CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

200 matches found

exploitpack•added 2008/05/09 12:0 a.m.•27 views

SazCart 1.5.1 - prodid SQL Injection

SazCart 1.5.1 - prodid SQL Injection !/usr/bin/perl SazCart new or die; my $go=$cnx-get$victim."?details&prodid=1'+union+all+select+0,1,convertconcatdatabase,char58,user,char58,version,char,3,4/"; if $go-content = m/Price:.?\br/ms print "+ $1\n\n"; else print "\n- exploit failed\n"; milw0rm.com...

seebug.org•added 2008/05/07 12:0 a.m.•23 views

Galleristic 1.0 (index.php cat) Remote SQL Injection Exploit

No description provided by source. ?php Name : Galleristic v1.0 index.php cat Remote SQL Injection Exploit Author : cOndemned Note : works only when magicquotesgpc = off Greetz : irk4z, GregStar, ZaBeaTy, Iwan, ElusiveN, doctor, Avantura ; function exploit$target, $v $injection =...

exploitpack•added 2008/04/20 12:0 a.m.•12 views

W1L3D4 philboard 1.0 - philboard_reply.asp SQL Injection

W1L3D4 philboard 1.0 - philboardreply.asp SQL Injection Philboard W1L3D4 v1.0 Multiple SQL Ä°njection Vulnerable Author : U238 mail : setuid.noexec0x1aqhotmaildotcom webpage: http://noexec.blogspot.com Script : http://www.aspindir.com/Goster/4703 Script2:...

seebug.org•added 2008/04/01 12:0 a.m.•9 views

Neat weblog 0.2 (articleId) Remote SQL Injection Vulnerability

No description provided by source. !/usr/bin/perl Neat weblog 0.2 SQL Injection Exploit &n...

exploitpack•added 2008/02/27 12:0 a.m.•12 views

eazyPortal 1.0 - cookie SQL Injection

eazyPortal 1.0 - cookie SQL Injection !/usr/bin/perl Vendor url: http://www.eazyportal.com/ by Iron - http://www.randombase.com exploit goes through $COOKIE use LWP::UserAgent; use MIME::Base64; print " EazyPortal ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .=...

securityvulns•added 2008/02/22 12:0 a.m.•149 views

PHP-Nuke genaral print SQL Injection(id)

PHP-Nuke genaral print SQL Injectionid AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl:"modules.php?name"print DORK 2 : allinurl:"modules.php?name=Hikaye" DORK : allinurl:"modules.php?name=Fikralar" DORK :...

exploitpack•added 2008/01/05 12:0 a.m.•20 views

Invision Power Board (IP.Board) 2.1.7 - ACTIVE Cross-Site Scripting SQL Injection

Invision Power Board IP.Board 2.1.7 - ACTIVE Cross-Site Scripting SQL Injection ---- INVISION POWER BOARD 2.1.7 EXPLOIT ... ITDefence.ru Antichat.ru INVISION POWER BOARD 2.1.7 ACTIVE XSS/SQL INJECTION Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // /...

exploitpack•added 2008/01/02 12:0 a.m.•174 views

ClipShare - UID SQL Injection

ClipShare - UID SQL Injection video sharing www.clip-share.com Remote SQL Injection Exploit All Version AUTHOR :Krit webmaster of http://www.thaishadow.com HOME : http://www.thaishadow.com Download : http://www.clip-share.com/ DorKs :inurl:/uprofile.php?UID= or "Powered by clipshare" EXPLOIT :...

seebug.org•added 2007/11/27 12:0 a.m.•14 views

WorkingOnWeb Events.PHP SQL注入漏洞

WorkingOnWeb是一款基于PHP的WEB应用程序。 WorkingOnWeb不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息或操作数据库。问题是由于'Events.PHP'脚本对用户提交的'idevent'参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或可能操作数据库。 Flor de Utopia WorkingOnWeb 2.0.1400 目前没有解决方案提供： http://www.workingonweb.com/...

seebug.org•added 2007/11/26 12:0 a.m.•13 views

Softbiz Freelancers Script v.1 Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Softbiz Freelancers Script V.1 Multiple Remote Vulnerabilities SQL Injection Exploit/XSS AUTHOR : IRCRASH Dr.Crash &nb...

Exploit DB•added 2007/10/11 12:0 a.m.•34 views

KwsPHP 1.0 Module Newsletter - SQL Injection

Script....................................: KwsPHP ver 1.0 Newsletter Module Script Site...........................: http://www.kwsphp.org Vulnerability........................: Remote SQL injection Exploit Access..................................: Remote...

