8 matches found
CVE-2019-20774
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. A system service allows local retrieval of the user's password. The LG ID is LVE-SMP-190009 August 2019...
Design/Logic Flaw
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. A system service allows local retrieval of the user's password. The LG ID is LVE-SMP-190009 August 2019...
CVE-2019-12122
CVE-2019-12122 affects ONAP Portal (Dublin) where calling the endpoint ONAPPORTAL/portalApi/loggedinUser can allow an attacker who has a user’s cookie to retrieve that user’s password from the database. The Red Hat and NVD entries confirm the same issue across all Portal setups. The provided docu...
Invision Community Blog Mod 1.2.4 - SQL Injection Vulnerability
No description provided by source. 1. Open any blog entry 2. Try to reply to any message 3. Push Preview message button Do not post your reply 4. Save source code of opened page to your PC 5. Find this string input type='hidden' name='eid' value='BLOGENTRYID' / 6. Change BLOGENTRYID with this SQL...
BXCP 0.2.9.9 - tid SQL Injection
BXCP 0.2.9.9 - tid SQL Injection x128.net oo website : www.x128.net"; function xssexploit $xsstarget = $SERVER'argv'1 . "/index.php"; $xsshttpget = "?show=topic&tid...
Zorum Forum 3.5 - 'rollid' SQL Injection
!/usr/bin/perl use LWP::UserAgent; ------------------------------------------------------------------------------------------- Zorum forum http://zorum.phpoutsourcing.com/ version 3.5 sql injection exploit by 1dt.w0lf // RusH security team work on all mysql versions...
phpWebSite 0.10.0 - 'module' SQL Injection
!/usr/bin/perl use LWP::Simple; $serv = $ARGV0; $path = $ARGV1; $name = $ARGV2; sub usage print "\nUsage: $0 server path username \n"; print "sever - URL\n"; print "path - path to index.php\n"; print "username - name register user\n\n"; exit ; sub work print qq ---------------------------------...
mybb.pl.txt
!/usr/bin/perl -w SQL Injection Exploit for MyBulletinBoard MyBB .?/ && print "+ User ID is: $1\n"; print "- Unable to retrieve User ID\n" if!$1; $page = m/.?/ && print "+ MD5 hash of password is: $1\n"; print "- Unable to retrieve hash of password\n" if!$1;...