26 matches found
CVE-2006-1288
Multiple SQL injection vulnerabilities in Invision Power Board IPB 2.0.4 and 2.1.4 before 20060105 allow remote attackers to execute arbitrary SQL commands via cookies, related to 1 arrays of id/stamp pairs and 2 the keys in arrays of key/value pairs in ipsclass.php; 3 the topics variable in...
phpWebSite 0.10.0-full - 'topics.php' SQL Injection
!/usr/bin/perl advisory sent in by SnIpErSA selfar2002athotmail.com http://www.target.com/topics.php?op=viewtopic&topic=-1%20Union%20select%20name,name,pass,name%20From%20users%20where%20uid=1 ported by str0ke milw0rm.com from x97Rangs code RST/GHC http://rst.void.ru use LWP::Simple; $serv =...
phpWebSite <= 0.10.0-full (topics.php) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl advisory sent in by SnIpErSA selfar2002athotmail.com http://www.target.com/topics.php?op=viewtopic&topic=-1%20Union%20select%20name,name,pass,name%20From%20users%20where%20uid=1 ported by str0ke milw0rm.com from x97Rangs code RST/GHC...
phpWebSite 0.10.0-full - topics.php SQL Injection
phpWebSite 0.10.0-full - topics.php SQL Injection !/usr/bin/perl advisory sent in by SnIpErSA selfar2002athotmail.com http://www.target.com/topics.php?op=viewtopic&topic=-1%20Union%20select%20name,name,pass,name%20From%20users%20where%20uid=1 ported by str0ke milw0rm.com from x97Rangs code RST/GH...
phpWebSite <= 0.10.0-full (topics.php) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================================== phpWebSite = 0.10.0-full topics.php Remote SQL Injection Exploit =================================================================== !/usr/bin/perl advisory sent in by...
Invision Power Board < 2.0.4 Multiple Vulnerabilities (SQLi, XSS)
According to its banner, the version of Invision Power Board on the remote host suffers from multiple vulnerabilities : - SQL Injection Vulnerability The application fails to sanitize user-input supplied through the 'passhash' cookie in the 'sources/login.php' script, which can be exploited to...