what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from DevilBox

kapda-18.txt

Posted Dec 31, 2005

Authored by DevilBox | Site KAPDA.ir

KAPDA Advisory #18 - Various WebWiz scripts suffer from SQL injection vulnerabilities due to a lack of input sanitization in check_user.asp. Details on exploitation provided.

tags | exploit, vulnerability, sql injection, asp

SHA-256 | 47d9f7e6f77dbf6c77a9d24bd85c5239b1dae742ef993af3a16cb86904a1d76e

Download | Favorite | View

Punbb-1.2.8.txt

Posted Oct 21, 2005

Authored by DevilBox | Site KAPDA.ir

"Search.php" in Punbb versions 1.2.8 and earlier does not properly validate user-supplied input. A remote user can create specially crafted parameter values that will execute SQL commands on the underlying database. POC included.

tags | advisory, remote, php

SHA-256 | ef14a68dd3dad542f61ee592dc81bdb6aebfcf8062ee30128e663c593850becf

Download | Favorite | View

aenovoSQL.txt

Posted Oct 8, 2005

Authored by DevilBox, Farhad Koosha | Site kapda.ir

Aenovo is susceptible to multiple SQL injection and cross site scripting vulnerabilities. Details provided.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | 43a29a44230d7d18568c832c99fa41dce36ae895792641634b5197bb81828619

Download | Favorite | View