107 matches found
EUVD-2002-0637
Malware in sbrugna...
CVE-2012-4015
Cross-site scripting XSS vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry...
MS12-060: Description of the security update for SQL Server 2000 Service Pack 4 QFE: August 14, 2012
MS12-060: Description of the security update for SQL Server 2000 Service Pack 4 QFE: August 14, 2012 View products that this article applies to.Microsoft has released the security bulletin MS12-060. You can view the complete security bulletin by going to of the following Microsoft websites: Home...
某通用型政府建站系统SQL注入
简要描述: RT 详细说明: 山东农友软件公司官网:http://www.nongyou.com.cn/ 案例如下: http://222.135.127.190:7000/gov/SearchInfoSum.aspx?keyword= http://221.2.171.59:8000/gov/SearchInfoSum.aspx?keyword= http://222.135.109.70:8100/gov/SearchInfoSum.aspx?keyword= http://61.133.119.187:8089/gov/SearchInfoSum.aspx?keyword=...
某投稿系统通用型SQL注射漏洞(影响众多企事业单位及学校)
简要描述: 某投稿系统通用型SQL注射漏洞 详细说明: 南京杰诺瀚软件科技有限公司的投稿系统SQL注射漏洞 intitle:投稿系统 技术支持:南京杰诺瀚软件科技有限公司 Web/Login.aspx 页面的 username 参数存在问题 DBA 权限注射 URL:...
Microsoft SQL Server Resolution Overflow
No description provided by source. $Id: ms02039slammer.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
Microsoft SQL Server 2000 SQLXML Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5005/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various methods of communication...
Web Wiz Forums 9.68 SQLi Vulnerability
No description provided by source. ========================================= Web Wiz Forums 9.68 SQLi Vulnerability ========================================= Name : Web Wiz Forums 9.68 SQLi Vulnerability Date : june, 9 2010 Vendor url :http://www.webwiz.co.uk/webwizforums/ Platform: Windows...
Microsoft SQL Server 2000 SQLXML Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5004/info SQLXML is a component of SQL Server 2000, which enables SQL servers to receive and send database queries via XML Extensible Markup Language format. Such queries can be sent using various methods of communication...
Microsoft SQL Server 2000 Resolution Service Heap Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5310/info A vulnerability in Microsoft SQL Server 2000 could allow remote attackers to access target hosts. A problem in the SQL Server Resolution Service allows a remote attacker to execute arbitrary code on a vulnerable...
Microsoft SQL Server 2000 Database Consistency Checkers Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5307/info Microsoft SQL Server 2000 includes utilities called Database Consistency Checkers DBCC. Several of these programs contain identical buffer overflows that, when exploited, could allow an attacker to execute...
Microsoft SQL Server 2000 sp_MScopyscript SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5309/info The Microsoft SQL Server 2000 spMScopyscript stored procedure does not sufficiently validate input before passing it to the xpcmdshell extended stored procedure. An attacker with the ability to execute a query o...
大汉版通政府信息公开系统SQL注射2
简要描述: SQL 详细说明: 政府信息公开系统 某处sql注射漏洞 另一个文件里的参数 注入点 zfxxgk/serviceobjectinfo.jsp?servicebm= servicebm过滤不严存在注射 政府网站案例 sqlmap.py -u "http://xxgk.sihong.gov.cn/zfxxgk/serviceobjectinfo.jsp?s ervicebm=" --is-dba --dbs --- Place: GET Parameter: servicebm Type: boolean-based blind Title: AND boolean-based...
大汉版通政府信息公开系统SQL注射
简要描述: 政府信息公开系统 详细说明: 政府信息公开系统 某处sql注射漏洞 注入点 zfxxgk/subjectinfo.jsp?subjectbm= subjectbm参数过滤不严,导致注入 政府网站案例 sqlmap.py -u "http://xxgk.sihong.gov.cn/zfxxgk/subjectinfo.jsp?subjectbm=" --is-dba --dbs payload Place: GET Parameter: subjectbm Type: boolean-based blind Title: AND boolean-based blind -...
[aidSQL] A tool that will aid you when trying to find vulnerable spots in your site
Is a PHP application provided for detecting security holes in your website/s. It's a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. 2013-05-27 NEW aidSQL Release which supports MS SQL SERVER 2000 Database injection and reverse...
CVE-2012-4015
Cross-site scripting XSS vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry...
Cross site scripting
Cross-site scripting XSS vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry...
CVE-2012-4015
Cross-site scripting XSS vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that trigger a crafted database entry...
CVE-2012-4015
CVE-2012-4015 concerns a cross-site scripting (XSS) vulnerability in the management screen of myLittleAdmin for SQL Server 2000 from myLittleTools . The flaw allows remote attackers to trigger arbitrary web script or HTML execution via crafted entries in the management interface, which leads to a...
JVN#56373673: myLittleAdmin for SQL Server 2000 vulnerable to arbitrary script execution
myLittleAdmin for SQL server 2000 from myLittleTools is a web-based database management software.The management screen in myLittleAdmin for SQL server 2000 contains a vulnerability that may allow arbitrary script execution. Impact When a user accesses a malicious database entry through the...