23 matches found
EUVD-2015-9331
Malware in sbrugna...
EUVD-2005-0830
Malware in sbrugna...
SourceCodester Gym Management System SQL注入漏洞
SourceCodester Gym Management System is an American SourceCodester company's gym management system. The system is developed in C and sql server and features customer and vendor management, product management, sales management, gym membership management, fitness assessment, system logging, databas...
CVE-2020-13764
common.php in the Gravity Forms plugin before 2.4.9 for WordPress can leak hashed passwords because userpass is not considered a special case for a $currentuser-get$property call...
CVE-2015-9482
The ThemeMakers Car Dealer / Auto Dealer Responsive theme through 2015-05-15 for WordPress allows remote attackers to obtain sensitive information such as userlogin, userpass, and useremail values via a direct request for the wp-content/uploads/tmmdbmigrate/wpusers.dat URI...
FreiChat 9.6 - SQL Injection
FreiChat 9.6 - SQL Injection / Exploit Title: FreiChat 9.6 SQL Injection Date: 27-11-2014 Software Link: http://codologic.com/page/freichat-free-php-chat-script-software Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1...
CVE-2015-2843
Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 userpass parameter in gologin.php or the PATHINFO to 3 gologin/validatecredentials/admin/ or 4 index.php/gosite/gogetuserinfo/...
Sql injection
Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 userpass parameter in gologin.php or the PATHINFO to 3 gologin/validatecredentials/admin/ or 4 index.php/gosite/gogetuserinfo/...
Cart66 Lite WordPress Ecommerce 1.5.1.17 Blind SQL Injection
Exploit for php platform in category web applications Exploit Title: Cart66 Lite WordPress Ecommerce 1.5.1.17 Blind SQL Injection Date: 29-10-2014 Exploit Author: Kacper Szurek - http://security.szurek.pl/ http://twitter.com/KacperSzurek Software Link:...
WordPress Sharebar 1.2.1 SQL Injection / Cross Site Scripting
Hi We have used our tool, THAPS, to identify vulnerabilities in this WordPress plugin. We have confirmed at least one of the reported vulnerabilities and created a working exploit located below. Attached is one or more log files containing the output of our tool, identifying the location of the...
Studio Manolibera Listarivisteuk SQL Injection
Exploit Title: Listarivisteuk SQL Injection Author: Th4 MasK Contact to ; [email protected] Date : 27.01.2012 Platform : Php Dork: listarivisteuk.php?Id?= Demo Site : http://www.fgda.org/listarivisteuk.php?Id=1 Exploit :...
WordPress Plugin SermonBrowser 0.43 - SQL Injection
WordPress Plugin SermonBrowser 0.43 - SQL Injection alert0 FPD : http://site/wp/wp-content/plugins/sermon-browser/sermon.php -== Start ==- "; $t=array"dbusr"="user","dbver"="version","dbnam"="database","usrnm"="userlogin","passwd"="userpass"; function text2hex$string $hex = ''; $len = strlen$stri...
WordPress and Pyrmont V2. SQL Injection Vulnerability
Exploit for unknown platform in category web applications ===================================================== WordPress and Pyrmont V2. SQL Injection Vulnerability ===================================================== WordPress and Pyrmont V2. SQL Injection Vulnerability Plugin Home:...
ita-forum 5.1.32 SQL Injection
No description provided by source. / + Homepage : www.1923turk.biz / EXPLOIT : http://server/index.php?cat=-89+union+select+1,2,3,concatusername,0x3a,userpass,5,6,7,8,9,0,1,2,3,4,5+from+itafuser-- ----------------------------------------------- Manas58 Delibey Tiamo...
Phenotype CMS 2.8 - login.php?user Blind SQL Injection
Phenotype CMS 2.8 - login.php?user Blind SQL Injection Phenotype v2.8 Blind Sql Injection AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://ircrash.com My Official WebSite : http://r3dw0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina...
CVE-2008-6608
Multiple SQL injection vulnerabilities in DevelopItEasy Events Calendar 1.2 allow remote attackers to execute arbitrary SQL commands via 1 the username parameter aka user field to admin/index.php, 2 the userpass parameter aka pass field to admin/index.php, or 3 the id parameter to...
CVE-2008-6348
Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery 1.2 allow remote attackers to execute arbitrary SQL commands via the 1 catid parameter to gallerycategory.php, 2 photoid parameter to galleryphoto.php, and the 3 username and 4 userpass parameters to admin/index.php. NOTE: some...
CVE-2008-6348
Multiple SQL injection vulnerabilities in DevelopItEasy Photo Gallery 1.2 allow remote attackers to execute arbitrary SQL commands via the 1 catid parameter to gallerycategory.php, 2 photoid parameter to galleryphoto.php, and the 3 username and 4 userpass parameters to admin/index.php. NOTE: some...
Pligg CMS 9.9.0 - 'story.php' SQL Injection
|| | | Pligg Beta 9.9.0 id Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangelg85atYahooDoTcom | | | | | | | | script : http://www.pligg.com/ | | DorK : Powered By Pligg | Legal: License...
Wordpress Plugin Download (dl_id) SQL Injection Vulnerability
Exploit for unknown platform in category web applications ============================================================= Wordpress Plugin Download dlid SQL Injection Vulnerability ============================================================= Wordpress Plugin Download file Remote SQL Injection...