows remote authenticated users to execute arbitrary SQL commands via crafted POST data, specifically targeting the TrackItWeb/Grid/GetData endpoint. Recommendations: For version...
UBUNTU-CVE-2014-5262
SQL injection vulnerability in the graph settings script graphsettings.php in Cacti 0.8.8b and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
ArticleFR 11.06.2014 (data.php) - Privilege Escalation
Exploit for php platform in category web applications Advisory Details: High-Tech Bridge Security Research Lab discovered vulnerability in ArticleFR, which can be exploited to execute arbitrary UPDATE SQL statements, alter information stored in database and gain complete control over the web site...
Multi Manage DbVisualizer Add Db Admin
Dbvisulaizer offers a command line functionality to execute SQL pre-configured databases With GUI. The remote database can be accessed from the command line without the need to authenticate, which can be abused to create an administrator in the database with the proper database permissions. Note:...
zabbix server Multiple Vulnerabilities
No description provided by source. Zabbix Server : Multiple remote vulnerabilities From: Nicob nicob nicob net Date: Sun, 13 Dec 2009 16:28:35 +0100 From Wikipedia : Zabbix is a network management system application ... designed to monitor and track the status of various network services, servers...
Zen Cart 1.3.8 - Remote SQL Execution Exploit
No description provided by source. !/usr/bin/python ------- Zen Cart 1.3.8 Remote SQL Execution http://www.zen-cart.com/ Zen Cart Ecommerce - putting the dream of server rooting within reach of anyone! A new version 1.3.8a is avaible on http://www.zen-cart.com/ BlackH : Notes: must have...
Yarubo #1: Arbitrary SQL Execution in Participants Database for Wordpress
Yarubo 1: Arbitrary SQL Execution in Participants Database for Wordpress ========================================================= Program: Participants Database = 1.5.4.8 Severity: Unauthenticated attacker can fully compromise the Wordpress installation Permalink:...
Maccms V8 XSS可打后台 #3
简要描述: 刚发了个后台getshell,但是屌丝的攻城狮要怎么进入后台呢?XSS呀 本应该两个洞一起发的,xss+后台getshell=getshell,手快发早了,只好再找个其它的接口来充数了 详细说明: 在留言板本处 插入即可 打后台 漏洞证明: 结合后台漏洞攻击: 1. 后台任意文件删除,可删除install.lock导致重装 接口 http://localhost/maccms8/admin/?m=extend-picdel post参数: fname%5B%5D=..%2Fupload%2Fart%2F..%5C%5C..%5C%5C\inc\install.lock 2...
PT-2014-3495 · Red Hat · Red Hat Cloudforms Management Engine
Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms Management Engine CFME versions prior to 5.2.3.2 Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This is related to the MiqReportResult.exists function in the ReportController...
DEBIAN-CVE-2014-1471
SQL injection vulnerability in the StateGetStatesByType function in Kernel/System/State.pm in Open Ticket Request System OTRS 3.1.x before 3.1.19, 3.2.x before 3.2.14, and 3.3.x before 3.3.4 allows remote attackers to execute arbitrary SQL commands via vectors related to a ticket search URL...
ThinkSNS某操作泄露数据库表前缀
简要描述: ThinkSNS某操作提交地址直接返回执行的SQL语句可获得数据库表前缀(影响不大) 详细说明: http://demo.thinksns.com/t3/index.php?app=public&mod=Account&act=doSaveProfile 个人设置的标签设置和基本信息 此提交地址 每次提交数据 返回时都将DB层SQL语句返回 可知网站数据表前缀 漏洞证明: http://demo.thinksns.com/t3/index.php?app=public&mod=Account&act=doSaveProfile...
Dimensions buy the system stored XSS can be comfortably background-vulnerability warning-the black bar safety net
fanwe buy the system thereXSScan obtain an administrator cookie and into the background First, in a goods to go in, inside there will be a refund of the message, will be there even if paid. Then comments can be addedXSS, the administrator every day view, the view will obtain administrator COOkie...
TCCMS某处设计缺陷,成功打入官网后台
简要描述: TCCMS某处设计缺陷,成功打入官网后台! 详细说明: 问题发生在 app\controller\user.class.php 146行 public function update $Obj = M 'user' ; if $POST 'info' 'password' !== $POST 'password1' StringUtil::msgbox Config::lang "PWDNOTTHESAME" , 'index.php?ac=usersinfo', 1 ; exit ; $Obj-create ; if $POST 'info' 'password' != "...
PT-2013-4989 · Foreman · Foreman
Name of the Vulnerable Software and Affected Versions: Foreman versions prior to 1.2.3 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the fqdn or hostgroup parameter in the app/models/concerns/host common.rb file. Recommendations: For versio...
shopex ctl. member. php file SQL injection vulnerability-vulnerability warning-the black bar safety net
Issql injectionvulnerability testing version: shopex-singel-4.8.5.78660 File:\core\shop\controller\ctl.member.php function delTrackMsg if! empty$POST'deltrack' $oMsg = &$this-system-loadModel'resources/msgbox'; $oMsg-delTrackMsg$POST'deltrack'; $this-splash'success',...
DEBIAN-CVE-2012-6496
SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use...
PT-2012-4127 · Ipswitch · Ipswitch Whatsup Gold
Name of the Vulnerable Software and Affected Versions: Ipswitch WhatsUp Gold version 15.02 Description: The issue allows remote attackers to execute arbitrary SQL commands via the sGroupList parameter in the "WrVMwareHostList.asp" file. This enables attackers to manipulate database queries,...
PT-2012-2069 · Gr Board · Gboard
Name of the Vulnerable Software and Affected Versions: GR Board version 1.8.6.5 Community Edition Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the tableType or blindTarget parameter to "view.php", the delTargets0 parameter to "view...