Exploit DB•added 2007/10/10 12:0 a.m.•29750 views

cpDynaLinks 1.02 - 'category.php' SQL Injection

!/usr/bin/perl cpDynaLinks 1.02 Remote Sql Inyection exploit download: http://www.cplinks.com/download/cpdynalinks/cpdynalinksversion102full.zip bug found by s0cratex exploit written by ka0x D.O.M TEAM 2007 d0rk: Powered by cpDynaLinks need magicquotesgpc off contact: ka0x@domlabs: perl...

Exploit DB•added 2007/09/15 12:0 a.m.•35 views

KwsPHP 1.0 Member_Space Module - SQL Injection

!/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; $host = $ARGV0; $User = $ARGV1; $passwd = $ARGV2; $url = "http://".$host; $port = "80"; print q Script....................: KwsPHP v1.0 MemberSpace Module Script Site...............: http://kws.koogar.org/ Vulnerability.............: Remote SQ...

seebug.org•added 2007/08/07 12:0 a.m.•19 views

la-nai cms 1.2.14 Multiple Remote SQL Injection Vulnerabilities

No description provided by source. newhackdotorg la-nai cmsv1.2.14 - Remote SQL Injection Vendor : http://www.redlinesoft.net/module.php?modname=content&cid=9 Download : http://sourceforge.net/project/showfiles.php?groupid=191629 Found By : k1tk4t - k1tk4t4tnewhack.org http://newhack.org Location...

Packet Storm•added 2007/07/10 12:0 a.m.•19 views

gss31-sql.txt

GameSiteScript Profile$id SQL-Injection Exploit Vulnerability Discovered By: Xenduer77 ---July 7th, 2007 $id Is passed straight to the query without being filtered. SQL-INJECTION: For Version 3.1: -------...

seebug.org•added 2007/06/07 12:0 a.m.•23 views

PostNuke PNPHPBB2 Module Index.PHP SQL注入漏洞

PNphpBB是一款基于PHP的WEB应用程序。 PNphpBB不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息。问题是'Index.PHP'脚本对用户提交的WEB参数缺少过滤，提交恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息。 PNphpBB PNphpBB 1.2 g PNphpBB PNphpBB 1.2 f PNphpBB PNphpBB 1.2 目前没有解决方案提供： http://www.pnphpbb.com/modules.php?op=modload&name=ForumNews&file=index...

seebug.org•added 2007/05/18 12:0 a.m.•19 views

FAQEngine <= 4.16.03 (question.php questionref) SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w FAQEngine = v4.16.03 SQL Injection Exploit Discovered by: Silentz Payload: Admin Username & Hash Retrieval Website: http://www.w4ck1ng.com Vulnerable Code question.php: $sql = "select from ".$tableprefix."questions where publish=1 and...

exploitpack•added 2007/05/12 12:0 a.m.•13 views

iG Shop 1.4 - page.php SQL Injection

iG Shop 1.4 - page.php SQL Injection Discovered by: gsy & kerem125 Website: www.kerem125.com Script Download: http://www.igeneric.co.uk/ig-shopping-cart.html exploit:/shop/page.php?pagetype=catalognavigate&typeid=-99%20union//select//password//from//users/...

seebug.org•added 2007/05/12 12:0 a.m.•42 views

Simple News Print.PHP SQL注入漏洞

Simple News是一款基于PHP的WEB应用程序。 Simple News不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息。问题是'Print.PHP'脚本对用户提交的'newsid'参数缺少过滤，提交恶意SQL代码作为参数数据，可导致更改原来的SQL逻辑，获得敏感信息。 Simple News 1.0.0 FINAL 目前没有解决方案提供： http://sourceforge.net/projects/phpsns !/usr/bin/perl -w SimpleNews = 1.0.0 FINAL SQL Injection Exploit...

seebug.org•added 2007/05/11 12:0 a.m.•14 views

SimpleNews <= 1.0.0 FINAL (print.php news_id) SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w SimpleNews = 1.0.0 FINAL SQL Injection Exploit Discovered by: Silentz Payload: Admin Username & Hash Retrieval Website: http://www.w4ck1ng.com Vulnerable Code print.php: $newsid = $GET'newsid'; $query = "SELECT FROM simplenewsarticles WHERE...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by