CVE-2007-1155

The CVE-2007-1155 entry applies to webSPELL with an unrestricted file upload vulnerability that lets remote authenticated administrators upload and execute arbitrary PHP code via the add squad feature. The root cause is unrestricted upload of PHP files, enabling potential remote code execution. T...

webspell-sql.txt

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV2 print "\n \'/ "; print "\n -.- "; print "\n -------------------oOO------OOo-------------------"; print "\n | webSPELL "; print "\n! Example: perl ws.pl 127.0.0.1 /webspell/ -tid 1 -uid 2 -t myuser"; print "\n! Options:"; print "\n -ti...

webspell40-multi.txt

WebSpell Authentication Bypass and arbitrary code execution Vendor : WebSpell URL : http://www.webspell.org/ Version : All Risk : SQL Injection, unchecked file upload Description: webSPELL is a free Content Management System CMS for clans and gaming communities, providing all needed features like...

WebSpell > 4.0 Authentication Bypass and arbitrary code execution

WebSpell Authentication Bypass and arbitrary code execution Vendor : WebSpell URL : http://www.webspell.org/ Version : All Risk : SQL Injection, unchecked file upload Description: webSPELL is a free Content Management System CMS for clans and gaming communities, providing all needed features like...

webSPELL <= 4.01.02 (topic) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV2 print " \'/ "; print " -.- "; print " -------------------oOO------OOo-------------------"; print " | webSPELL = v4.01.02 topic Remote SQL Injection |"; print " | coded by DNX |"; print "...

CVE-2007-1019

SQL injection vulnerability in news.php in webSPELL 4.01.02, when registerglobals is enabled, allows remote attackers to execute arbitrary SQL commands via the showonly parameter to index.php, a different vector than CVE-2006-5388...

Sql injection

SQL injection vulnerability in news.php in webSPELL 4.01.02, when registerglobals is enabled, allows remote attackers to execute arbitrary SQL commands via the showonly parameter to index.php, a different vector than CVE-2006-5388...

CVE-2007-1019

SQL injection vulnerability in news.php in webSPELL 4.01.02, when registerglobals is enabled, allows remote attackers to execute arbitrary SQL commands via the showonly parameter to index.php, a different vector than CVE-2006-5388...

CVE-2007-1019

CVE-2007-1019 is a SQL injection in the webSPELL 4.01.02 system. The vulnerability occurs in news.php when register_globals is enabled, allowing remote attackers to inject arbitrary SQL via the showonly parameter to index.php (a different vector from CVE-2006-5388). Connected sources confirm the ...

webSPELL <= 4.01.02 (topic) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================== webSPELL "; print "\n! Example: perl ws.pl 127.0.0.1 /webspell/ -tid 1 -uid 2 -t myuser"; print "\n! Options:"; print "\n -tid no Valid topic-ID"; print "\n -uid no User-ID, default ...

webSPELL 4.01.02 - topic SQL Injection

webSPELL 4.01.02 - topic SQL Injection !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV2 print "\n \'/ "; print "\n -.- "; print "\n -------------------oOO------OOo-------------------"; print "\n | webSPELL "; print "\n! Example: perl ws.pl 127.0.0.1 /webspell/ -tid 1 -uid 2 -t...

webSPELL 4.01.02 - &#039;topic&#039; SQL Injection

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV2 print "\n \'/ "; print "\n -.- "; print "\n -------------------oOO------OOo-------------------"; print "\n | webSPELL "; print "\n! Example: perl ws.pl 127.0.0.1 /webspell/ -tid 1 -uid 2 -t myuser"; print "\n! Options:"; print "\n -ti...

webSPELL 4.01.02 (showonly) Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print " \'/ "; print " -.- "; print " -------------------oOO------OOo-------------------"; print " | webSPELL v4.01.02 showonly Remote SQL Injection |"; print " | works only with...

webSPELL 4.01.02 (showonly) Remote Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================================== webSPELL 4.01.02 showonly Remote Blind SQL Injection Exploit ============================================================== !/usr/bin/perl use LWP::UserAgent; use Getopt::Long;...

webSPELL 4.01.02 - &#039;showonly&#039; Blind SQL Injection

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print "\n \'/ "; print "\n -.- "; print "\n -------------------oOO------OOo-------------------"; print "\n | webSPELL v4.01.02 showonly Remote SQL Injection |"; print "\n | works only with registerglobals = on |"; print "\n | coded by...

webSPELL 4.01.02 - showonly Blind SQL Injection

webSPELL 4.01.02 - showonly Blind SQL Injection !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print "\n \'/ "; print "\n -.- "; print "\n -------------------oOO------OOo-------------------"; print "\n | webSPELL v4.01.02 showonly Remote SQL Injection |"; print "\n | works only...

WebSpell Gallery.PHP SQL注入漏洞

WebSpell是一款基于PHP的WEB应用程序。 WebSpell不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息。 问题是'Gallery.PHP'脚本对用户提交的WEB参数缺少过滤，提交恶意SQL脚本代码作为参数数据，可更改原来的SQL逻辑，导致获得敏感信息。 webSPELL 4.1.2 目前没有解决方案提供： http://www.webspell.org/ //webSPELL SQL-injection exploit in gallery.php $xpl = new phpsploit; $xpl-allowredirection1;...

Drupal Acidfree模块节点标题SQL注入漏洞

WebSpell是一款基于PHP的WEB应用程序。 WebSpell不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息。 问题是脚本对用户提交的Node标题参数缺少过滤，提交恶意SQL脚本代码作为参数数据，可更改原来的SQL逻辑，导致获得敏感信息。 Drupal Acidfree Module 4.7 Drupal Acidfree Module 4.6 厂商解决方案 升级程序： Drupal Acidfree Module 4.6 Drupal acidfree-4.6.x-1.0.tar.gz...

Sql injection

SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows remote attackers to execute arbitrary SQL commands via the picID parameter, a different vector than CVE-2007-0492...

CVE-2007-0502

SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows remote attackers to execute arbitrary SQL commands via the picID parameter, a different vector than CVE-2007-0492...