CVE-2018-25410

SIM-PKH 2.4.1 contains an SQL injection in admin/media.php via the id parameter. In the affected flow, an authenticated attacker can craft GET requests with module=pengurus and act=editpengurus to inject SQL UNION statements, enabling extraction of database information (usernames, database names,...

CVE-2018-25405

The CVE-2018-25405 entry describes SQL injection vulnerabilities in eNdonesia Portal 8.7. Specifically, unauthenticated attackers can inject SQL through mod.php parameters artid, cid, did, contid, and aboutid to retrieve sensitive data (usernames, database names, version details). Metrics show CV...

PT-2026-26923

SimplePress CMS 1.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'p' and 's' parameters. Attackers can send GET requests with crafted SQL payloads to extract sensitive database information...

vBulletin Password Collector via nodeid SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vBulletin Password Collector via nodeid SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability found in vBulletin ...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.5.0. By manipulating the "orderType" parameter and the ordering of the returned content using an SQL...

CVE-2022-37062

The CVE-2022-37062 issue affects Teledyne FLIR AX8 thermal sensor cameras version up to and including 1.46.16, due to an insecure design from improper directory access restriction that allows an unauthenticated remote attacker to request a URI containing the path to the SQLite users database and ...

Chcnav P5E GNSS 信任管理问题漏洞

Chcnav P5E GNSS is a Global Positioning System from Chcnav. The Chcnav P5E GNSS suffers from a security vulnerability that can be exploited by an attacker to extract usernames and passwords already on the user's operating system from the FW...

vBulletin 5 - 'index.php/ajax/api/reputation/vote?nodeid' SQL Injection (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection', 'Description' = %q This module exploits a SQL injection...

Xerox WorkCentre User Enumeration (SNMP)

This module will do user enumeration based on the Xerox WorkCentre present on the network. SNMP is used to extract the usernames. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xerox WorkCentr...

FLDS 1.2a Blind SQL Injection

FLDS 1.2a lpro.php id Blind SQL Injection Vulnerability + Discovered By SirGod + Greetz : All my friends + Blind SQL Injection - Get username : http://target/path/lpro.php?id=1 and asciisubstringSELECT username from users limit 0,1,1,196 Query is truepage loads normally.Going to next ascii char...

Buddy Zone 1.5 - view_sub_cat.php?cat_id SQL Injection

Buddy Zone 1.5 - viewsubcat.php?catid SQL Injection --==+================================================================================+==-- --==+ Buddy Zone Version 1.5 SQL Injection Vulnerability +==-- --==+================================================================================+==--...

Particle Wiki 1.0.2 - SQL Injection

Particle wiki = 1.0.2 Remote SQLInjection - Username/Passwordhash Extractor Thanks to UNSECURED SYSTEMS : http://pridels.blogspot.com/2006/06/particle-wiki-sql-inj.html Exploited by FarhadKey from http://www.kapda.ir Username :...

S9Y Serendipity 0.7-beta1 - SQL Injection

Proof of Concept 1 ------------------ Usage: ./sersqlipoc.sh URLtoSerendipityWeblog sersqlipoc.sh ---------8-----------8------------- !/bin/sh echo -n "Username: " curl -I -s "$1/exit.php?urlid=1&entryid=1%20and%200%20union%20select%20username%20from%20serendipityauthors%20where%20authorid%3D1" |...

S9Y Serendipity 0.7-beta1 - SQL Injection

S9Y Serendipity 0.7-beta1 - SQL Injection Proof of Concept 1 ------------------ Usage: ./sersqlipoc.sh URLtoSerendipityWeblog sersqlipoc.sh ---------8-----------8------------- !/bin/sh echo -n "Username: " curl -I -s...

nucleusCMSSQL.txt

!/usr/bin/php ? // Nucleus CMS v3.01 addcoment/itemid SQL Injection Proof of Concept // By aCiDBiTS [email protected] 24-July-2004 // // Nucleus CMS http://nucleuscms.org is a weblog php+mysql application. // // This Proof of Concept dumps the username and MD5password of the admin user placed ...