WordPress Tagged Albums SQL Injection

In the name of GOD Exploit Title: Wordpress taggedalbums plugin SQL Injection Vulnerability Google Dork: inurl:"/wp-content/plugins/taggedalbums" Exploit Author: Ashiyane Digital Security Team Category: Web Application Expl0iTs : Target/wp-content/plugins/taggedalbums/image.php?id=sql D3m0 :...

Webspell FIRSTBORN Movie-Addon - Blind SQL Injection

Webspell FIRSTBORN Movie-Addon - Blind SQL Injection ======================================================================================== | Title : Webspell FIRSTBORN Movie-Addon Blind SQL Injection Vulnerability | Author : Easy Laster | Script : Webspell FIRSTBORN Movie-Addon | Site :...

SoftXMLCMS Shell Upload

Exploit Title : softxmlcms Shell Upload Vulnerability Google Dork : Powered by softxmlcms Date : 2011-04-15 Author : Alexander Software Link : http://www.softxml.com Test On : Windows/asp/php CVE : Web Applications === Exploit === http://server/patch/XMLEditor2.0/uploadfile1.asp Select the Choose...

recordpress 0.3.1 - Multiple Vulnerabilities

---------------------------------------------------------------- WebApplication : RecordPress 0.3.1 Type of vunlnerability : CSRF Change Admin Password And XSS Risk of use : Medium ---------------------------------------------------------------- Producer Website : http://www.recordpress.org/...

Ruubik CMS 1.0.3 Cross Site Request Forgery / Cross Site Scripting

---------------------------------------------------------------- WebApplication : RuubikCMS Version 1.0.3 Type of vunlnerability : CSRF Change Admin Password And XSS Risk of use : Medium ---------------------------------------------------------------- Producer Website : http://www.ruubikcms.com/...

XSS in filter.subscription.prefix.monthDay parameter of /secure/FilterSubscription.jspa

http://172.16.230.130:8080/secure/FilterSubscription.jspa?filter.subscription.prefix.interval=180&groupName=jira-users&filter.subscription.prefix.runFromMins=00&nextRun=&filter.subscription.prefix.runToMins=00&filter.subscription.prefix.runToMeridian=pm&filter.subscription.prefix.week=2&filter.su...

Calpine Technologies BSQL Injection Vulnerability

Exploit for php platform in category web applications ================================================= Calpine Technologies BSQL Injection Vulnerability ================================================= 010101010101010101010101010101010101010101010101010101010 0 0 1 Iranian Datacoders Security...

eTicket pri Parameter Multiple SQLi Vulnerabilities

eTicket is prone to multiple SQL injection SQLi vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AToZed Software Intraweb Component for Borland Delphi and Kylix DoS vulnerability

Type: Deniel of Service Severity: Critical Title: AToZed Software IntraWeb Component for Borland Delphi and Kylix DoS vulnerability Date: January 23, 2007 Synopsys -------- A DoS vulnerability exists in the IntraWeb Component of AToZed Software. Background --------- IntraWeb is a RAD component fo...

Advanced Guestbook 2.2 ( SQL Injection Exploit )

Guestbook 2.2 webapplication PHP, MySQL appears vulnerable to SQL Injection granting the attacker administrator access. Target : http://www.example.com/GuestbookTarget/admin.php Username: ' or 1=1 / Password: NothingBlank Its Working On Advanced Guestbook 2.2 version 2.3.1 will fix this...