237 matches found
Webspell 4.2.1 search-injection vulnerability and fix-vulnerability warning-the black bar safety net
Webspell 4.2.1 procedures exist to search-typeSQL injectioncould obtain the administrator user password Search injected into the page: http://localhost/webspell/asearch.php?site=search&table=user&column=nickname&exact=true&identifier=userID&searchtemp=searchuser&search= Storm the Admin Password...
Webspell 4.2.1 search-injection vulnerability-a vulnerability warning-the black bar safety net
Webspell 4.2.1 procedures exist to search-typeSQL injectioncould obtain the administrator user password Search injected into the page: http://localhost/webspell/asearch.php?site=search&table=user&column=nickname&exact=true&identifier=userID&searchtemp=searchuser&search= Storm the Admin Password...
Webspell 4.2.1 asearch.php SQL Injection Vulnerability
Exploit for php platform in category web applications ====================================================== Webspell 4.2.1 asearch.php SQL Injection Vulnerability ====================================================== INFORMATION +Name : webspell 4.2.1 asearch.php SQL Injection Vulnerability...
Webspell 4.X safe_query Bypass Vulnerability
Exploit for php platform in category web applications ============================================ Webspell 4.X safequery Bypass Vulnerability ============================================ INFORMATION +Name : Webspell 4.X safequery bypass Vulnerability +Author : silent vapor +Date : 29.09.2010...
webSPELL 4.x safe_query Bypass
INFORMATION +Name : Webspell 4.X safequery bypass Vulnerability +Author : silent vapor +Date : 29.09.2010 +Script : webspell +Price : free +Language :PHP +Discovered by silent vapor +Underground Agents +Greetz to Team-Internet, 4004-Security-Project, Easy Laster +Vulnerability :...
Webspell wCMS-Clanscript4.01.02net - static Blind SQL Injection
Webspell wCMS-Clanscript4.01.02net - static Blind SQL Injection ----------------------------Information------------------------------------------------ +Autor : Easy Laster +ICQ : 11-051-551 +Date : 29.09.2010 +Script : Webspell wCMS-Clanscript4.01.02net= static&static Blind SQL Injection Exploit...
Webspell 4.x - safe_query Bypass
Webspell 4.x - safequery Bypass INFORMATION +Name : Webspell 4.X safequery bypass Vulnerability +Author : silent vapor +Date : 29.09.2010 +Script : webspell +Price : free +Language :PHP +Discovered by silent vapor +Underground Agents +Greetz to Team-Internet, 4004-Security-Project, Easy Laster...
Webspell 4.2.1 - asearch.php SQL Injection
Webspell 4.2.1 - asearch.php SQL Injection INFORMATION +Name : webspell 4.2.1 asearch.php SQL Injection Vulnerability +Author : silent vapor +Date : 29.09.2010 +Script : webspell 4.2.1 +Price : free +Language :PHP +Discovered by silent vapor +Underground Agents +Greetz to Team-Internet,...
webSPELL wCMS-Clanscript 4.01.02net Blind SQL Injection
----------------------------Information------------------------------------------------ +Autor : Easy Laster +ICQ : 11-051-551 +Date : 29.09.2010 +Script : Webspell wCMS-Clanscript4.01.02net= static&static Blind SQL Injection Exploit +Price : $00,00 +Language :PHP +Discovered by Easy Laster +code...
webSPELL 4.2.1 asearch.php SQL Injection
INFORMATION +Name : webspell 4.2.1 asearch.php SQL Injection Vulnerability +Author : silent vapor +Date : 29.09.2010 +Script : webspell 4.2.1 +Price : free +Language :PHP +Discovered by silent vapor +Underground Agents +Greetz to Team-Internet, 4004-Security-Project, Easy Laster +Vulnerability :...
Webspell wCMS-Clanscript4.01.02net - static Blind SQL Injection
----------------------------Information------------------------------------------------ +Autor : Easy Laster +ICQ : 11-051-551 +Date : 29.09.2010 +Script : Webspell wCMS-Clanscript4.01.02net= static&static Blind SQL Injection Exploit +Price : $00,00 +Language :PHP +Discovered by Easy Laster +code...
Webspell 4.2.1 - 'asearch.php' SQL Injection
INFORMATION +Name : webspell 4.2.1 asearch.php SQL Injection Vulnerability +Author : silent vapor +Date : 29.09.2010 +Script : webspell 4.2.1 +Price : free +Language :PHP +Discovered by silent vapor +Underground Agents +Greetz to Team-Internet, 4004-Security-Project, Easy Laster +Vulnerability :...
Webspell 4.x - safe_query Bypass
INFORMATION +Name : Webspell 4.X safequery bypass Vulnerability +Author : silent vapor +Date : 29.09.2010 +Script : webspell +Price : free +Language :PHP +Discovered by silent vapor +Underground Agents +Greetz to Team-Internet, 4004-Security-Project, Easy Laster +Vulnerability :...
Tomcat自带示例hello.jsp存在XSS跨站脚本漏洞
存在漏洞版本: Tomcat 4.0.0 to 4.0.6 Tomcat 4.1.0 to 4.1.36 Tomcat 5.0.0 to 5.0.30 Tomcat 5.5.0 to 5.5.23 Tomcat 6.0.0 to 6.0.10 漏洞描述: Tomcat 是一个服务端应用。其存在由于用户的非正常输入导致的危险. 远程的用户可以执行跨站脚本攻击. 远程的用户也可以植入 html 来挂马 webSPELL中自带的/sample/web/hello.jsp示例程序存在跨站脚本攻击漏洞,远程攻击者注入任意web脚本或HTML可以借助test参数执行任意的js代码。...
Directory traversal
Directory traversal vulnerability in src/func/language.php in webSPELL 4.2.0e and earlier allows remote attackers to include and execute arbitrary local .php files via a .. dot dot in a language cookie. NOTE: this can be leveraged for SQL injection by including awards.php...
CVE-2009-1912
Directory traversal vulnerability in src/func/language.php in webSPELL 4.2.0e and earlier allows remote attackers to include and execute arbitrary local .php files via a .. dot dot in a language cookie. NOTE: this can be leveraged for SQL injection by including awards.php...
CVE-2009-1912
Directory traversal vulnerability in src/func/language.php in webSPELL 4.2.0e and earlier allows remote attackers to include and execute arbitrary local .php files via a .. dot dot in a language cookie. NOTE: this can be leveraged for SQL injection by including awards.php...
CVE-2009-1912
CVE-2009-1912 affects webSPELL 4.2.0e and earlier. A directory traversal flaw in src/func/language.php lets remote attackers craft a language cookie containing .. to include and execute arbitrary local PHP files; exploitation can progress to SQL injection by including awards.php. The NVD/NVD-deri...
webSPELL 4.2.0e Blind SQL Injection
!/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; use Getopt::Long; '/ -.- ------------------oOO------OOo----------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research Division // 2oo9 |...
webSPELL <= 4.2.0e (page) Remote Blind SQL Injection Exploit
No description provided by source. !/usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; use Getopt::Long; '/ -.- ------------------oOO------OOo----------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Research Division // 2oo9 |...