CVE-2009-3325

CVE-2009-3325 describes an SQL injection in the Joomla! component com_surveymanager (Survey Manager) from Focusplus Developments, version 1.5.0. The vulnerability is triggered via the stype parameter in the editsurvey action to index.php, allowing remote attackers to execute arbitrary SQL command...

Joomla com_surveymanager SQL injection vulnerability - (stype)

No description provided by source. Joomla comsurveymanager SQL injection vulnerability - stype Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : September 19, 2009 //////\ ///////\ //////\ //////\ //////\ -=- KILL-9 CREW -=-...

Joomla Survey Manager 1.5.0 SQL Injection

Joomla comsurveymanager SQL injection vulnerability - stype Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : September 19, 2009 //////\ ///////\ //////\ //////\ //////\ -=- KILL-9 CREW -=- INDONESIANCODER -=- Software Information +...

BF Survey Pro Component for Joomla! 'table' Parameter SQLi

The version of BF Survey Pro or BF Survey Pro Free for Joomla! running on the remote host is affected by a SQL injection vulnerability due to improper sanitization of user-supplied input to the 'table' parameter in a POST request when 'task' is set to 'updateOnePage' before using it to construct...

Joomla Component BF Survey Pro Free SQL Injection Exploit

No description provided by source. ?php echo 'h2Joomla Component BF Survey Pro Free SQL Injection Exploit/h2'; echo 'h4jdc 2009/h4'; echo 'pGoogle dork: inurl:combfsurveyprofree/p'; iniset "memorylimit", "128M" ; iniset "maxexecutiontime", 0 ; settimelimit 0 ; if !isset $GET'url' die 'Usage:...

Joomla BF Survey Pro Free SQL Injection

Joomla Component BF Survey Pro Free SQL Injection Exploit'; echo 'jdc 2009'; echo 'Google dork: inurl:combfsurveyprofree'; iniset "memorylimit", "128M" ; iniset "maxexecutiontime", 0 ; settimelimit 0 ; if !isset $GET'url' die 'Usage: '.$SERVER'SCRIPTNAME'.'?url=www.victim.com' ; $vulnerableFile =...

Joomla! Component BF Survey Pro Free - SQL Injection

Joomla! Component BF Survey Pro Free - SQL Injection Joomla Component BF Survey Pro Free SQL Injection Exploit'; echo 'jdc 2009'; echo 'Google dork: inurl:combfsurveyprofree'; iniset "memorylimit", "128M" ; iniset "maxexecutiontime", 0 ; settimelimit 0 ; if !isset $GET'url' die 'Usage:...

Joomla! Component BF Survey Pro Free - SQL Injection

Joomla Component BF Survey Pro Free SQL Injection Exploit'; echo 'jdc 2009'; echo 'Google dork: inurl:combfsurveyprofree'; iniset "memorylimit", "128M" ; iniset "maxexecutiontime", 0 ; settimelimit 0 ; if !isset $GET'url' die 'Usage: '.$SERVER'SCRIPTNAME'.'?url=www.victim.com' ; $vulnerableFile =...

Joomla Component BF Survey Pro Free SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================================= Joomla Component BF Survey Pro Free SQL Injection Exploit ========================================================= Joomla Component BF Survey Pro Free SQL Injection Exploit'; echo...

Smart ASP Survey - 'catid' SQL Injection

source: https://www.securityfocus.com/bid/43370/info Smart ASP Survey is prone to a SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting the vulnerability could allow an attacker to steal cookie-based authentication credentials, compromise the...

Smart ASP Survey - catid SQL Injection

Smart ASP Survey - catid SQL Injection source: https://www.securityfocus.com/bid/43370/info Smart ASP Survey is prone to a SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting the vulnerability could allow an attacker to steal cookie-based...

Sql injection

SQL injection vulnerability in showresult.asp in Smart ASP Survey allows remote attackers to execute arbitrary SQL commands via the catid parameter...

CVE-2009-2776

SQL injection vulnerability in showresult.asp in Smart ASP Survey allows remote attackers to execute arbitrary SQL commands via the catid parameter...

CVE-2009-2776

CVE-2009-2776 is a SQL injection vulnerability affecting Smart ASP Survey’s showresult.asp, exploitable via the catid parameter to execute arbitrary SQL commands remotely. Public records consistently describe the flaw as a SQL injection in showresult.asp, with no additional details on patched ver...

CVE-2009-2776

SQL injection vulnerability in showresult.asp in Smart ASP Survey allows remote attackers to execute arbitrary SQL commands via the catid parameter...

Miniweb 2.0 Module Survey Pro - Blind SQL Injection Cross-Site Scripting

Miniweb 2.0 Module Survey Pro - Blind SQL Injection Cross-Site Scripting -----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN T...

Miniweb 2.0 Module Survey Pro (bSQL/XSS) Multiple Vulnerabilities

No description provided by source. -----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...

Miniweb 2.0 Module Survey Pro (bSQL/XSS) Multiple Vulnerabilities

Exploit for unknown platform in category web applications ================================================================= Miniweb 2.0 Module Survey Pro bSQL/XSS Multiple Vulnerabilities =================================================================...

Miniweb 2.0 Survey Pro SQL Injection / XSS

-----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...

Smart ASP Survey SQL Injection

-----------------------------I AM MUSLIM !!------------------------------ ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...