4789 matches found
Joomla! Component com_schools - SQL Injection
Joomla Component comschools SQL injection author:Mr.tro0oqy email:[email protected] exp: http://server/path/index.php?option=comschools&Itemid=89&schoolid=-53+union+select+1,groupconcatusername,0x3a,password,3,4,5,6,7,8,9,10,11+from+josusers-- demo :...
Adobe RoboHelp Server SQL Injection (CVE-2008-2991)
Adobe RoboHelp Server is a server-based Help solution that provides real-time end-user feedback on Help and knowledge bases. It gathers and logs data about what questions users ask, while searching content and how users navigate through topics. There exists an SQL injection vulnerability in Adobe...
HP-UX PHSS_38783 : HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Unauthorized Access to Data (HPSBMA02406 SSRT080100 rev.2)
s700800 11.X OV NNM7.53 IA-64 Intermediate Patch 21 : Potential security vulnerabilities have been identified with HP OpenView Network Node Manager OV NNM. The vulnerabilities could be exploited remotely to allow execution of arbitrary code or unauthorized access to data. %NASLMINLEVEL 70300 C...
HP-UX Update for Veritas VxFS 3.3/3.5 HPSBUX01218
Check for the Version of Veritas VxFS 3.3/3.5 OpenVAS Vulnerability Test HP-UX Update for Veritas VxFS 3.3/3.5 HPSBUX01218 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
scpig-sql.txt
SoftComplex PHP Image Gallery ctg Remote SQL Injection Velnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc MaiL : [email protected] script : http://www.softcomplex.com/products/phpimagegallery/demo2/ ExploiT & demo...
Flash Player vulnerable in handling cross-domain policy files
Overview Adobe Flash Player contains a vulnerability caused by improper handling of cross-domain policy files. Adobe Flash Player is a player for the Flash media format and enables frame-based animations with sound to be viewed within a web browser. According to Adobe's "About allowing cross-doma...
CaLogic Calendars 1.2.2 (langsel) Remote SQL Injection Vulnerability
Exploit for unknown platform in category web applications ==================================================================== CaLogic Calendars 1.2.2 langsel Remote SQL Injection Vulnerability ====================================================================...
XOOPS Module wfdownloads (cid) Remote SQL Injection Vulnerability
No description provided by source. XOOPS module wfdownloads SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAiL : [email protected] DORK 1 : allinurl: "modules/wfdownloads/viewcat.php?cid" DORK 2 : allinurl: "modules/wfdownloads" EXPLOIT :...
eurologon-sql.txt
--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Eurologon...
Chatwm 1.0 - SelGruFra.asp SQL Injection
Chatwm 1.0 - SelGruFra.asp SQL Injection source: https://www.securityfocus.com/bid/21732/info Chatwm is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an...
Creative Software UK Community Portal 1.1 - 'DiscReply.php?mid' SQL Injection
source: https://www.securityfocus.com/bid/17890/info Creative Community Portal is prone to multiple SQL-injection vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. A successful exploit could allow an...
EV0072.txt
New eVuln Advisory: Magic News Lite PHP Code Execution & Unauthorized Data Modification http://evuln.com/vulns/72/summary.html --------------------Summary---------------- eVuln ID: EV0072 CVE: CVE-2006-0723 CVE-2006-0724 Vendor: Reamday Enterprises Vendor's Web Site: http://reamdaysoft.com...
EV0073.txt
New eVuln Advisory: Magic Downloads Unauthorized Data Modification http://evuln.com/vulns/73/summary.html --------------------Summary---------------- eVuln ID: EV0073 CVE: CVE-2006-0722 Vendor: Reamday Enterprises Vendor's Web Site: http://reamdaysoft.com Software: Magic Downloads Sowtware's Web...
[eVuln] Magic News Lite PHP Code Execution & Unauthorized Data Modification
New eVuln Advisory: Magic News Lite PHP Code Execution & Unauthorized Data Modification http://evuln.com/vulns/72/summary.html --------------------Summary---------------- eVuln ID: EV0072 CVE: CVE-2006-0723 CVE-2006-0724 Vendor: Reamday Enterprises Vendor's Web Site: http://reamdaysoft.com...
[eVuln] Magic Downloads Unauthorized Data Modification
New eVuln Advisory: Magic Downloads Unauthorized Data Modification http://evuln.com/vulns/73/summary.html --------------------Summary---------------- eVuln ID: EV0073 CVE: CVE-2006-0722 Vendor: Reamday Enterprises Vendor's Web Site: http://reamdaysoft.com Software: Magic Downloads Sowtware's Web...
[eVuln] Time Tracking Software Multiple Vulnerabilities
New eVuln Advisory: Time Tracking Software Multiple Vulnerabilities http://evuln.com/vulns/69/summary.html --------------------Summary---------------- eVuln ID: EV0069 CVE: CVE-2006-0689 CVE-2006-0690 CVE-2006-0691 Vendor: TTS Software Software: Time Tracking Software Sowtware's Web Site:...
[security bulletin] SSRT4702 rev.0 - HP-UX running Veritas 3.3/3.5 unauthorized data access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBUX01218 REVISION: 0 SSRT4702 rev.0 - HP-UX running Veritas 3.3/3.5 unauthorized data access NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. INITIAL RELEASE: 24 August 2005 POTENTIAL...
[SA15857] Emilda User Management Security Bypass Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Hosting Controller 6.1 - resellerresources.asp?jresourceid SQL Injection
Hosting Controller 6.1 - resellerresources.asp?jresourceid SQL Injection source: https://www.securityfocus.com/bid/13806/info Hosting Controller is reported prone to multiple vulnerabilities. These issues can allow an attacker gain unauthorized access to data and carry out SQL injection attacks...
MyPHP Forum 1.0 SQL Injection Exploit
Exploit for unknown platform in category web applications ===================================== MyPHP Forum 1.0 SQL Injection Exploit ===================================== /==========================================/ // GHC - MyPHP Forum - ADVISORY // Product: MyPHP Forum // Version: 1.0 // URL:...