93 matches found
e-ticketing - SQL Injection
'e-ticketing' SQL Injection CVE-2012-1673 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in loginscript.php that allows for SQL injection of the 'username' and 'password' POST parameters. II. TESTED VERSION...
Tap In Solutions Blind SQL Injection
========================================================================== Exploit Title: Tap In Solutions Blind SQL Injection Vulnerability Date: 17.10.2011 Author: poach3r Software Link: http://www.tapinsolutionsinc.com/ Tested on: Windows XP SP3 Google Dork: inurl:event.php?eventid= powered by...
CVE-2010-3481
Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 username and 2 password variables, possibly related to include/classes/Login.php. NOTE: some of these details are...
PHP-Fusion 4.01 - SQL Injection
Exploit Title: PHP-Fusion v4.01 SQL INJECTION Vulnerabilities Date: 17/05/2010 Author: Ma3sTr0-Dz Software Link: http://www.php-fusion.co.uk Version: 4.01 CVE : N/A Code : exploit code =======================================================PHP-Fusion v4.01 SQL INJECTION...
PHPKit 1.6.1 - 'mailer.php' SQL Injection
Phpkit 1.6.1 SQL Injection member.php | | ||| | | | | | -| .'| || | | | -| | | -| | || ||,|||| ||||| ||| ||||| Script: Phpkit 1.6.1 SQL Injection member.php Vulnerabilities SQL Injection Language: PHP Download: this script is for free Founder: ea$y laster Peace to -tmh- ,0qwl ,Crypter ,Dr.ChAoS...
ita-forum 5.1.32 SQL Injection
No description provided by source. / + Homepage : www.1923turk.biz / EXPLOIT : http://server/index.php?cat=-89+union+select+1,2,3,concatusername,0x3a,userpass,5,6,7,8,9,0,1,2,3,4,5+from+itafuser-- ----------------------------------------------- Manas58 Delibey Tiamo...
CVE-2009-3259
Multiple SQL injection vulnerabilities in RASH Quote Management System RQMS 1.2.2 allow remote attackers to execute arbitrary SQL commands via 1 the search parameter in a search action, 2 the quote parameter in a quote addition, or 3 a UserName cookie in unspecified administrative actions. NOTE:...
Bus Script - 'sitetext_id' SQL Injection
Viva IslaM Viva IslaM Remote SQL Injection Vulnerability aboutus.php sitetextid Bus Script http://www.tourismscripts.com/ AuTh0r : Mr.SQL H0ME : WwW.55a.NeT Email : [email protected] -: ExploiteS :- www.TraGeT.CoM/aboutus.php?sitetextid=-1'+UNION+SELECT+0,CONCATWS0x3a3a,username,password,0+FROM+user...
CVE-2008-6608
Multiple SQL injection vulnerabilities in DevelopItEasy Events Calendar 1.2 allow remote attackers to execute arbitrary SQL commands via 1 the username parameter aka user field to admin/index.php, 2 the userpass parameter aka pass field to admin/index.php, or 3 the id parameter to...
Cross site scripting
Cross-site scripting XSS vulnerability in register.php in Arcadwy Arcade Script CMS allows remote attackers to inject arbitrary web script or HTML via the username field username parameter...
PHP-Fusion Mod Book Panel - 'bookid' SQL Injection
/+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\ + + + |----------------------------------------------------------------| + + | PHP-Fusion Mod - Book Panel Remote SQL Injection Vulnerability | + +...
CVE-2008-6348
Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery 1.2 allow remote attackers to execute arbitrary SQL commands via the 1 catid parameter to gallerycategory.php, 2 photoid parameter to galleryphoto.php, and the 3 username and 4 userpass parameters to admin/index.php. NOTE: some...
CVE-2008-6348
Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery 1.2 allow remote attackers to execute arbitrary SQL commands via the 1 catid parameter to gallerycategory.php, 2 photoid parameter to galleryphoto.php, and the 3 username and 4 userpass parameters to admin/index.php. NOTE: some...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in interface/Login.php in TimeTrex 2.2.11 allow remote attackers to inject arbitrary web script or HTML via the 1 password and 2 username parameters...
CVE-2008-4523
SQL injection vulnerability in login.php in IP Reg 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter...
Sql injection
SQL injection vulnerability in login.php in IP Reg 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter...
CVE-2008-4523
CVE-2008-4523 describes a SQL injection in login.php for IP Reg 0.4 and earlier, exploitable via the user_name parameter to run arbitrary SQL commands remotely. The vulnerability is evidenced in multiple sources (NVD, CVE listings, and related references) with a CVSS v2 base score of 7.5 (HIGH) a...
CVE-2008-4523
SQL injection vulnerability in login.php in IP Reg 0.4 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter...
seportal-sql.txt
Viva IslaM Viva IslaM Remote SQL Injection Vulnerability SePortal V2.4 poll.php pollid staticpages.php spid AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM & WwW.ATsDp.CoM Email : [email protected] !! SYRIAN HaCkErS !! Script : SePortal V2.4 site : www.seportal.org Download :...
@CMS 2.1.1 - SQL Injection
Viva IslaM Viva IslaM Remote SQL Injection Vulnerability @CMS 2.1.1 readarticle.php articleid AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM & WwW.ATsDp.CoM Email : [email protected] !! SYRIAN HaCkErS !! Script : @CMS 2.1.1 site : www.atcode.net -:: SQL ::-...