Waraxe IT Security Portal
Login or Register
July 9, 2025
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 51
Members: 0
Total: 51
Full disclosure
eSIM security research (GSMA eUICC compromise and certificatetheft)
Directory Traversal "Site Title" - bluditv3.16.2
XSS via SVG File Uploa - bluditv3.16.2
Stored XSS "Add New Content" Functionality - bluditv3.16.2
Session Fixation - bluditv3.16.2
iOS Activation Flaw Enables Pre-User Device Compromise andIdentity Exposure (iOS 18.5)
Remote DoS in httpx 1.7.0 – Out-of-Bounds Read via Malformed <title> Tag
CVE-2025-32978 - Quest KACE SMA Unauthenticated LicenseReplacement
CVE-2025-32977 - Quest KACE Unauthenticated Backup Upload
CVE-2025-32976 - Quest KACE SMA 2FA Bypass
CVE-2025-32975 - Quest KACE SMA Authentication Bypass
RansomLord (NG v1.0) anti-ransomware exploit tool
Disclosure Yealink Cloud vulnerabilities
: "Glass Cage" – Zero-Click iMessage ? Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
SEC Consult SA-20250612-0 :: Reflected Cross-Site Scripting in ONLYOFFICE Docs (DocumentServer)
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index
Search found 7 matches
[QUE]SQL Injection queries
PostForum:Sql injection Posted: Sat Feb 25, 2006 5:16 am Subject: [QUE]SQL Injection queries
Pi3cH
Replies: 0
Views: 7418




hi there

i have some question about below queries, could some one explain(analyze) them for me?

these queries use for blind sql injection.
1. AND (SELECT COUNT(name) FROM sysobjects ...
Injectable?
PostForum:Sql injection Posted: Tue Jan 17, 2006 2:24 pm Subject: Injectable?
Pi3cH
Replies: 3
Views: 10059




oh! i dont see the left part of =,

could you give live example?
Injectable?
PostForum:Sql injection Posted: Sat Jan 14, 2006 1:53 pm Subject: Injectable?
Pi3cH
Replies: 3
Views: 10059




could give me live example?

the $curpage limited at this line of code:
$curpage = ceil(($current) / 50);
Possible bug in phpnuke.org (PHP-Nuke 7.9)
PostForum:PhpNuke Posted: Tue Dec 27, 2005 3:45 pm Subject: Possible bug in phpnuke.org (PHP-Nuke 7.9)
Pi3cH
Replies: 3
Views: 13914




oh! advisory reportet by you Smile!

yes htmlspecialchars good solution.

is there any bug for this function of php? (nowdays many webapplications use it)
Possible bug in phpnuke.org (PHP-Nuke 7.9)
PostForum:PhpNuke Posted: Tue Dec 27, 2005 9:15 am Subject: cool!
Pi3cH
Replies: 3
Views: 13914




use:
<IMG SRC="jav&#x09;ascript:alert('XSS');"

i think the preg_match only search for < ends with > if we use tags with out > all of them works properly:

& ...
The Cross-site Scripting Virus / Cross-Site Scripting Worm
PostForum:Cross-site scripting aka XSS Posted: Sat Dec 24, 2005 3:22 pm Subject: The Cross-site Scripting Virus / Cross-Site Scripting Worm
Pi3cH
Replies: 2
Views: 10291




xss virus! cool Smile

it's act like others viruses with many limitation and also many future (platform independent, depend on 2 side)

thanks LINUX
Xss types, HTML Injection , script injection
PostForum:Cross-site scripting aka XSS Posted: Tue Dec 20, 2005 3:02 pm Subject: Xss types, HTML Injection , script injection
Pi3cH
Replies: 0
Views: 8661




hi there

i think u hear about HTML Injection or Script inection attacks, but they are type of XSS attack. you think so?

for example if something injected into HTML source code they (securityfocu ...
Page 1 of 1
All times are GMT


Powered by phpBB © 2001-2008 phpBB Group



PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.048 Seconds