Zabbix Server Multiple remote vulnerabilities

Exploit for unknown platform in category web applications ============================================= Zabbix Server Multiple remote vulnerabilities ============================================= Zabbix Server : Multiple remote vulnerabilities From: Nicob Date: Sun, 13 Dec 2009 16:28:35 +0100 Fro...

Zabbix Server Multiple remote vulnerabilities

No description provided by source. Zabbix Server : Multiple remote vulnerabilities From: Nicob nicob nicob net Date: Sun, 13 Dec 2009 16:28:35 +0100 From Wikipedia : "Zabbix is a network management system application ... designed to monitor and track the status of various network services, server...

Zabbix Server - Multiple Vulnerabilities

Zabbix Server - Multiple Vulnerabilities Zabbix Server : Multiple remote vulnerabilities From: Nicob Date: Sun, 13 Dec 2009 16:28:35 +0100 From Wikipedia : "Zabbix is a network management system application ... designed to monitor and track the status of various network services, servers, and oth...

PT-2009-6400 · Testlink Team · Testlink

Name of the Vulnerable Software and Affected Versions: TestLink versions prior to 1.8.5 Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via the Test Case ID field to "lib/general/navBar.php" or the logLevel parameter to...

PT-2009-5712 · Plume · Plume Cms

Name of the Vulnerable Software and Affected Versions: Plume CMS version 1.2.3 Description: The issue allows remote authenticated users to execute arbitrary SQL commands. This can be achieved via the "m" parameter to "manager/index.php" or by remote authenticated administrators via the "id"...

CVE-2009-2254

Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the querystring parameter in an execute action, in conjunction with a PATHINFO of passwordforgotten.php, related to a "SQL...

CVE-2009-2254

Zen Cart 1.3.8a, 1.3.8 and earlier versions are affected by an unauthenticated access flaw in admin/sqlpatch.php combined with PATH_INFO password_forgotten.php, allowing remote attackers to inject and execute arbitrary SQL via the query_string in an execute action. The issue enables potentially u...

Zen Cart 1.3.8 - SQL Execution

!/usr/bin/python ------- Zen Cart 1.3.8 Remote SQL Execution http://www.zen-cart.com/ Zen Cart Ecommerce - putting the dream of server rooting within reach of anyone! A new version 1.3.8a is avaible on http://www.zen-cart.com/ BlackH : Notes: must have admin/sqlpatch.php enabled clean the databas...

Zen Cart Ecommerce 1.3.8 SQL Injection

!/usr/bin/python ------- Zen Cart 1.3.8 Remote SQL Execution http://www.zen-cart.com/ Zen Cart Ecommerce - putting the dream of server rooting within reach of anyone! A new version 1.3.8a is avaible on http://www.zen-cart.com/ BlackH : Notes: must have admin/sqlpatch.php enabled clean the databas...

Zen Cart 1.3.8 - SQL Execution

Zen Cart 1.3.8 - SQL Execution !/usr/bin/python ------- Zen Cart 1.3.8 Remote SQL Execution http://www.zen-cart.com/ Zen Cart Ecommerce - putting the dream of server rooting within reach of anyone! A new version 1.3.8a is avaible on http://www.zen-cart.com/ BlackH : Notes: must have...

Zen Cart 1.3.8 Remote SQL Execution Exploit

Exploit for unknown platform in category web applications =========================================== Zen Cart 1.3.8 Remote SQL Execution Exploit =========================================== !/usr/bin/python ------- Zen Cart 1.3.8 Remote SQL Execution http://www.zen-cart.com/ Zen Cart Ecommerce -...

SFS EZ Career (content.php topic) SQL Injection Vulnerability

No description provided by source. Kira has decide be back after halloween Discovered by : Mountassif Moad Type Gap : Sql execution Script : SFS EZ Career Remote sql execution Home Script : http://www.scripts-for-sites.info/item.php?item=92 Greetz : Allah , All my freind Exploit :...

CVE-2008-4623

SQL injection vulnerability in the DS-Syndicate comds-syndicate component 1.1.1 for Joomla allows remote attackers to execute arbitrary SQL commands via the feedid parameter to index2.php...

CVE-2008-2817

SQL injection vulnerability in albums.php in NiTrO Web Gallery 1.4.3 and earlier allows remote attackers to execute arbitrary SQL commands via the CatId parameter in a show action...

CVE-2008-2774

SQL injection vulnerability in item.php in CartKeeper CKGold Shopping Cart 2.5 and 2.7 allows remote attackers to execute arbitrary SQL commands via the categoryid parameter, a different vector than CVE-2007-4736...

OBlog Sql Injection Vulnerability

漏洞文件tags.asp 变量tagid未经过滤传值，带入sql执行，导致注入产生。 3.13-20060429 access & mssql 4.02-20070112 access & mssql 4.50 Final Build0619 access & mssql 4.60 Final Build0921 access & mssql 4.60 Final Build1107 access & mssql 修补方法:检查用户提交的tagid，只允许是数字。 例如： 将iTagId = TrimRequest.Querystring”tagid”改成iTagId =...

PT-2008-3304 · Blogator · Blogator-Script

Name of the Vulnerable Software and Affected Versions: Blogator-script version 0.95 Description: The issue allows remote attackers to execute arbitrary SQL commands. This is achieved via the id art parameter in the blogadata/include/sond result.php file. Recommendations: For Blogator-script versi...

[SECURITY] Fedora 8 Update: phpMyAdmin-2.11.5-1.fc8

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...

CVE-2008-0565

CVE-2008-0565 concerns a SQL injection in DeltaScripts PHP Links 1.3 and earlier, exploitable via the id parameter in vote.php. The vulnerability is documented with affected software and root cause: unsafely constructed SQL in vote.php allows remote SQL command execution. The available connected ...

dblink allows proxying of database connections via 127.0.0.1

PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library dblink is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1...