341 matches found
CPGNuke Dragonfly 9.0.6.1 Remote Commands Execution Exploit
No description provided by source. ?php ---dragonfly9.0.6.1inclxpl.php 20.15 07/02/2006 CPGNuke Dragonfly 9.0.6.1 remote commands execution through arbitrary local inclusion - Sun-Tzu Drangonfly killing - coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc...
SPIP <= 1.8.2g Remote Commands Execution Exploit
No description provided by source. ?php ---spip182gshellinjxpl.php 17.33 08/02/2006 SPIP = 1.8.2g remote commands execution coded by rgod site: http://retrogod.altervista.org - this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu:...
SPIP <= 1.8.2g Remote Commands Execution Exploit
Exploit for unknown platform in category web applications ================================================ SPIP this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Fighting with a large army under your command is nowise differen...
LoudBlog <= 0.4 arbitrary remote inclusion
------------- LoudBlog = 0.4 arbitrary remote inclusion ----------- software: site: http://loudblog.de/ description: "Loudblog is a sleek and easy-to-use Content Management System CMS for publishing media content on the web. It automatically generates a skinnable website and an RSS-Feed for...
LoudBlog <= 0.4 (path) Arbitrary Remote Inclusion Exploit
Exploit for unknown platform in category web applications ========================================================= LoudBlog LoudBlog 4.0 remote commands execution meta http-equiv="Content-Type" content="text/html;...
ashnews083.txt
Advisory 7 Title: AshWebStudio AshNews Multiple Vulnerabilities Author: 0ozeuso0 Contact: [email protected] Website: Security-mx.org Date: 01/02/2006 Risk: High Vendor Url: http://dev.ashwebstudio.com/?section=ashnews Affected Software: AshWebStudio AshNews Non Affected: We Are: olimpus klan...
phpDocumentor <= 1.3.0 rc4 Remote Commands Execution Exploit
Exploit for unknown platform in category web applications ============================================================ phpDocumentor PhpDocumentor body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: cross...
phpDocumentor <= 1.3.0 rc4 Remote Commands Execution Exploit
No description provided by source. ?php ---phpdocu130rc4inclxpl.php 13.06 29/12/2005 PhpDocumentor = 1.3.0 rc4 remote commands execution coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Confront your soldiers with the deed...
PHPGedView <= 3.3.7 Arbitrary Remote Code Execution Exploit
Exploit for unknown platform in category web applications =========================================================== PHPGedView PhpGedView body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: FFFFFF...
Flatnuke 2.5.6 privilege escalation / remote commands execution exploit
?php ---flatnuke256xpl.php 4.32 10/12/2005 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit works with magicquotesgpc off, try this with 2.5.5: http://www.milw0rm.com/id.php?id=1140 coded by rgod at http://rgod.altervista.org mail: retrogod at aliceposta it original advisor...
Flatnuke 2.5.6 Privilege Escalation / Remote Commands Execution Exploit
No description provided by source. ?php ---flatnuke256xpl.php 4.32 10/12/2005 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit works with magicquotesgpc off, try this with 2.5.5: http://www.milw0rm.com/id.php?id=1140 coded by rgod at http://rgod.altervista.org mail: retrogo...
Website Baker 2.6.0 - Authentication Bypass / Remote Code Execution
this works with magicquotesgpc off usage: launch from Apache, fill in requested fields, then go! Sun Tzu: "The control of a large force is the same principle as the control of a few men: it is merely a question of dividing up their numbers." errorreporting0; iniset"maxexecutiontime",0;...
SimpleBBS <= 1.1 Remote Commands Execution Exploit (c code)
No description provided by source. / SimpleBBS = v1.1 remote commands execution in c coded by: unitedasia v.Dec.7.2005 greetz: iloveyouma http://geography.about.com/library/maps/blrasia.htm http://www.lib.utexas.edu/maps/middleeastandasia/asiapol00.jpg $ gcc -o bbs bbs.c Usage ./bbs host /folder/...
SimpleBBS <= 1.1 Remote Commands Execution Exploit
No description provided by source. ?php ---simplebbs11xpl.php 19.42 02/12/2005 SimpleBBS = v1.1 remote commands execution coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "He wi...
Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit
No description provided by source. ?php ---zencart126dxpl.php 19.42 02/12/2005 Zen-Cart = 1.2.6d blind SQL injection / remote commands execution coded by rgod site: http://rgod.altervista.org - this works with magicquotesgpc both on & off usage: launch from Apache, fill in requested fields, then...
Zen Cart 1.2.6d - password_forgotten.php SQL Injection
Zen Cart 1.2.6d - passwordforgotten.php SQL Injection this works with magicquotesgpc both on & off usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "With his forces intact he will dispute the mastery of the Empire, and thus, without losing a man, his triumph will be complete...
Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================= Zen Cart this works with magicquotesgpc both on & off usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "With his forces intact he will dispute the...
Zen Cart 1.2.6d - 'password_forgotten.php' SQL Injection
this works with magicquotesgpc both on & off usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "With his forces intact he will dispute the mastery of the Empire, and thus, without losing a man, his triumph will be complete. This is the method of attacking by stratagem."...
PHPWebThings <= 1.4 (msg/forum) SQL Injection Exploit
No description provided by source. ?php ---phpwebth14xpl.php 10.47 16/11/2005 PHPWebThings 1.4 "msg" and "forum" SQL injection / Administrative credentials disclosure and remote commands execution coded by rgod site: http://rgod.altervista.org based on http://secunia.com/advisories/17410/, but he...
PHPWebThings 1.4 - msgforum SQL Injection
PHPWebThings 1.4 - msgforum SQL Injection ?php ---phpwebth14xpl.php 10.47 16/11/2005 PHPWebThings 1.4 "msg" and "forum" SQL injection / Administrative credentials disclosure and remote commands execution coded by rgod site: http://rgod.altervista.org based on http://secunia.com/advisories/17410/,...