Traidnt Gallery - Arbitrary Add Admin

Traidnt Gallery - Arbitrary Add Admin || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ team wlhaan hacker | | // | | |...

Traidnt Gallery add Admin Exploit

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...

webLeague 2.2.0 - install.php Remote Change Password

webLeague 2.2.0 - install.php Remote Change Password TiGeR-Dz WebLeague 2.2.0 install.phpRemote Change Password By: TiGeR-Dz POC :http://www.victim.com/path/install.php Put Name and password : Dork:"powered by: WebLeague" TiGeR-Dz milw0rm.com 2009-07-16...

webLeague 2.2.0 - 'install.php' Remote Change Password

TiGeR-Dz WebLeague 2.2.0 install.phpRemote Change Password By: TiGeR-Dz POC :http://www.victim.com/path/install.php Put Name and password : Dork:"powered by: WebLeague" TiGeR-Dz milw0rm.com 2009-07-16...

webLeague 2.2.0 (install.php) Remote Change Password Exploit

Exploit for unknown platform in category web applications ============================================================ webLeague 2.2.0 install.php Remote Change Password Exploit ============================================================ WebLeague 2.2.0 install.phpRemote Change Password By:...

PHP-Agenda <= 2.2.5 Remote File Overwriting Vulnerabilities

No description provided by source. Salvatore "drosophila" Fresta + Application: PHP-agenda + Version: = 2.2.5 + Website: http://php-agenda.sourceforge.net + Bugs: A Remote File Overwriting + Exploitation: Remote + Date: 10 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvator...

PHP-Agenda 2.2.5 - Remote File Overwriting

PHP-Agenda 2.2.5 - Remote File Overwriting Salvatore "drosophila" Fresta + Application: PHP-agenda + Version: PHP-agenda To execute commands: http://www.site.com/path/config.inc.php?cmd=uname -a + Fix You must delete install.php after installation. milw0rm.com 2009-04-10...

PHP-Agenda 2.2.5 File Overwrite

Salvatore "drosophila" Fresta + Application: PHP-agenda + Version: PHP-agenda To execute commands: http://www.site.com/path/config.inc.php?cmd=uname -a + Fix You must delete install.php after installation...

CVE-2008-2219

Cross-site scripting XSS vulnerability in install.php in C-News.fr C-News 1.0.1 allows remote attackers to inject arbitrary web script or HTML via the etape parameter...

C-News 1.0.1 - install.php Cross-Site Scripting

C-News 1.0.1 - install.php Cross-Site Scripting source: https://www.securityfocus.com/bid/28989/info C-News is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the brows...

Directory traversal

Multiple directory traversal vulnerabilities in CoronaMatrix phpAddressBook 2.11 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the skin parameter to 1 index.php and 2 install.php. NOTE: it was later reported that vector 1 is also present in 2.0...

CVE-2008-0489

CVE-2008-0489 describes a directory traversal in install.php of Clansphere 2007.4.4. The vulnerability allows remote attackers to include and execute arbitrary local files by supplying a .. in the lang parameter. Affected component: install.php; vulnerable function/file path handling leads to loc...

ClanSphere 2007.4.4 Remote File Disclosure Vulnerability.

-------------------------------------------------------------- ClanSphere 2007.4.4 Remote File Disclosure Vulnerability. -------------------------------------------------------------- download : http://sourceforge.net/projects/clansphere/ author : p4imi0 contact : [email protected] exploit :...

clansphere-disclose.txt

-------------------------------------------------------------- ClanSphere 2007.4.4 Remote File Disclosure Vulnerability. -------------------------------------------------------------- download : http://sourceforge.net/projects/clansphere/ author : p4imi0 contact : [email protected] exploit :...

Cross site scripting

Cross-site scripting XSS vulnerability in install.php for Moodle 1.8.3, and possibly other versions before 1.8.4, allows remote attackers to inject arbitrary web script or HTML via the dbname parameter. NOTE: this issue only exists until the installation is complete...

CVE-2008-0123

CVE-2008-0123 is an XSS vulnerability in Moodle 1.8.3 (and possibly earlier than 1.8.4) where the dbname parameter during installation can be exploited to inject arbitrary scripts/HTML. Exploitation details are not provided in the sources; no explicit patch/version fix is detailed. Fedora/OpenVAS...

CVE-2007-5835

Install.php in BosDev BosNews 4 and 5 does not require authentication for replacing an existing product installation or creating a new admin account, which allows remote attackers to cause a denial of service overwritten files and possibly obtain administrative access...

CVE-2007-5835

Install.php in BosDev BosNews 4 and 5 does not require authentication for replacing an existing product installation or creating a new admin account, which allows remote attackers to cause a denial of service overwritten files and possibly obtain administrative access...

CVE-2007-5835

CVE-2007-5835 affects BosDev BosNews 4 and 5, where Install.php does not require authentication for replacing an existing installation or creating a new admin account. The described impact is denial of service via overwritten files and the possibility of obtaining administrative access. No explic...

Design/Logic Flaw

install.php in Drupal 5.x before 5.3, when the configured database server is not reachable, allows remote attackers to execute arbitrary code via vectors that cause settings.php to be modified...