Automated SQL Vulnerability Scanner: Whitewidow

Open Source Automated SQL Vulnerability Scanner Whitewidow is an open source automated SQL vulnerability scanner, that is capable of running through a file list, or can scrape Google for potential vulnerable websites. It allows automatic file formatting, random user agents, IP addresses, server...

CVE-2016-2343

Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote attackers to obtain sensitive Dental.DB patient information via SQL statements...

CVE-2016-2343

The CVE-2016-2343 in Patterson Dental Eaglesoft 17 involves a hard-coded database password (sql) used by the dba account, enabling a remote attacker with network access to obtain sensitive patient data from the Dental.DB via SQL statements. Affected component is the Eaglesoft database backend; ro...

SQL Attack Results in Breach of Telstra Telecom Pacnet

Telstra’s Pacnet, a telecom service provider primarily based in China and Singapore, suffered a breach early last month that may wind up affecting thousands of customers, including Australia’s Federal Police, the continent’s Department of Foreign Affairs and Trade, and other entities. Telstra, an...

Discuz x！一个鸡肋SQL漏洞

简要描述： 在一定的情况下可以破坏SQL逻辑。 详细说明： 这个有点不靠，不靠谱的前提： 1，http://drops.wooyun.org/papers/1404 2，arp 3，有其他方法获取siteuniqueid，按照安装的算法来暴力破解或其他 在dx/api/google/google.php内ongtt函数内有一段代码： $posts = getgpc'post' ? explode',', getgpc'post' : array; if$posts $posts0 = intval$posts0; $posts1 = intval$posts1; $posts =...

MyBB Forum Userbar Plugin (Userbar 2.2) - SQL Injection

No description provided by source. ?--------------------------------------------------------------------- Exploit Title : MyBB Forum Userbar Plugin Userbar v2.2 --------------------------------------------------------------------- Author : MarioVs Date : 10/10/2011 Site : http://mariovs.pl/ @ :...

Joomla Component com_hbssearch 1.0 - Blind SQL Injection Vuln

No description provided by source. Joomla Component comhbssearchrtype Blind SQL-injection Author : boom3rang Kosova Hackers Group www.khg-crew.ws Greetz : H!tm@N, KHG, chs, redc00de, pr0xy-ki11er, LiTTle-Hack3r, L1RIDON1. ---------------------------------------- ! authorJoomla HBS/author !...

Taboada Macronews <= 1.0 - SQLi Exploit

No description provided by source. ?php / Exploit Title: Taboada Macronews = 1.0 SQLi Exploit Date: 03rd January 2013 Exploit Author: WhiteCollarGroup Software Link: http://www.scriptbrasil.com.br/download/codigo/7144/ Version: 1.0 Google Dork: intext:Powered by: joaotaboada.com Usage: php...

Digital Interchange Document Library SQL Injection Vulnerability

No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...

Esoftpro Online Guestbook Pro Multiple Vulnerabilities

No description provided by source. Exploit Title: Esoftpro Online Guestbook Pro Multiple Vulnerability Vendor url:http://www.esoftpro.com/ Version:5.1 Author: L0rd CrusAd3r aka VSN [email protected] Published: 2010-07-4 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201, Sonic Bluehat...

Esoftpro Online Contact Manager Multiple Vulnerabilities

No description provided by source. Exploit Title: Esoftpro Online Contact Manager Multiple Vulnerability Vendor url:http://www.esoftpro.com/ Version:3 Author: L0rd CrusAd3r aka VSN [email protected] Published: 2010-07-4 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201, Sonic Bluehat...

powermovielist 0.14b (sql/xss) Multiple Vulnerabilities

No description provided by source. =============================================================================================== Found : brainpillow Dork : PowerMovieList 0.14 Beta Copyright Visit : brainpillow.cc, forum.antichat.ru, raz0r.name Mail : [email protected]...

TCW PHP Album Multiple Vulnerabilities

No description provided by source. 1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: TCW PHP Album Multiple Vulnerability Vendor...

Digital Interchange Calendar SQL Injection Vulnerability

No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...

DIY Web CMS Multiple Vulnerabilities

No description provided by source. SQL and XSS in DIY Web CMS found by : p0pc0rn 22/2/2011 web : http://www.mydiyweb.com.my dork : intext:powered by DiyWeb SQL - Microsoft JET Database Engine error ----------------------------------------- http://site.com/template.asp?menuid=SQL...

Real-time ASP Calendar SQL Injection Vulnerability

No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...

webperformance Ecommerce SQL Vulnerability

No description provided by source. =============================================== webperformance Ecommerce SQL Vulnerability =============================================== .----..--.--.| |--..-----..----.| |.-----..-----. | || | || || -|| || || || | ||| ||||||| ||||| | || || webperformance...

Dimensions buy system sql vulnerability affects to the latest 4. Version 2-bug warning-the black bar safety net

Before using this buy system of the free don't know how to now start charging like This vulnerability also in several low version has always been there! Vulnerability file: app/source/articleshow.php ? php if $REQUEST "m" == "Article" && $REQUEST "a" == "showByUname" $uname = $REQUEST"uname"; //n...

Church Edit - Blind SQL Injection

Exploit Title: Church Edit Blind SQL Injection Google Dork: inurl:This website is powered by Church Edit Date: 15/3/2013 Exploit Author: ThatIcyChill Vendor Homepage: http://www.churchedit.co.uk/ Version: Initial Release �������������������������������������������������������������������� The fil...

XDcms Sql Injection 6-10

简要描述： Sql Injection 详细说明： 注入在XDCMS企业管理系统后台的内容编辑处，\system\modules\xdcms\content.php文件： 这次出在编辑处，用到的函数是editsave public function editsave $title=safehtml$POST'title';//第一处注入title字段，safehtml为过滤规则集，可被大写绕过进行注入 $commend=intval$POST'commend'; $username=safehtml$POST'username';//第二处注入username，大写可绕过过滤...