CVE-2011-5137

Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary SQL commands via the 1 TopicID parameter to viewtopic.php, the 2 BoardID parameter to viewboard.php, or 3 CatID parameter to viewcat.php...

bcoos1013-sql.txt

!/usr/bin/perl -w ============================================ bcoos 1.0.13 Remote SQL Injection Exploit ============================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------|...

bcoos 1.0.13 (viewcat.php cid) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =========================================================== bcoos 1.0.13 viewcat.php cid Remote SQL Injection Exploit =========================================================== !/usr/bin/perl -w ===========================================...

xhresim-sql.txt

XOOPS 1.0 RC 3.0.4 Module myAlbum - Remote SQL Injection www.xoops.org ---------------------------------------------------------- Bug founded by d3v1l Date: 20.09.2007 [email protected] ----------------------------------------------------------- Greetz tO:- Security-Shell Members...

Sql injection

SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials 2.1 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2008-1889

SQL injection vulnerability in viewcat.php in XplodPHP AutoTutorials 2.1 and earlier, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter...

Sql injection

SQL injection vulnerability in viewcat.php in the Photo 3.02 module for RunCMS allows remote attackers to execute arbitrary SQL commands via the cid parameter...

CVE-2008-1551

CVE-2008-1551 affects the Photo 3.02 module for RunCMS (viewcat.php) with an SQL injection via the cid parameter, enabling remote execution of arbitrary SQL commands. The NVD entry rates it High (CVSS v2.0 7.5) with network access and no authentication. References include X‑Force, Secunia, Exploi...

CVE-2008-1349

SQL injection vulnerability in viewcat.php in the bamaGalerie Bama Galerie 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL commands via the cid parameter...

CVE-2008-1349

SQL injection vulnerability in viewcat.php of the bamaGalerie (Bama Galerie) 3.03 and 3.041 module for eXV2 2.0.6 allows remote attackers to execute arbitrary SQL via the cid parameter. Affected component: viewcat.php within the bamaGalerie module; root cause: input from cid not being safely hand...

exv2-sql.txt

eXV2 Module bamaGalerie 3.03 SQL Injection download=http://www.exv2-filecenter.de/modules/mydownloads/singlefile.php?lid=9 AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORKS 1 : allinurl :"modules/bamagalerie3" DORKS 2 : allinurl...

eXV2 Module bamaGalerie 3.03 - SQL Injection

eXV2 Module bamaGalerie 3.03 - SQL Injection eXV2 Module bamaGalerie 3.03 SQL Injection download=http://www.exv2-filecenter.de/modules/mydownloads/singlefile.php?lid=9 AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAÄ°L : [email protected] DORKS 1 : allinurl...

XOOPS Module wfdownloads (cid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================= XOOPS Module wfdownloads cid Remote SQL Injection Vulnerability ================================================================= XOOPS module wfdownloads SQL Injection DORK...

XOOPS Module wflinks SQL Injection(cid)

XOOPS Module wflinks SQL Injectioncid AUTHOR : S@BUN HOME 1 : http://www.milw0rm.com/author/1334 MAL : [email protected] DORK 1 : allinurl: modules/wflinks/viewcat.php DORK 2 : allinurl: modules/wflinks example http://xxxxxx.com/modules/wflinks/viewcat.php?cid= exploit EXPLOIT :...

Sql injection

SQL injection vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to execute arbitrary SQL commands via the CatID parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in ViewCat.php in iTechClassifieds 3.0 allows remote attackers to inject arbitrary web script or HTML via the CatID parameter...

CVE-2008-0684

CVE-2008-0684 documents a cross-site scripting (XSS) vulnerability in ViewCat.php of iTechClassifieds 3.0, exploitable via the CatID parameter to inject arbitrary web script/HTML. The root cause is lack of proper input validation/sanitization in Category ID handling, allowing attacker-supplied in...

CVE-2008-0685

The CVE-2008-0685 entry concerns a SQL injection in ViewCat.php of iTechClassifieds 3.0, exploitable via the CatID parameter to yield arbitrary SQL commands on the backend. Affected component is the ViewCat.php code path in iTechClassifieds 3.0, with the underlying issue being improper handling o...

ITech Classifieds Multiple Remote Vulnerabilities

Title : ITech Classifieds Multiple Remote Vulnerabilities Author : CrackersChild Bug : SQL Injection + XSS Demo : http://itechclassifieds.com/demo/ Exp : /ViewCat.php?CatID=scriptAlertdocument.cookie/script Exp : /ViewCat.php?CatID=SQL Injection / Greetz : www.aq.com www.sibersavascilar.com...

Sql injection

Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition allow remote attackers to execute arbitrary SQL commands via the suserid parameter to ViewCat.php and other unspecified vectors. NOTE: the CatID/ViewCat.php, CatID/gallery.php, and ItemNum/ViewItem.php vectors are already...