308 matches found
European Space Agency SQL vulnerability exploited
The European Space Agency ESA is an intergovernmental organisation dedicated to the exploration of space. Hacker going by name "SlixMe" find and exploit SQL Injection vulnerability on a sub domain of website. Hacker upload dump on his website, where he disclose the SQLi vulnerable link and Databa...
anwsion注入很普通in注入
简要描述: anwsion注入很普通in注入 详细说明: system/class/clsactionlogclassinc.php 472代码; public static function getactionsdistintbywhere 类 $sql = "SELECT MAXhistoryid historyid FROM " . gettable'useractionhistory' . " WHERE " . $where . " GROUP BY associateid, associatetype ORDER BY historyid DESC";...
2Point Solutions XSS / SQL Injection / Local File Inclusion
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...
Joomla! Component com_icagenda - 'id' Multiple Vulnerabilities
Souhail Hammou - Independant Security Researcher & Penetration Tester . Facebook : www.facebook.com/dark.puzzle.sec E-mail : [email protected] Greetings to all moroccan researchers and white hats . ------------------------------------------------------------------------------ Exploit Title:...
phpcms v9. 1. 1 5 sql and XSS exploits-vulnerability warning-the black bar safety net
phpcms v9. 1. 1 5 The official demo site has been updated to 9.1.16: the http://v9.demo.phpcms.cn/ XSS public function publicgetsuggestkeyword $url = $GET'url'.'& q='.$ GET'q'; echo $url; $res = @filegetcontents$url; ifCHARSET != 'gbk' $res = iconv'gbk', CHARSET, $res; echo $res; Use method:...
Element C2 SQL Injection
---------------------------------------------------------------- Element C2 SQL Injection ---------------------------------------------------------------- Exploit Title: Element C2 SQL Injection Author: Hack Center Security Team Discovered By : Net.W0lf Software Link: www.elementc2.com Impact :...
Joomla ICAgenda SQL Injection / Path Disclosure
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x Official Website: http://www.1337day.com 0 1 x...
Joomla Board All Version Sql Vulnerability
Exploit Title : Joomla Board All Version Sql Vulnerability Author : Iranian Security & Research Team Discovered By : Nafsh Home : sec-lab.ir Contact : research at sec-lab dot ir Date : 22/1/2012 - 13:30 Software Link : www.joomla.org Security Risk : High...
Webspell FIRSTBORN Movie-Addon - Blind SQL Injection
Webspell FIRSTBORN Movie-Addon - Blind SQL Injection ======================================================================================== | Title : Webspell FIRSTBORN Movie-Addon Blind SQL Injection Vulnerability | Author : Easy Laster | Script : Webspell FIRSTBORN Movie-Addon | Site :...
Script-KS 4.0.2 - SQL/XSS Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 x...
WebTriad SQL Injection
Exploit Title: WebTriad SQL Injection Author: Th4 MasK Contact to ; [email protected] Vendor : http://www.webtriad.com.br/ Date : 19.02.2012 Platform : Php Demo Site : http://revistafocus.com/municipios.php?id=44SQL Virüslerden Önce Akil Var. Bilinmezlik DiyarinDan Olmassa Olmazimdir Bazi...
MangosWeb - SQL Injection
MangosWeb - SQL Injection EXPLOIT TITLE: MangosWeb SQL Vulnerability DATE: 1/7/2012 BY Hood3dRob1n AFFECTED PRODUCTS: MangosWeb Enhanced Version 3.0.3 SW LINK: http://code.google.com/p/mwenhanced/ CATEGORY: WebApp 0day DORK: intext:MangosWeb ENhanced Version 3.0.3 @2009-2011, KeysWow Dev Team...
MangosWeb SQL Vulnerability
Exploit for php platform in category web applications EXPLOIT TITLE: MangosWeb SQL Vulnerability Author: BY Hood3dRob1n Greetz: 1337day Inj3ct0r Exploit DataBase 1337day.com AFFECTED PRODUCTS: MangosWeb Enhanced Version 3.0.3 SW LINK: http://code.google.com/p/mwenhanced/ CATEGORY: WebApp 0day DOR...
Ecava IntegraXor SQL
Overview ICS-CERT has received a report from independent security researcher Dan Rosenberg with Virtual Security Research VSR of an unauthenticated Structured Query Language SQL vulnerability in the Ecava IntegraXor human machine interface HMI product that could allow data leakage, data...
Joomla Matrimony SQL Injection
Exploit Title: Joomla Component commatrimony SQL Injection Vulnerability Author : CoBRa21 E-Mail : uykucu at windowslive.com Google Dork : inurl:index.php?option=commatrimony Status : High-Risk SQL Vulnerability http://127.0.0.1/PATH/index.php?option=commatrimony&action=view&id=2 SQL SQL Exploit...
jPORTAL 2 (comment.php id) Remote SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: jPORTAL 2 SQL Injection Vulnerabilitiy Google Dork: "powered by jPORTAL 2" Date: 8/12/2011 Author: H4ckCity Security Team Discovered By: farbodmahini Home: WwW.H4ckCity.Org Software Link: http://jportal2.com/ Version: All Versio...
Oracle Application Server Unspecified Vulnerability (cpuapr2006)
Oracle Application Server AS is prone to an uspecified vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Blogs manager <= 1.101 SQL Injection Vulnerability
Exploit for php platform in category web applications ------------------------------------------------------------------------ Blogs manager = 1.101 SQL Injection Vulnerability ------------------------------------------------------------------------ author............: muuratsalo Revshell.com...
hzhost6. 5 Hua public virtual host management system latest SQL vulnerability-vulnerability warning-the black bar safety net
This vulnerability out in the channeldmectr. asp this file,with no filtering of any parameter. Just here I have a genuine copy of the patch,open a look,patched the channeldmectr. asp file in the 2 1 row to the 4 row 0,add the following code: Program code Function SafeRequestParaName Dim ParaValue...
Marinet CMS - 'room.php' Blind SQL Injection
==================================================== MARINET CMS room.php = Blind SQL Vulnerability ==================================================== Exploit Title: MARINET CMS room.php = Blind SQL Vulnerability Date: 30 - 09 - 2011 Author: BHG Security Center Software Link:...