Symantec-Endpoint-Protection-Manager

Symantec has an http request handler called ConfigServerHandler that is programmatically restricted to only handle requests that come from localhost. I guess when they wrote this they just assumed that there was never going to be a way to send untrusted input to it since it was always going to be...

Multiple vulnerabilities in MantisBT

High-Tech Bridge Security Research Lab has discovered multiple vulnerabilities in MantisBT, which can be exploited to perform Cross-Site Scripting XSS and SQL injection attacks. Improper access control vulnerability discloses database's credentials login and password in plaintext. 1 Cross-Site...

Drupal 7.x /includes/database/database.inc SQL注入漏洞

Includes/database/database.inc protected function expandArguments&$query, &$args $modified = FALSE; foreach arrayfilter$args, 'isarray' as $key = $data $newkeys = array; foreach $data as $i = $value $newkeys$key . '' . $i = $value; $query = pregreplace'' . $key . '\b', implode', ',...

Internet Bug Bounty: Drupal 7 pre auth sql injection and remote code execution

Motivation I found a SQL Injection bug in Drupal $value ... $newkeys$key . '' . $i = $value; The function assumes that it is called with an array which has no keys. Example: dbquery"SELECT FROM users where name IN :name", array':name'=array'user1','user2'; Which results in this SQL Statement SELE...

WordPress Plugin Spider Facebook - 'facebook.php' SQL Injection

source: https://www.securityfocus.com/bid/69675/info Spider Facebook plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

Nagios XI < 2009R1.3 Multiple Vulnerabilities

Binary data 8370.prm...

WordPress Plugin GB Gallery Slideshow - wp-adminadmin-ajax.php SQL Injection

WordPress Plugin GB Gallery Slideshow - wp-adminadmin-ajax.php SQL Injection source: https://www.securityfocus.com/bid/69181/info The GB Gallery Slideshow plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it i...

WordPress Plugin GB Gallery Slideshow - &#039;/wp-admin/admin-ajax.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/69181/info The GB Gallery Slideshow plugin for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the...

WordPress Plugin wpSS - ss_handler.php SQL Injection

WordPress Plugin wpSS - sshandler.php SQL Injection source: https://www.securityfocus.com/bid/69089/info The WordPress Spreadsheet plugin wpSS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can...

WordPress Plugin wpSS - &#039;ss_handler.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/69089/info The WordPress Spreadsheet plugin wpSS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application,...

phpmps弱过滤导致注入漏洞

简要描述： 不过滤 会出事 详细说明： 首先全局过滤文件 addslashesdeep和sqlreplace全部是针对数组的value的 所以 key呢。。。 if!getmagicquotesgpc if !empty$GET$GET = addslashesdeep$GET; if !empty$POST$POST = addslashesdeep$POST; $COOKIE = addslashesdeep$COOKIE; $REQUEST = addslashesdeep$REQUEST; if !empty$REQUEST$REQUEST = sqlreplace$REQUES...

AlienVault OSSIM ws_data SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AlienVault OSSIM. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ossim-framework service. The issue lies in the handling of the wsdata parameter d...

Joomla! Component Youtube Gallery 4.1.7 - SQL Injection

Exploit Title: Joomla component comyoutubegallery - SQL Injection vulnerability Google Dork: inurl:index.php?option=comyoutubegallery Date: 15-07-2014 Exploit Author: Pham Van Khanh [email protected] Vendor Homepage: http://www.joomlaboat.com/youtube-gallery Software Link:...

Joomla Youtube Gallery 4.1.7 SQL Injection

Exploit Title: Joomla component comyoutubegallery - SQL Injection vulnerability Google Dork: inurl:index.php?option=comyoutubegallery Date: 15-07-2014 Exploit Author: Pham Van Khanh [email protected] Vendor Homepage: http://www.joomlaboat.com/youtube-gallery Software Link:...

Debian: Security Advisory (DSA-2975-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

phpCheckZ 1.1.0 - Blind SQL Injection Vulnerability

No description provided by source. phpCheckZ 1.1.0 Blind SQL Injection Vulnerability Name phpCheckZ Vendor http://www.phpcheckz.com Versions Affected 1.1.0 Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-10-19 X. IND...

HiveMail 1.2.2/1.3 folders.update.php folderid Variable Arbitrary PHP Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP code-execution issues are the result ...

DreamLevels Dream Poll 3.0 View_Results.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15849/info Dream Poll is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...

Babe Logger 2.0 - comments.php id Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/15580/info Babe Logger is prone to SQL injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation coul...

IPBProArcade 2.5 - Remote SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11719/info A remote SQL injection vulnerability reportedly affects ipbProArcade. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in an SQL query. An attacke...