Abtp Portal Project 0.1.0 LFI Exploit

No description provided by source. !/usr/bin/perl =about ---------------------------------------------------------------------------------------------------- Name : Abtp Portal Project = 1.0 Site : http://sourceforge.net/projects/abtpportal/ Down :...

Intruder Client 1.00 Remote Command Execution & DoS Exploit

No description provided by source. !/usr/bin/perl Intruder Command Execution DOS Exploit -------------------------------------- Infam0us Gr0up - Securiti Research ? Version: libwww-perl-5.76 + Connecting to 127.0.0.1.. + Connected + Backup for files..DONE + Build malicious pages..DONE + Open CDRo...

Php AdminPanel Free version 1.0.5 - Remote File Disclosure Vuln

No description provided by source. Php AdminPanel Free version 1.0.5 Remote File Disclosure AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://ircrash.com My Official WebSite : http://r3dw0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina...

WordPress Switchblade Themes Arbitrary 1.3 - File Upload Vulnerability

No description provided by source. . . . \ \ | / \ \ \ | || / \ / / \ / |/ \ / | / \ / / /| | |/ \ \ \ // \ / / | \ /\ / | \ \ \ / \ //\ |\ | /\ // | /|\ / / / / / / / Exploit Title: WordPress Switchblade Themes Arbitrary File Upload Vulnerability Author: Byakuya Date: 11/01/2013...

Apple Safari file:// Arbitrary Code Execution

No description provided by source. $Id: safarifilepolicy.rb 13967 2011-10-17 03:49:49Z todb $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Pollen CMS 0.6 (index.php, p param) - Local File Disclosure

No description provided by source. Title: Pollen CMS = 0.6 - Local File Disclosure Google Dork: intext:Powered by Pollen CMS Date: 25 Mars 2013 Exploit Author: MizoZ Vendor Homepage: pollencms.com BROKEN Software Link: https://code.google.com/p/pollencms/ Version: 0.6 Tested on: Ubuntu Desktop...

Ipswitch WS_FTP Server 5.0.x CD Command Malformed File Path Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11065/info WSFTP Server is reported prone to a remote denial of service vulnerability. This issue presents itself when the application processes a malformed file path through the 'cd' command. WSFTP Server version 5.0.2 i...

Max Guestbook 1.0 - Multiple Vulnerabilities

No description provided by source. Exploit Title: Maxs Guestbook Google Dork: Powered by PHP F1 Date: 14/03/2012 Author: n0tch aka andmuchmore Software Link: http://www.phpf1.com/download.html?dl=18 Version: 1.0 Tested on: Windows 7 / LinuxUbuntu +-- LFI --+...

Zanfi CMS lite 1.2 - Multiple Local File Inclusion Vulnerabilities

No description provided by source. +Zanfi CMS lite / Jaw Portal free index.php page Multiple Local File Inclusion +Discovered by SirGod +MorTal TeaM +Greetz E.M.I.N.EM,Ras,Puscasmarin,ToxicBlood,HrN,Kemrayz,007m + Dork : Powered by: Zanfi Solutions + Local File Inclusion PoC :...

SOTEeSKLEP <= 3.5RC9 (file) Remote File Disclosure Vulnerability

No description provided by source. SOTEeSKLEP Remote File Disclosure Vulnerability Script : SOTEeSKLEP Versions: 3.1RC8, 3.5RC1, 3.5RC4, 3.5RC9, and i think other. Site : http://www.sote.pl Bug: ... if ! empty$REQUESTfile $file=$REQUEST'file';...

Ninja Blog 4.8 - Remote Information Disclosure Vulnerability

No description provided by source. Vendor: http://ninjadesigns.co.uk Versions: Ninja Blog 4.8 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/index.php?s=ad&id=6 ---- Due to insufficient validation of client-side data, we can alt...

Fully Modded phpBB <= 2021.4.40 Multiple File Include Vulnerabilities

No description provided by source. Fully Modded phpBB 2 Remote File Include PHPBB Exploit 2 Source Code: http://phpbbfm.net/support/indexfm.php http://kent.dl.sourceforge.net/sourceforge/phpbbfm/FM2021-4-40.tar.gz Vulnerable Code: include'includes/common.php'; $phpbbrootpath = $foingrootpath...

Gradman <= 0.1.3 (agregar_info.php) Local File Inclusion Exploit

No description provided by source. --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ Gradman = 0.1.3 agregarinfo.php?tabla= Local File Inclusion Exploit +==--...

DouPHP轻量级企业建站系统后台任意文件删除缺陷

简要描述： 某处未验证删除的文件路径，导致可以删除任意文件。 官网演示站测试通过 详细说明： 漏洞文件: /admin/backup.php 第161行 / +---------------------------------------------------------- 备份删除 +---------------------------------------------------------- / if $REQUEST'rec' == 'del' $sqlfilename = $GET'sqlfilename'; if $POST'confirm' if...

Linux Kernel 3.13 - SGID Privilege Escalation

Linux Kernel 3.13 - SGID Privilege Escalation / CVE-2014-4014 Linux Kernel Local Privilege Escalation PoC Vitaly Nikolenko http://hashcrack.org Usage: ./poc filepath where filepath is the file on which you want to set the sgid bit / define GNUSOURCE include include include include include include...

Linux Kernel 3.13 - SGID Privilege Escalation

/ CVE-2014-4014 Linux Kernel Local Privilege Escalation PoC Vitaly Nikolenko http://hashcrack.org Usage: ./poc filepath where filepath is the file on which you want to set the sgid bit / define GNUSOURCE include include include include include include include include include define STACKSIZE 1024...

PT-2014-3429 · Foreman · Foreman

Name of the Vulnerable Software and Affected Versions: Foreman versions prior to 1.4.5 Foreman versions 1.5.x prior to 1.5.1 Description: The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the path parameter to the "tftp/fetch boot file" endpoint...

Files Desk Pro 1.4 iOS - Local File Inclusion

Document Title: =============== Files Desk Pro v1.4 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1266 Release Date: ============= 2014-05-16 Vulnerability Laboratory ID VL-ID: ====================================...

FineCMS v1.8任意文件下载

简要描述： 代码审计是个技术活，需要很好的耐心.. o︶︿︶o 详细说明： 出现问题的版本是FineCMS V1.8.0 最新版。 1.顺藤摸瓜 漏洞文件：controllers/ApiController.php downAction方法 public function downAction $data = fnauthcodebase64decode$this-get'file', 'DECODE'; $file = isset$data'finecms' && $data'finecms' ? $data'finecms' : ''; if empty$file...

Files Desk Pro v1.4 iOS - File Include Web Vulnerability

Document Title: =============== Files Desk Pro v1.4 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1266 Release Date: ============= 2014-05-15 Vulnerability Laboratory ID VL-ID: ====================================...