1492 matches found
esfaq-sql.txt
|| | | EsFaq Remote Sql Injection Exploit | | |---------------------SuB-ZeRo----------------------| | | Author: SuB-ZeRo | | Home : www.dz-security.com | | email: [email protected] | | | | | | | script :http://editeurscripts.com/ressources/scripts-php/dl.php?idscript=5 | | DorK :...
PHP-Fusion <= 6.00.206 Forum SQL Injection Vulnerability
A vulnerability is reported in the forum module of PHP-Fusion 6.00.206 and some early released versions. SPDX-FileCopyrightText: 2008 Ferdy Riphagen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
joomla-changepasswd.txt
Joomla 1.5.x Remote Admin Password Change Author: d3m0n [email protected] Greets: GregStar, gorion, d3d!k Polish "hackers" used this bug to deface turkish sites BUAHAHHA nice 0-day pff File : /components/comuser/controller.php Line : 379-399 function confirmreset // Check for request forgeries...
PowerGap Shopsystem "ag" SQL注入漏洞
CNCAN ID:CNCAN-2008081110 PowerGap Shopsystem是一款基于PHP的WEB应用程序。 PowerGap Shopsystem不正确处理用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,获得敏感信息或操作数据库。 问题是由于's03.php'脚本不正确过滤"ag"参数,构建恶意SQL查询作为参数数据,可更改原来的SQL逻辑,可获得敏感信息或操作数据库。 PowerGap Shopsystem 目前没有解决方案提供: http://www.powergap.de/shopsystem-powergap.htm...
POWERGAP ShopSystem - s03.php SQL Injection
POWERGAP ShopSystem - s03.php SQL Injection source: https://www.securityfocus.com/bid/30558/info POWERGAP Shopsystem is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attack...
PHPKF - forum_duzen.php SQL Injection
PHPKF - forumduzen.php SQL Injection source: https://www.securityfocus.com/bid/30318/info phpKF is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
PHPKF - 'forum_duzen.php' SQL Injection
source: https://www.securityfocus.com/bid/30318/info phpKF is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, o...
Pubs Black Cat [The Fun] - browse.groups.php SQL Injection
Pubs Black Cat The Fun - browse.groups.php SQL Injection source: https://www.securityfocus.com/bid/30221/info Pubs Black Cat The Fun is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could...
Ultrastats 0.2.142 - players-detail.php Blind SQL Injection
Ultrastats 0.2.142 - players-detail.php Blind SQL Injection !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; ! Discovered.: DNX ! Vendor.....: http://www.shooter-szene.de | http://www.ultrastats.org ! Detected...: 29.06.2008 ! Reported...: 04.07.2008 ! Response...: xx.xx.2008 ! Background.:...
Joomla! Component EXP Shop 1.0 - SQL Injection
Joomla! Component EXP Shop 1.0 - SQL Injection source: https://www.securityfocus.com/bid/29869/info The EXP Shop component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue cou...
phpAuction - profile.php SQL Injection (2)
phpAuction - profile.php SQL Injection 2 source: https://www.securityfocus.com/bid/29856/info PHPAuction is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...
phpmycart-sql.txt
PHPMyCart Injection Vulnerability Bug by: h0yt3r Script suffers from a not correctly verified category id variable which is used in SQL Querys. An Attacker can easily get sensitive information from the database by injecting unexpected SQL Querys. We dont get any SQL Errors when the Injection Quer...
revokebbrc11-sql.txt
!/usr/bin/python """ ================================================================================================= / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ================================================================================================= This is a public Exploit...
AbleSpace 1.0 - 'adv_cat.php' SQL Injection
source: https://www.securityfocus.com/bid/29369/info AbleSpace is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify dat...
mxsystem-sql.txt
Name : MX-System 2.7.3 index.php page Remote SQL Injection Vulnerability Author : cOndemned Dork : intext:Powered by MX-System 2.7.3 Greetz : ZaBeaTy, str0ke, doctor, Avantura /3 PoC : http://target/path/index.php?page=-1+union+select+1,2,3,4,5,concatwschar58,version,user,now/...
eCMS 0.4.2 - Multiple Vulnerabilities
eCMS 0.4.2 - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/29304/info eCMS is prone to multiple security vulnerabilities, including a security-bypass issue and an SQL-injection issue. Exploiting these issues may allow an attacker to bypass certain security restrictions and ga...
OtherLogic - 'vocourse.php' SQL Injection
source: https://www.securityfocus.com/bid/29139/info OtherLogic is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...
LiveCart 目录脚本id参数SQL注入漏洞
BUGTRAQ ID: 28723 CVECAN ID: CVE-2008-1750 LiveCart是用于创建在线商店的电子商务解决方案。 LiveCart的目录脚本中没有正确地验证对id参数的输入便将其用在了SQL查询中,这允许远程攻击者通过控制SQL查询请求执行SQL注入攻击。 UAB Integry Systems LiveCart 1.1.1 UAB Integry Systems ------------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://livecart.com/...
BatmanPorTaL - 'uyeadmin.asp?id' SQL Injection
source: https://www.securityfocus.com/bid/29057/info BatmanPorTaL is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or...
iGaming CMS 1.5 - 'poll_vote.php' SQL Injection
source: https://www.securityfocus.com/bid/29059/info iGaming CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...