Tags archives: search

 

 

 

 

0

VX Search Enterprise GET Buffer Overflow

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of VX Search Enterprise v9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86. Source: VX Search Enterprise GET Buffer […]

The post VX Search Enterprise GET Buffer Overflow appeared first on MondoUnix.

 

0

Gogs Repository Search SQL Injection

Unauthenticated SQL Injection in Gogs repository search ======================================================= Researcher: Timo Schmid <tschmid@ernw.de>     Description =========== Gogs(Go Git Service) is a painless self-hosted Git Service written in Go. (taken from [1])   It is very similiar to the github hosting plattform. Multiple users can create multiple repositories and share code with others with the git [...]

 

0

OK Google, dopo mesi arriva anche in Italia silenziosamente

 

0

Drupal 7.26 Custom Search 7.x-1.13 Cross Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1   Vulnerability Report     Author: Justin C. Klein Keane <justin@madirish.net> Reported: 19 Feb, 2014     Description of Vulnerability: - ----------------------------- Drupal (http://drupal.org) is a robust content management system (CMS) written in PHP and MySQL. The Custom Search module "alters the default search box in many ways. If [...]

 

0

Joomla AceSearch 3.0 Cross Site Scripting

#Title : Joomla Component AceSearch Cross Site Scripting   #Author : DevilScreaM   #Date : 5 January 2014   #Category : Web Applications   #Product : http://www.joomace.net/joomla-extensions/acesearch/   #Version : 3.0   #Type : PHP   #Greetz : 0day-id.com | newbie-security.or.id | Borneo Security | Indonesian Security Indonesian Hacker | Indonesian Exploiter | Indonesian Cyber [...]

 

0

Marketing Development Script SQL Injection

# Exploit Title; Marketing Development Script SQL Injection Vulnerability # Date; 3/12/12 # Author; 3spi0n # Script Vendor or Software Link; http://www.marketingdev.com/ # Category; Webapps # Type; SQL Injection [MySQLi] # Tested on; Ubuntu 12.10 / Win7 / Backtrack 5   [#] Demo Analyzing ;   http://SITE/gazzettino_articolo.php?id=90' [MySQLi Vuln.]   [#] Vulnerable Details ;   [...]

 

0

SmartCMS SQL Injection

=============================================================================================================   [o] SmartCMS <= SQL Injection Vulnerability   Software : SmartMS Vendor : http://smartcms.nl/ Author : NoGe Contact : noge[dot]code[at]gmail[dot]com Blog : http://evilc0de.blogspot.com/   =============================================================================================================   [o] Exploit   http://localhost/[path]/index.php?idx=[SQLi]     [o] PoC   http://localhost/[path]/index.php?idx=123+AND+1=2+UNION+ALL+SELECT+version()--   =============================================================================================================   [o] Greetz   Vrs-hCk OoN_BoY Paman zxvf s4va Angela Zhang stardustmemory aJe kaka11 matthews wishnusakti [...]