sphpblog-exec.txt

3 curlsetopt $ch, CURLOPTCOOKIE, "$cook"; $res = curlexec $ch;$err=curlerror $ch ;if $err print "$err"; curlclose$ch; return $res; function error$msg print "$msg\nNot Exploitable";exit; extract$POST;extract$GET; print "URL:"; if strlen$eval3 $eval=stripslashes$eval; print "\nEnter PHP...

Simple PHP Blog (SPHPBlog) 0.5.1 - Code Execution

3 curlsetopt $ch, CURLOPTCOOKIE, "$cook"; $res = curlexec $ch;$err=curlerror $ch ;if $err print "$err"; curlclose$ch; return $res; function error$msg print "$msg\nNot Exploitable";exit; extract$POST;extract$GET; print "URL:"; if strlen$eval3 $eval=stripslashes$eval; print "\nEnter PHP...

Simple PHP Blog (SPHPBlog) 0.5.1 - Code Execution

Simple PHP Blog SPHPBlog 0.5.1 - Code Execution 3 curlsetopt $ch, CURLOPTCOOKIE, "$cook"; $res = curlexec $ch;$err=curlerror $ch ;if $err print "$err"; curlclose$ch; return $res; function error$msg print "$msg\nNot Exploitable";exit; extract$POST;extract$GET; print "URL:"; if strlen$eval3...

blogblaster-sql.txt

|| | | Blog Blaster id Remote SQL Injection Vulnerability | | |---------------------Hussin X----------------------| | | Author: Hussin X | | Home : www.tryag.cc/cc | | email: darkangelg85atYahooDoTcom | | | | | | | script :http://www.yourfreeworld.com/script/blogblaster.php | | DorK :...

CVE-2008-3564

Multiple directory traversal vulnerabilities in index.php in Dayfox Blog 4 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the 1 p, 2 cat, and 3 archive parameters. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC...

CVE-2008-3564

The CVE-2008-3564 entry concerns multiple directory traversal flaws in Dayfox Blog 4’s index.php. The vulnerability allows remote attackers to include and execute arbitrary local files by manipulating the dot-dot sequences in the (1) p, (2) cat, and (3) archive parameters. In some environments th...

Bo-blog跨站漏洞

看下ubb.php的代码： br / br / $regubbsearch = arraybr / .......br / "/\color=^\+?.+?\/color/i",br / "/\font=^\+?.+?\/font/i",br / ....... br / ;br / $regubbreplace = arraybr / ....... br / "span style="color: \2\1;"\2/span",br / "span style="font-family: \2\1;"\2/span",br / ....... br /...

Bo-blog文件包含漏洞

Bo-blog程序在程序逻辑方面没有处理存在本地文件包含漏洞，在Php5.0可能导致敏感信息泄露以及Php代码执行，在Php5.0直接导致远程代码执行。 Bo-Blog 2.0.1 SP1 http://bo-blog.com/ 临时解决方案 修改Php设置registerglobals = Off，可以暂时避免受此漏洞影响。...

Magnet Blog Sql Injection Vulnerability

Title:Magnet Blog Sql Injection Vulnerability Discovered by : AleminKrali Dork: "intitle:Magnet Blog" Download:www.aspindir.com/Goster/4217 Exploit:Http://www.site.com/scriptpath/yazidetay.asp?id=-999 union select 0,user,2,pass,4,5 from user Example:...

Dayfox Blog 4 Multiple Local File Inclusion Vulnerabilities

No description provided by source. ..:::::Dayfox Blog LOCAL FILE INCLUSION Vulnerbility ::::... Virangar Security Team www.virangar.net -------- Discoverd By :Virangar Security Team hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all iranian hackerz...

dayfox-lfi.txt

..:::::Dayfox Blog LOCAL FILE INCLUSION Vulnerbility ::::... Virangar Security Team www.virangar.net -------- Discoverd By :Virangar Security Team hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all iranian hackerz greetz:to my best friend in the...

Dayfox Blog 4 - Multiple Local File Inclusions

..:::::Dayfox Blog LOCAL FILE INCLUSION Vulnerbility ::::... Virangar Security Team www.virangar.net -------- Discoverd By :Virangar Security Team hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all iranian hackerz greetz:to my best friend in the...

Dayfox Blog 4 - Multiple Local File Inclusions

Dayfox Blog 4 - Multiple Local File Inclusions ..:::::Dayfox Blog LOCAL FILE INCLUSION Vulnerbility ::::... Virangar Security Team www.virangar.net -------- Discoverd By :Virangar Security Team hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all...

Dayfox Blog 4 Multiple Local File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications =========================================================== Dayfox Blog 4 Multiple Local File Inclusion Vulnerabilities =========================================================== -------- Discoverd By :Virangar Security Team hadihadi...

Alibaba network operators blog can insert malicious code-vulnerability warning-the black bar safety net

The author of the article: the attacker Sources of information: the security cordon www.hackeroo.com Article note: have to mA E-MAIL In the Alibaba net business blog allows us the filling of the Ali Mama advertising, but he did not filter out in addition to Ali's mom other than the address,so you...

CVE-2008-3388

Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote attackers to execute arbitrary SQL commands via the article parameter to 1 comaddok.php and 2 comlook.php...

Sql injection

Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote attackers to execute arbitrary SQL commands via the article parameter to 1 comaddok.php and 2 comlook.php...

CVE-2008-3388

CVE-2008-3388 affects Def-Blog 1.0.3, with documented SQL injection vulnerabilities that allow remote attackers to execute arbitrary SQL commands via the article parameter to two scripts: comaddok.php and comlook.php . The available sources confirm the vulnerable component and entry points but do...

CVE-2008-3388

Multiple SQL injection vulnerabilities in Def-Blog 1.0.3 allow remote attackers to execute arbitrary SQL commands via the article parameter to 1 comaddok.php and 2 comlook.php...

HIOX Random Ad 1.3 - Remote File Inclusion

HIOX Random Ad 1.3 - Remote File Inclusion HIOX Random Ad 1.3 hioxRandomAd.php hm RFI Vulnerability Ghost Hacker , R-h Team , Real Hack We Will Be Back Soon : Found by : Ghost Hacker - R-H Team - |, .-. .-. ,| My Blog : http://gh0st10.wordpress.com | o/ \o | My Email : [email protected] |/ /...