Lucene search
K

123 matches found

0day.today
0day.today
added 2008/12/17 12:0 a.m.19 views

Lizardware CMS <= 0.6.0 Blind SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================== Lizardware CMS post$host, user = $param, pass = 'anything' ; sub givechar my $send = undef; my $charz,$uidz = @; $send = "' or select ifasciisubstring". "userpassword,$uidz,1=$charz,"...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/12/17 12:0 a.m.25 views

Lizardware CMS 0.6.0 - Blind SQL Injection

!/usr/bin/perl -w Lizardware CMS post$host, user = $param, pass = 'anything' ; sub givechar my $send = undef; my $charz,$uidz = @; $send = "' or select ifasciisubstring". "userpassword,$uidz,1=$charz,". "benchmark230000000,char0,". "0 from $ptableusers where userid=$userid"; return $send; for1..3...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/12/09 12:0 a.m.22 views

phpBB 3 (Mod Tag Board &lt;= 4) Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl --------------------------------------------------------------- phpBB 3 Mod Tag Board = 4 Remote Blind SQL Injection Exploit by athos - stakerathotmaildotit http://bx67212.netsons.org/forum/viewforum.php?f=3...

7.1AI score
Exploits0
0day.today
0day.today
added 2008/12/08 12:0 a.m.17 views

phpBB 3 (Mod Tag Board <= 4) Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications =============================================================== phpBB 3 Mod Tag Board = 4 Remote Blind SQL Injection Exploit =============================================================== !/usr/bin/perl...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/10/15 12:0 a.m.28 views

WP Comment Remix 1.4.3 Remote SQL Injection Exploit

No description provided by source. ?php / WP Comment Remix 1.4.3 SQL Injection Proof of Concept By g30rg3x g30rg3xatchxsecuritydotorg Advisory: http://chxsecurity.org/advisories/adv-3-full.txt PoC Mirror: http://chxsecurity.org/proof-of-concepts/wp-comment-remix-143.zip Attention: This is a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/09/21 12:0 a.m.48 views

Invision Power Board &lt;= 2.3.5 Remote SQL Injection Exploit

No description provided by source. ?php errorreportingEALL; /////////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////////// // IPB = 2.3.5 sql injection exploit // Version 1.0 // written by Janek Vind "waraxe" //...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/06/05 12:0 a.m.23 views

psys-sql.txt

pSys - 0.7.0. alpha shownews SQL Injection Bug by: h0yt3r Bug in here: if isset$REQUEST'shownews' && $REQUEST'shownews' != "" $sqlbefehl="Select titel from $tabnews Where id = '".intval$REQUEST'shownews'."'"; $gettitel = mysqlquery$sqlbefehl,$serverid; $news=mysqlfetcharray$gettitel; $pagetitle =...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2008/04/22 4:0 p.m.22 views

CVE-2008-1918

SQL injection vulnerability in submit.php in PHP-Fusion 6.01.14 and 6.00.307, when magicquotesgpc is disabled and the database table prefix is known, allows remote authenticated users to execute arbitrary SQL commands via the submitinfo parameter in a link submission action. NOTE: it was later...

7.9AI score0.01485EPSS
Exploits1References10
Packet Storm
Packet Storm
added 2008/01/24 12:0 a.m.25 views

cpg1414-sql.txt

table prefix\n"; print " - hostname\n"; print " - web dirname \n"; print " - force mode - '0' - for Off or "album number" for force mode On \n"; print " table prefix - prefix of sql tables\n"; print " example: " . $argv0 . " coppermine.site photo/ 1 cpg1410\n"; credits; / FUNCTIONS / if...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/01/22 12:0 a.m.22 views

PHP-Nuke < 8.0 (sid) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================= PHP-Nuke version Tested on 7.9 & 6.0 '; if $argc table prefix\n"; print "ex.: " . $argv0 . " phpnuke.org 7\n"; credits; exit; / few definitions / if empty$argv3 $prefix = 'nuke'; define...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/01/22 12:0 a.m.13 views

Coppermine Photo Gallery 1.4.10 - SQL Injection

Coppermine Photo Gallery 1.4.10 - SQL Injection table prefix\n"; print " - hostname\n"; print " - web dirname \n"; print " - force mode - '0' - for Off or "album number" for force mode On \n"; print " table prefix - prefix of sql tables\n"; print " example: " . $argv0 . " coppermine.site photo/ 1...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2007/12/31 12:0 a.m.30 views

myphp-sql.txt

Name : MyPHP Forum So we can execute an sql injection thrught the bugged variable $id. PoC: http://Site/faq.php?action=view&id=-1'+union+select+1,concatusername,0x3a,password,3+from+tableprefixmember+where+uid=1/ Sql injection in member.php So $member variable isn't controlled so we can exploit i...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/07/22 12:0 a.m.12 views

WSN Links Basic Edition (displaycat catid) SQL Injection Vulnerbility

No description provided by source. --==+================================================================================+==-- --==+ WSN Links Basic Edition SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz ...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/07/21 12:0 a.m.49 views

WSN Links Basic Edition - &#039;catid&#039; SQL Injection

--==+================================================================================+==-- --==+ WSN Links Basic Edition SQL Injection Vulnerbility +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SITE: wsnforum.com DORK:...

7AI score
Exploits0
NVD
NVD
added 2007/06/27 12:30 a.m.15 views

CVE-2007-3434

index.php in Pharmacy System 2 and earlier allows remote attackers to obtain sensitive information via a ' quote character in the page parameter, which reveals the table prefix in an error message...

5CVSS6.1AI score0.02684EPSS
Exploits0References5
Prion
Prion
added 2007/06/27 12:30 a.m.15 views

Code injection

index.php in Pharmacy System 2 and earlier allows remote attackers to obtain sensitive information via a ' quote character in the page parameter, which reveals the table prefix in an error message...

5CVSS6.6AI score0.02684EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/06/27 12:0 a.m.39 views

FreeBSD : wordpress -- XMLRPC SQL Injection (0838733d-1698-11dc-a197-0011098b2f36)

Secunia reports : Slappter has discovered a vulnerability in WordPress, which can be exploited by malicious users to conduct SQL injection attacks. Input passed to the 'wp.suggestCategories' method in xmlrpc.php is not properly sanitised before being used in SQL queries. This can be exploited to...

6.5CVSS6AI score0.07315EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2007/06/26 12:0 a.m.19 views

pharmacy-sql.txt

--==+================================================================================+==-- --==+ Pharmacy System v2 AND PRIOR SQL INJECTION VULNERBILITYS +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SCRIPT DOWNLOAD: PAY...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2007/06/25 12:0 a.m.16 views

Pharmacy System 2.0 (index.php ID) Remote SQL Injection Vulnerability

No description provided by source. --==+================================================================================+==-- --==+ Pharmacy System v2 AND PRIOR SQL INJECTION VULNERBILITYS +==-- --==+================================================================================+==-- AUTHOR:...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/06/24 12:0 a.m.15 views

Pharmacy System 2.0 - index.php?ID SQL Injection

Pharmacy System 2.0 - index.php?ID SQL Injection --==+================================================================================+==-- --==+ Pharmacy System v2 AND PRIOR SQL INJECTION VULNERBILITYS +==-- --==+================================================================================+==...

0.2AI score
Exploits0
Rows per page
Query Builder