what you don't know can hurt you
Showing 101 - 125 of 15,382 RSS Feed

SQL Injection Files

Persian VIP Download Script 1.0 SQL Injection
Posted Mar 10, 2020
Authored by S3FFR

Persian VIP Download Script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a994e49a3ac90c485503fa75737fe6a2
60CycleCMS 2.5.2 SQL Injection
Posted Mar 9, 2020
Authored by Unkn0wn

60CycleCMS version 2.5.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c2949b82eed1016ff1e00cd651d36dc2
IRISgraphic 1.0 SQL Injection
Posted Mar 7, 2020
Authored by Milad Karimi

IRISgraphic version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e88ef6e9bb385b39e2c45f33070a36ad
Sentrifugo HRMS 3.2 SQL Injection
Posted Mar 6, 2020
Authored by minhnb

Sentrifugo HRMS version 3.2 suffers from a remote SQL injection vulnerability. This version of this software already had a remote SQL injection issue reported to Packet Storm in August of 2018. This is a variant.

tags | exploit, remote, sql injection
MD5 | 0d99d5aa9807980574353cac5658915c
SQLMAP - Automatic SQL Injection Tool 1.4.3
Posted Mar 5, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | 441532375d2cf56bdce09438da062dfd
Ubuntu Security Notice USN-4296-1
Posted Mar 4, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4296-1 - Norbert Szetei discovered that Django incorrectly handled the GIS functions and aggregates on Oracle. A remote attacker could possibly use this issue to perform an SQL injection attack.

tags | advisory, remote, sql injection
systems | linux, ubuntu
advisories | CVE-2020-9402
MD5 | 0e88fdf09d5ee84a51c897d800e2a9b4
XOO Digital 2.1.0 SQL Injection
Posted Mar 4, 2020
Authored by indoushka

XOO Digital version 2.1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9818040eb97253552e16699d8221e159
EyesOfNetwork AutoDiscovery Target Command Execution
Posted Mar 3, 2020
Authored by Brendan Coles, Clement Billac, Erik Wynter | Site metasploit.com

This Metasploit module exploits multiple vulnerabilities in EyesOfNetwork version 5.3 and prior in order to execute arbitrary commands as root. This module takes advantage of a command injection vulnerability in the target parameter of the AutoDiscovery functionality within the EON web interface in order to write an Nmap NSE script containing the payload to disk. It then starts an Nmap scan to activate the payload. This results in privilege escalation because the apache user can execute Nmap as root. Valid credentials for a user with administrative privileges are required. However, this module can bypass authentication via two methods, i.e. by generating an API access token based on a hard-coded key, and via SQL injection. This module has been successfully tested on EyesOfNetwork 5.3 with API version 2.4.2.

tags | exploit, web, arbitrary, root, vulnerability, sql injection
advisories | CVE-2020-8654, CVE-2020-8655, CVE-2020-8656, CVE-2020-8657
MD5 | 3a699f2aa100664503fd2a6553c99d29
GUnet OpenEclass 1.7.3 SQL Injection
Posted Mar 3, 2020
Authored by emaragkos

GUnet OpenEclass version 1.7.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 18def0d7f68c9cdbae554622c23fb562
PhpIX 2012 Professional (Beta) SQL Injection
Posted Feb 26, 2020
Authored by indoushka

PhpIX 2012 Professional (Beta) suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7fbef1912efd9284d0eff62c2acdb7ed
Easy2Pilot 8 SQL Injection / Cross Site Request Forgery
Posted Feb 26, 2020
Authored by indoushka

Easy2Pilot version 8 suffers from remote SQL injection, backdoor account, and cross site request forgery vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
MD5 | 3dc823fa20db6c112729bef3639ba903
eLection 2.0 SQL Injection
Posted Feb 24, 2020
Authored by J3rryBl4nks

eLection version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 21c89432c2f325cebad6e5e970f163e3
ATutor 2.2.4 SQL Injection
Posted Feb 23, 2020
Authored by Andrey Stoykov

ATutor version 2.2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 05e02fc9aa8bc3c72988cf433e38df02
AMSS++ 4.31 SQL Injection
Posted Feb 21, 2020
Authored by indoushka

AMSS++ version 4.31 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7a2f4c394576c72f47569db0d159cb4f
Debian Security Advisory 4629-1
Posted Feb 19, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4629-1 - Simon Charette discovered that Django, a high-level Python web development framework, did not properly handle input in its PostgreSQL module. A remote attacker could leverage this to perform SQL injection attacks.

tags | advisory, remote, web, sql injection, python
systems | linux, debian
advisories | CVE-2020-7471
MD5 | 7e07874d7a173247c4f6e41cb62f2cdc
SOPlanning 1.45 SQL Injection
Posted Feb 15, 2020
Authored by J3rryBl4nks

SOPlanning version 1.45 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | ec84825ba294188a751657c615e0f774
phpMyChat Plus 1.98 SQL Injection
Posted Feb 14, 2020
Authored by J3rryBl4nks

phpMyChat Plus version 1.98 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9213f3b689c839421d7a82a9fae9f8ba
SuiteCRM 7.11.10 SQL Injection
Posted Feb 13, 2020
Authored by EgiX | Site karmainsecurity.com

SuiteCRM versions 7.11.10 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2020-8804
MD5 | e563a245d3450a08dc89409be7d351e6
QuickDate 1.3.2 SQL Injection
Posted Feb 10, 2020
Authored by Ihsan Sencan

QuickDate version 1.3.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f2edf1bbfd6b35a274e7d0fc1835c365
PackWeb Formap E-learning 1.0 SQL Injection
Posted Feb 9, 2020
Authored by Amel Bouziane-Leblond

PackWeb Formap E-learning version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6c1dbdb44fb300528dd1ae9b45081486
EyesOfNetwork 5.3 Remote Code Execution
Posted Feb 8, 2020
Authored by Clement Billac

EyesOfNetwork version 5.3 suffers from code execution and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection
advisories | CVE-2020-8654, CVE-2020-8655, CVE-2020-8656
MD5 | bc3327dd510c720ed37f54d8f81edded
Cisco Data Center Network Manager 11.2.1 SQL Injection
Posted Feb 6, 2020
Authored by mr_me

Cisco Data Center Network Manager version 11.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
systems | cisco
advisories | CVE-2019-15976, CVE-2019-15984
MD5 | e52727f67ec73f54a1870891d9e11891
Online Job Portal 1.0 SQL Injection
Posted Feb 6, 2020
Authored by Ihsan Sencan

Online Job Portal version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9838637c46339e8b9870a9befa3cc142
Ubuntu Security Notice USN-4264-1
Posted Feb 4, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4264-1 - Simon Charette discovered that Django incorrectly handled input in the PostgreSQL module. A remote attacker could possibly use this to perform SQL injection attacks.

tags | advisory, remote, sql injection
systems | linux, ubuntu
advisories | CVE-2020-7471
MD5 | 354141f536e7d9a2fc6e49d90f564db9
SQLMAP - Automatic SQL Injection Tool 1.4.2
Posted Feb 3, 2020
Authored by Bernardo Damele | Site sqlmap.sourceforge.net

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

Changes: Multiple updates.
tags | tool, web, overflow, arbitrary, vulnerability, sql injection
systems | unix
MD5 | abd19f5b92dea0a58bfe8b75c5186526
Page 5 of 616
Back34567Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    12 Files
  • 4
    Jul 4th
    1 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    25 Files
  • 7
    Jul 7th
    35 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close