Waraxe IT Security Portal
Login or Register
July 19, 2025
Menu
Home
Logout
Discussions
Forums
Members List
IRC chat
Tools
Base64 coder
MD5 hash
CRC32 checksum
ROT13 coder
SHA-1 hash
URL-decoder
Sql Char Encoder
Affiliates
y3dips ITsec
Md5 Cracker
User Manuals
AlbumNow
Content
Content
Sections
FAQ
Top
Info
Feedback
Recommend Us
Search
Journal
Your Account
User Info
Welcome, Anonymous
Nickname
Password
(Register)

Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144

People Online:
Visitors: 96
Members: 0
Total: 96
Full disclosure
Missing Critical Security Headers in OpenBlow
SAP NetWeaver S/4HANA - ABAP Code Execution via InternalFunction
Tiki Wiki CMS Groupware <= 28.3 Two Server-Side TemplateInjection Vulnerabilities
KL-001-2025-011: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery
KL-001-2025-010: Schneider Electric EcoStruxure IT Data Center Expert Privilege Escalation
KL-001-2025-009: Schneider Electric EcoStruxure IT Data Center Expert Remote Command Execution
KL-001-2025-008: Schneider Electric EcoStruxure IT Data Center Expert Root Password Discovery
KL-001-2025-007: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Remote Code Execution
KL-001-2025-006: Schneider Electric EcoStruxure IT Data Center Expert XML External Entities Injection
eSIM security research (GSMA eUICC compromise and certificatetheft)
Directory Traversal "Site Title" - bluditv3.16.2
XSS via SVG File Uploa - bluditv3.16.2
Stored XSS "Add New Content" Functionality - bluditv3.16.2
Session Fixation - bluditv3.16.2
iOS Activation Flaw Enables Pre-User Device Compromise andIdentity Exposure (iOS 18.5)
Log in Register Forum FAQ Memberlist Search
IT Security and Insecurity Portal

www.waraxe.us Forum Index
Search found 7 matches
[QUE]SQL Injection queries
PostForum:Sql injection Posted: Sat Feb 25, 2006 5:16 am Subject: [QUE]SQL Injection queries
Pi3cH
Replies: 0
Views: 7430




hi there

i have some question about below queries, could some one explain(analyze) them for me?

these queries use for blind sql injection.
1. AND (SELECT COUNT(name) FROM sysobjects ...
Injectable?
PostForum:Sql injection Posted: Tue Jan 17, 2006 2:24 pm Subject: Injectable?
Pi3cH
Replies: 3
Views: 10083




oh! i dont see the left part of =,

could you give live example?
Injectable?
PostForum:Sql injection Posted: Sat Jan 14, 2006 1:53 pm Subject: Injectable?
Pi3cH
Replies: 3
Views: 10083




could give me live example?

the $curpage limited at this line of code:
$curpage = ceil(($current) / 50);
Possible bug in phpnuke.org (PHP-Nuke 7.9)
PostForum:PhpNuke Posted: Tue Dec 27, 2005 3:45 pm Subject: Possible bug in phpnuke.org (PHP-Nuke 7.9)
Pi3cH
Replies: 3
Views: 13941




oh! advisory reportet by you Smile!

yes htmlspecialchars good solution.

is there any bug for this function of php? (nowdays many webapplications use it)
Possible bug in phpnuke.org (PHP-Nuke 7.9)
PostForum:PhpNuke Posted: Tue Dec 27, 2005 9:15 am Subject: cool!
Pi3cH
Replies: 3
Views: 13941




use:
<IMG SRC="jav&#x09;ascript:alert('XSS');"

i think the preg_match only search for < ends with > if we use tags with out > all of them works properly:

& ...
The Cross-site Scripting Virus / Cross-Site Scripting Worm
PostForum:Cross-site scripting aka XSS Posted: Sat Dec 24, 2005 3:22 pm Subject: The Cross-site Scripting Virus / Cross-Site Scripting Worm
Pi3cH
Replies: 2
Views: 10310




xss virus! cool Smile

it's act like others viruses with many limitation and also many future (platform independent, depend on 2 side)

thanks LINUX
Xss types, HTML Injection , script injection
PostForum:Cross-site scripting aka XSS Posted: Tue Dec 20, 2005 3:02 pm Subject: Xss types, HTML Injection , script injection
Pi3cH
Replies: 0
Views: 8675




hi there

i think u hear about HTML Injection or Script inection attacks, but they are type of XSS attack. you think so?

for example if something injected into HTML source code they (securityfocu ...
Page 1 of 1
All times are GMT


Powered by phpBB © 2001-2008 phpBB Group



PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.038 Seconds