mystats (hits.php) Multiple Vulnerabilities exploit

No description provided by source. myStats hits.php Multiple Remote Vulnerabilities Exploit url: http://mywebland.com/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it at your own risk...

ZeroCMS 1.0 SQL Injection Vulnerability

ZeroCMS version 1.0 suffers from a remote SQL injection vulnerability. ZeroCMS v1.0 SQL Injection Vulnerability zerotransactarticle.php articleid POST parameter Vendor: Another Awesome Stuff Product web page: http://www.aas9.in/zerocms Affected version: 1.0 Severity: High CWE: 89 -...

VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability

========================================================================================== VoltEdit CMS SQL Injection Admin Login Bypass & Shell Upload Vulnerability ==========================================================================================...

Edimestre Plus 2.0 SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...

discuz! X1. 0 – X1. 5 Blind SQL injection exploit & Get Shell-vulnerability warning-the black bar safety net

Exploit Title: discuz! X1. 0 - X1. 5 Blind SQL injection exploit &Get Shell Date: 06-04-2012 Author: Hacker-Fire Category:: webapps Google dork: Powered by Discuz Tested on: Windows 7 P0c : ? Php printr ' + ------------------------------------------------- -------------------------- + Discuz! 1-1...

phxEventManager 2.0 Beta 5 SQL Injection

Exploit Title: phxEventManager 2.0 beta 5 search.php searchterms SQL Injection Vulnerability Date: 01/03/2012 Author: skysbsb Software Link: http://sourceforge.net/projects/phxeventmanager/ Version: Web Application Tested on: Apache/nix Dork: intext: "Powered by phxEventManager" Code : Exploited...

Discuz! X1-1.5 notify_credit.php Blind SQL injection exploit

No description provided by source. ?php printr' +---------------------------------------------------------------------------+ Discuz! X1-1.5 notifycredit.php Blind SQL injection exploit by toby57 2010.11.05 mail: toby57 at 163 dot com team: http://www.wolvez.org...

PixelPost 1.7.3 - Multiple POST SQL Injections

-------------------------------------------------------------------- Pixelpost 1.7.3 Multiple POST Variables SQL Injection Vulnerability Vendor: Pixelpost.org Product web page: http://www.pixelpost.org Affected version: 1.7.3 Summary: Pixelpost is an open-source, standards-compliant, multi-lingua...

Pixelpost 1.7.3 SQL Injection

-------------------------------------------------------------------- Pixelpost 1.7.3 Multiple POST Variables SQL Injection Vulnerability Vendor: Pixelpost.org Product web page: http://www.pixelpost.org Affected version: 1.7.3 Summary: Pixelpost is an open-source, standards-compliant, multi-lingua...

phpaaCMS V0. 3 the presence of injection oday vulnerability-vulnerability warning-the black bar safety net

Accidentally passing a php the station, due to the own very little of PHP with the Institute to sloppy looked at is phpaaCMS, not large-scale CMS, habitual later added a“'”, I did not expect the explosion wrong! You have an error in your SQL syntax; check the manual that corresponds to your MySQL...

phpaaCMS V0. 3 the presence of injection vulnerabilities-vulnerability warning-the black bar safety net

H4ckx7's Blog Accidentally passing a php the station, due to the own very little of PHP with the Institute to sloppy looked at is phpaaCMS, not large-scale CMS, habitual later added a“'”, I did not expect the explosion wrong! You have an error in your SQL syntax; check the manual that corresponds...

Billwerx RC 3.1 XSS / SQL Injection

Billwerx RC v3.1 Multiple Vulnerabilities Found By: mrme Download: http://www.billwerx.com/download.php Tested On: Windows Vista Note: For educational purposes only XSS POC: A regular employee can embed javascript code that could be executed within the context of the admin's browser. If the user...

Billwerx RC v3.1 Multiple Vulnerabilities

No description provided by source. Billwerx RC v3.1 Multiple Vulnerabilities Found By: mrme Download: http://www.billwerx.com/download.php Tested On: Windows Vista Note: For educational purposes only XSS POC: A regular employee can embed javascript code that could be executed within the context o...

Billwerx RC 3.1 - Multiple Vulnerabilities

Billwerx RC v3.1 Multiple Vulnerabilities Found By: mrme Download: http://www.billwerx.com/download.php Tested On: Windows Vista Note: For educational purposes only XSS POC: A regular employee can embed javascript code that could be executed within the context of the admin's browser. If the user...

WordPress Plugin My Category Order 2.8 - SQL Injection

Source: WordPress Plugin: My Category Order = 2.8 mycategoryorder.php / SQL Injection Vulnerability Download: http://wordpress.org/extend/plugins/my-category-order/ No Dork Author: ManhLuat93 at hcegroupdotnet Errors appears only when you have admin control Open mycategoryorder.php Line 47-48: if...

CVE-2006-0727

CVE-2006-0727 describes a SQL injection in mstrack.php of MusOX DF MSAnalysis (DFMSA), used with CPG-Nuke Dragonfly CMS. An attacker can trigger path disclosure via a SQL syntax error and may be able to execute arbitrary SQL commands. The affected software is MusOX DF MSAnalysis as used in Dragon...

CVE-2006-0590

MyTopix 1.2.3 allows remote attackers to obtain the installation path via an invalid hl parameter to index.php, which leads to path disclosure, possibly related to invalid SQL syntax...

Path traversal

MyTopix 1.2.3 allows remote attackers to obtain the installation path via an invalid hl parameter to index.php, which leads to path disclosure, possibly related to invalid SQL syntax...

CVE-2006-0590

MyTopix 1.2.3 allows remote attackers to obtain the installation path via an invalid hl parameter to index.php, which leads to path disclosure, possibly related to invalid SQL syntax...

CVE-2005-4346

Invalid SQL syntax error in blog.php in phpBB Blog 2.2.2 and earlier allows remote attackers to obtain the full path of the application via an invalid permalink parameter to index.php, which produces an invalid SQL query that leaks the full pathname in a SQL syntax error message. NOTE: this was...