Use the file header trick to get WebShell-vulnerability warning-the black bar safety net

Author: Mr. Sun & Sean Source: www.Cduhacker.Com Brother first timers,do not understand place,please Hai Han ! Administrator, boss,don't delete my posts ha...deleted before to consider your own safety haha. Purely a joke. Fee words not say more,start the chase ! Tomorrow to the exam,anyway,...

vBulletin <= 3.0.8 Accessible Database Backup Searcher (update 3)

Exploit for unknown platform in category web applications ================================================================= vBulletin include include include include include include define SERVERPORT 80 char getdateint b static char datestring40; timet ttt; int minustime; minustime=86400 b;...

vBulletin 3.0.8 - Accessible Database Backup Searcher (3)

/ Needed to pentest a few vBulletin forums so I wrote this junk real quick. Reference: http://securitytracker.com/alerts/2005/Aug/1014805.html Good paths: /forum/ / /forum/archive/ /forum/cpadmin/ Update 1: Code error fixes. /str0ke [email protected] Update 2: Fixed datestring-version for...

quickForum.txt

Quick.Forum 'topic field' XSS and 'page' & 'iCategory' SQL injection vendor url:http://qc.dotgeek.org/os/index.php?p=productsQuickForum advisore:http://lostmon.blogspot.com/2005/05/quickforum-topic-field-xss-and-page.html vendor notify: yes exploit available: yes Quick.Forum contais a flaw which...

fusionDB.pl.txt

!/usr/bin/perl D A R K A S S A S S I N S C R E W 2 0 0 5 Dark Assassins - http://dark-assassins.com/ Visit us on IRC @ irc.tddirc.net DarkAssassins phpfusiondb.pl; Version 0.1 22/06/05 PHP-Fusion db backup proof-of-concept by Easyex Database backup vuln in v6.00.105 and below Description: When a ...

PHP-Fusion &lt;= 6.00.105 Accessible Database Backups Download Exploit

No description provided by source. !/usr/bin/perl D A R K A S S A S S I N S C R E W 2 0 0 5 Dark Assassins - http://dark-assassins.com/ Visit us on IRC @ irc.tddirc.net DarkAssassins phpfusiondb.pl; Version 0.1 22/06/05 PHP-Fusion db backup proof-of-concept by Easyex Database backup vuln in...

PHP-Fusion 6.00.105 - Accessible Database Backups Download

!/usr/bin/perl D A R K A S S A S S I N S C R E W 2 0 0 5 Dark Assassins - http://dark-assassins.com/ Visit us on IRC @ irc.tddirc.net DarkAssassins phpfusiondb.pl; Version 0.1 22/06/05 PHP-Fusion db backup proof-of-concept by Easyex Database backup vuln in v6.00.105 and below Description: When a ...

CVE-2005-2013

The CVE-2005-2013 entry concerns paFAQ 1.0 Beta 4, a PHP/MySQL web application. The described vulnerability allows remote attackers to access admin/backup.php directly, which contains a backup of the database including usernames and passwords. This exposure could reveal administrator credentials ...

CVE-2005-1944

xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp...

CVE-2005-1944

xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp...

PHP-Fusion Database Backup Disclosure

A vulnerability exists in the remote version of PHP-Fusion that may allow an attacker to obtain a dump of the remote database. PHP-Fusion has the ability to create database backups and store them on the web server, in the directory '/fusionadmin/dbbackups/'. Since there is no access control on th...

PHP-Fusion Database Backup Information Disclosure

Binary data 2128.prm...

PHP-Fusion Database Backup - Information Disclosure

PHP-Fusion Database Backup - Information Disclosure source: https://www.securityfocus.com/bid/10974/info It is reported that PHP-Fusion is susceptible to a database backup information disclosure vulnerability. An anonymous remote attacker may be able to download a complete database backup from th...

PHP-Fusion Database Backup - Information Disclosure

source: https://www.securityfocus.com/bid/10974/info It is reported that PHP-Fusion is susceptible to a database backup information disclosure vulnerability. An anonymous remote attacker may be able to download a complete database backup from the server. Authentication would not be required. A...