This exploit is used to cause a denial of service attack on VBulletin. It tested on V3.6.3 and requires Image Verification in (search.php) to be disabled. The exploit is a Perl Script which uses Socket to send a POST request to the host and directory specified in the arguments.
A vulnerability exists in vBulletin ads_saed 1.5 (bnnr.php) which allows an attacker to inject malicious SQL queries into the application. An attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database.
This is a 0day DOS issue for Drupal Core that use cache stressing with random parameter on multiple requests.
WPd0s.sh is a 0day DOS issue for Wordpress Core that use cache stressing with random parameter on multiple requests.
SQL Injection in view.php,variable username. Anyway, all sites i saw which are powered by this script are hosted on Apache,and have a mod_rewrite enabled,so you need to try this: http://inthewild/view/admi'n.html You need to add .html at the end.
The vulnerability exists due to the application fails to properly sanitize user-supplied input passed via the 'dizin' parameter in the 'http://server/[dizin]/database/db.mdb' URL. A remote attacker can exploit this vulnerability to disclose the application's database.
The vulnerability allows an attacker to download any file from the system by exploiting a lack of filtering of malicious characters in the com_rd_download component of Joomla.
Wing FTP server web based administration panel provides option to view logs. An attacker can exploit this vulnerability by sending a malicious string to the server, which will create a new administrator with the username and password specified in the string.
This is a 0day DOS issue for joomla Core that use cache stressing with random parameter on multiple requests.
A vulnerability exists in the Joomla Component com_airmonoblock, which allows an attacker to inject malicious SQL queries and gain access to admin login credentials. This is done by sending a specially crafted HTTP request to the vulnerable server, containing malicious SQL code in the 'id' parameter. The malicious code is then executed by the server, allowing the attacker to gain access to the admin login credentials.
Services By CQR