161 matches found
ZPanel 10.0.1 - Cross-Site Request Forgery Cross-Site Scripting SQL Injection Password Reset
ZPanel 10.0.1 - Cross-Site Request Forgery Cross-Site Scripting SQL Injection Password Reset Exploit Title: ZPanel = 10.0.1 CSRF, XSS, SQLi, Password Reset Date: 04/11/2012 Exploit Author: pcsjj Vendor Homepage: http://www.zpanelcp.com/ Version: 10.0.1 Software Link:...
Scientific Linux Security Update : mysql on SL5.x i386/x86_64
CVE-2009-4019 mysql: DoS crash when comparing GIS items from subquery and when handling subqueires in WHERE and assigning a SELECT result to a @variable CVE-2009-4028 mysql: client SSL certificate verification flaw CVE-2009-4030 mysql: Incomplete fix for CVE-2008-2079 / CVE-2008-4098 It was...
IBM solidDB ROWNUM Subquery Denial of Service
A denial of service vulnerability has been reported in IBM solidDB...
CVE-2011-4890
The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows remote authenticated users to cause a denial of service daemon crash via a SELECT statement with a ROWNUM condition involving a subquery...
CentOS Update for mysql CESA-2010:0109 centos5 i386
Check for the Version of mysql OpenVAS Vulnerability Test CentOS Update for mysql CESA-2010:0109 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Sun MySQL Database SELECT Subquery Denial of Service
MySQL is a popular open-source implementation of a relational database that supports the Structured Query Language SQL for querying and updating stored data. Communication with the database occurs using the MySQL protocol. As with other database implementations, MySQL has a number of built-in SQL...
mysql security update
CentOS Errata and Security Advisory CESA-2010:0109 Updated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded...
Moderate: Red Hat Security Advisory: mysql security update
Updated mysql packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL serve...
Galerie 3.2 (pic) WBB Lite Addon Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl Galerie 3.2 galerie.php Remote "Blind" SQL Injection found by: J0hn.X3r exploit written by: J0hn.X3r and electron1x Date: 05.10.2008 Dork: "Galerie 3.2 © 2004 by progressive" Contact: J0hn.X3r + ICQ: 573813 + Mail: J0hn.X3ratgmail.com electron1x ...
JAMM CMS - 'id' Blind SQL Injection
!/usr/bin/perl JAMM CMS id Blind SQL Injection Vulnerability Bug by: h0yt3r Dork: "powered by JAMM" http://www.site.de/cms/?id=blah Ok when we give $id an unexpected value like this we get an SQL Error. Unfortunately the script is so rude that it doesn't want to show us any data when we UNION...
JAMM CMS (id) Remote Blind SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================ JAMM CMS id Remote Blind SQL Injection Exploit ================================================ !/usr/bin/perl JAMM CMS id Blind SQL Injection Vulnerability Bug by: h0yt3r Dork: "powered by...
pSys 0.7.0.a (shownews) Remote SQL Injection Vulnerability
No description provided by source. pSys - 0.7.0. alpha shownews SQL Injection Bug by: h0yt3r Bug in here: if isset$REQUEST'shownews' && $REQUEST'shownews' != "" $sqlbefehl="Select titel from $tabnews Where id = '".intval$REQUEST'shownews'."'"; $gettitel = mysqlquery$sqlbefehl,$serverid;...
psys-sql.txt
pSys - 0.7.0. alpha shownews SQL Injection Bug by: h0yt3r Bug in here: if isset$REQUEST'shownews' && $REQUEST'shownews' != "" $sqlbefehl="Select titel from $tabnews Where id = '".intval$REQUEST'shownews'."'"; $gettitel = mysqlquery$sqlbefehl,$serverid; $news=mysqlfetcharray$gettitel; $pagetitle =...
pSys 0.7.0.a (shownews) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ========================================================== pSys 0.7.0.a shownews Remote SQL Injection Vulnerability ========================================================== pSys - 0.7.0. alpha shownews SQL Injection Bug by: h0yt3r Bug in...
pSys 0.7.0.a - shownews SQL Injection
pSys 0.7.0.a - shownews SQL Injection pSys - 0.7.0. alpha shownews SQL Injection Bug by: h0yt3r Bug in here: if isset$REQUEST'shownews' && $REQUEST'shownews' != "" $sqlbefehl="Select titel from $tabnews Where id = '".intval$REQUEST'shownews'."'"; $gettitel = mysqlquery$sqlbefehl,$serverid;...
linpha131-sql.txt
order = $REQUEST'order'; 188. 189. if$defaultorder != $REQUEST'order' 190. 191. $this-linkaddress .= '&order='.$REQUEST'order'; 192. 193. 194. else 195. 196. $this-order = $defaultorder; 197. 198. 199. 200. // 201. // set sql query string 202. // 203. function setSql$sqlbegin,$sqlwhere 204. 205...
pnphpbb2view-sql.txt
/ i PNphpBB2 "viewforum.php" SQL Injection Blind Password Hash Fishing Exploit i Vulnerable versions: PNphpBB2 You need at least 2 posts in the forum. - Thanks to waraxe for exploit structure... I have saved much time : Tested - Postnuke 0.764 with PNphpBB2 1.2i and MySQL 5.0.42 Maybe with other...
PNPHPBB2 1.2i - viewforum.php SQL Injection
PNPHPBB2 1.2i - viewforum.php SQL Injection / i PNphpBB2 "viewforum.php" SQL Injection Blind Password Hash Fishing Exploit i Vulnerable versions: PNphpBB2 You need at least 2 posts in the forum. - Thanks to waraxe for exploit structure... I have saved much time : Tested - Postnuke 0.764 with...
se2911-sql.txt
!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love Special Thanks to all the guys of milw0rm IRC channel for theyr help ------------------------------------------------------------------------ "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if...
MyBulletinBoard (MyBB) 1.2.2 - 'CLIENT-IP' SQL Injection
!/usr/bin/perl LOGO Mybb = 4.1 wwork: blind sql-inj ggoogle: Powered By MyBB coded by Elekt antichat.ru Coments ОпиÑание: Работа ÑкÑплойта оÑнована на sql-инъекции в HTTPCLIENTIP. Ðеавторизованный пользователь может...