DM FileManager Remote File Inclusion

!/usr/bin/env python Title: DM FileManager securityfile Remote File Inclusion Exploit CVE: ????-???? Reference: http://secunia.com/advisories/35622/ Author: infodox Site: http://insecurety.net/ Twitter: @infodox Old news, just practicin' my python :3 import requests import sys vulnurl =...

QNAP Turbo NAS 3.7.3 File Disclosure

Exploit for hardware platform in category web applications Vulnerability: Multiple Path Injection Product: QNAP Turbo NAS Vendor: QNAP Version affected: = 3.7.3 build 20120801 Status: Unpatched Website: http://web.qnap.com/prodetailfeature.asp?pid=202 Discovered by: Andrea Fabrizi Email:...

WordPress SEM WYSIWYG Arbitrary File Upload

Exploit Title: Wordpress sem WYSIWYG Arbitrary File Upload Vulnerability Google Dork: inurl:wp-content/plugins/sem-wysiwyg/ Date: 08/22/2012 Author: Crim3R Tested on: all ================================== D3m0:...

WordPress Chenpress Shell Upload

Exploit Title : Wordpress chenpress Plugin Arbitrary File Upload Vulnerability Author : IrIsT.Ir Discovered By : Am!r Home : http://IrIsT.Ir/forum Software Link : http://wordpress.org Security Risk : High Version : All Version Tested on : GNU/Linux Ubuntu - Windows Server - win7 Dork :...

CVE-2012-3805

Multiple cross-site scripting XSS vulnerabilities in the getAllPassedParams function in system/functions.php in Kajona before 3.4.2 allow remote attackers to inject arbitrary web script or HTML via the 1 absendername, 2 absenderemail, or 3 absendernachricht parameter to the content page; 4...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the getAllPassedParams function in system/functions.php in Kajona before 3.4.2 allow remote attackers to inject arbitrary web script or HTML via the 1 absendername, 2 absenderemail, or 3 absendernachricht parameter to the content page; 4...

Umapresence Multiple Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

e107 Plugin - Filemanager Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

XOOPS Cube PROJECT FileManager - 'xupload.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/53945/info FileManager is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker may leverage this issue to upload arbitrary files to the...

XOOPS Cube PROJECT FileManager - xupload.php Arbitrary File Upload

XOOPS Cube PROJECT FileManager - xupload.php Arbitrary File Upload source: https://www.securityfocus.com/bid/53945/info FileManager is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An...

XoopsCube Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

XoopsCube Module (FileManager) Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

CMS-AhMeBa Professional Shell Upload

Exploit Title: CMS-AhMeBa Profesional fckeditor Arbitrary File Upload Vendor: Macronia.cl Vulnerability: Arbitrary File Upload Date: May 19, 2012 Author: Shinee [email protected] @shinee Tested on: linux -Exploit http://site.cl/FCKeditor/editor/filemanager/connectors/uploadtest.html...

e-Rapido 3.3.2 SQL Injection

In The Name Of Allah ============================================================================== e-Rapido v3.3.2 SQL Injuction ============================================================================== » Title : e-Rapido v3.3.2 SQL Injuction » Author : HackStorm » Email : [email protected]...

miniCMS v1.0 => v2.0 Arbitrary File Upload

Exploit for php platform in category web applications Title : miniCMS v1.0 = v2.0 Arbitrary File Upload Author : Or4nG.M4n Version : all version GDork : "This site is managed using MiniCMSŠ" Download : http://sourceforge.net/projects/mini-cms/files/mini-cms/ Thnks :...

Fastmail 2 Shell Upload

. \ \ | | | / | \ | | / | \ \ / | |/ / / / \ | | \ |/ \ | | / /\ | \ | /\ / / / / / /// .ORG + Info================================================================= - Title : Fastmail V.2 Script Arbitrary File Upload Vulnerability - Author: Net.Edit0r - Home : Black-HG.Org h4ckcity.org -...

FCKEditor Core - FileManager test.html Arbitrary File Upload (2)

FCKEditor Core - FileManager test.html Arbitrary File Upload 2 In The Name Of GOD + Title:FCKeditor all version Arbitrary File Upload Vulnerability + Date: 2011 + script:http://sourceforge.net/projects/fckeditor/ + Author : pentesters.ir + Website : WwW.PenTesters.IR...

FCKEditor Core - 'FileManager test.html' Arbitrary File Upload (2)

In The Name Of GOD + Title:FCKeditor all version Arbitrary File Upload Vulnerability + Date: 2011 + script:http://sourceforge.net/projects/fckeditor/ + Author : pentesters.ir + Website : WwW.PenTesters.IR --------------------------------------------------------- 1.create a htaccess file: code:...

WordPress Wysi 0.0.2 Shell Upload

Exploit Title: WordPress Wysi Plugin Arbitrary File upload Vulnerability Date: June, 14th 2011 GMT +7 Author: Net.Edit0r Software Link: http://wordpress.org/extend/plugins/real-wysiwyg/ Version : 0.0.2 Tested on: ubuntu 11.04 CVE : -...

CMS Made Simple 1.9.4.1 Shell Upload

!/usr/bin/perl sub logo print STDERR Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail : submitat1337day.com 1 0 0 1 1 0 I'm KedAns-Dz member from Inj3ct0r Team 1 1 0...