Kados R10 GreenBee - release_id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Kados R10 GreenBee - 'releaseid' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://www.kados.info/ Software Link: https://sourceforge.net/projects/kados/ Version: R10 GreenBee Category: Webapps Tested on:...

sqlite3 -- heap-buffer overflow

Google reports: A heap-buffer overflow sometimes a crash can arise when running a SQL request on malformed sqlite3 databases...

Moodle: source code security analysis report

Several vulnerabilities were discovered in Moodle 'Moodle' software: File System Path Manipulation Incorrect User Input Filtration when Using the unserialize Function Incorrect Newline Symbol Filtration in HTTP-response Headers Using Insufficiently Random Generators in Cryptography HttpOnly Cooki...

PHP-Fusion: source code security analysis report

Several vulnerabilities were discovered in PHP-Fusion 'PHP-Fusion' software: Incorrect User Input Filtration when Connecting to External Files File System Path Manipulation Incorrect User Input Filtration when Using Regular Expressions while Calling the pregreplace Function Using Insufficiently...

IceBB 1.0-rc6 - Remote Database Authentication Details

./includes/functions.php, line 73 $ip = empty$SERVER'HTTPXFORWARDEDFOR' ? $SERVER'REMOTEADDR' : $SERVER'HTTPXFORWARDEDFOR'; $ip = $this-cleankey$ip; $input'ICEBBUSERIP' = $ip; ./icebb.php, line 169 $icebb-clientip = $input'ICEBBUSERIP'; ./admin/index.php, line 112 $icebb-adsess =...

GLSA-200705-11 : MySQL: Two Denial of Service vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200705-11 MySQL: Two Denial of Service vulnerabilities mu-b discovered a NULL pointer dereference in itemcmpfunc.cc when processing certain types of SQL requests. Sec Consult also discovered another NULL pointer dereference when...

MySQL: Two Denial of Service vulnerabilities

Background MySQL is a popular multi-threaded, multi-user SQL server. Description mu-b discovered a NULL pointer dereference in itemcmpfunc.cc when processing certain types of SQL requests. Sec Consult also discovered another NULL pointer dereference when sorting certain types of queries on the...

MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit

Exploit for unknown platform in category web applications ============================================================= MyBulletinBoard MyBB escapestring. They don't corrected the function this is a choice ... the bad and they forgot to correct 1 only SQL request. They must correct the problem at...

Microsoft SQL Server (MSSQL) Hello Overflow Vulnerability (Q316333) - Active Check

Microsoft SQL Server MSSQL is prone to a hello overflow vulnerability. SPDX-FileCopyrightText: 2002 Dave Aitel Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...