Lucene search
+L

142 matches found

0day.today
0day.today
added 2009/01/12 12:0 a.m.48 views

Simple Machines Forum - Destroyer 0.1

Exploit for unknown platform in category web applications ===================================== Simple Machines Forum - Destroyer 0.1 ===================================== !/usr/bin/perl use LWP::UserAgent; use Getopt::Std; use LWP::Simple; use HTTP::Request; Author: Xianur0 Uxmal666atgmail.com...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2009/01/12 12:0 a.m.48 views

Simple Machines Forum (SMF) 1.0.13/1.1.5 - 'Destroyer 0.1' Password Reset Security Bypass

!/usr/bin/perl use LWP::UserAgent; use Getopt::Std; use LWP::Simple; use HTTP::Request; Author: Xianur0 Uxmal666atgmail.com Cracks links Password Recovery Find Temporary Files executed by mods DB function Flood by Error Log File Path Disclosure List installed Mods Useful To Find Mods Vulnerable...

7.4AI score
Exploits0
CVE
CVE
added 2008/08/10 8:0 p.m.47 views

CVE-2008-3562

CVE-2008-3562 describes a directory traversal vulnerability in the Contact module of Chupix CMS 0.1.0 . When magic_quotes_gpc is disabled, remote attackers can cause arbitrary local file inclusion/execution by using a ".." path traversal via the mods parameter in index.php. The vulnerability’s im...

5.1CVSS6.9AI score0.0192EPSS
Exploits1References4Affected Software2
CVE
CVE
added 2007/09/24 10:0 p.m.39 views

CVE-2007-5061

CVE-2007-5061 is a SQL injection in Clansphere 2007.4, specifically for the file mods/banners/navlist.php where the attacker can influence the cat_id parameter passed to index.php in a banners action. The underlying issue is an input-validated vulnerability that enables remote attackers to execut...

7.5CVSS8.3AI score0.01169EPSS
Exploits1References6Affected Software1
seebug.org
seebug.org
added 2007/09/23 12:0 a.m.24 views

Clansphere 2007.4 (cat_id) Remote SQL Injection Vulnerability

No description provided by source. Inclusion Hunter Team http://www.ihteam.net Clansphere 2007.4 Class: SQL Injection Found: 22/09/2007 Remote: Yes Site: http://www.clansphere.net/ Download: http://sourceforge.net/project/showfiles.php?groupid=95430 Author: R00TATI of IHTeam Contact:...

7.1AI score
Exploits0
CVE
CVE
added 2007/04/30 10:0 p.m.40 views

CVE-2007-2357

The CVE-2007-2357 entry describes a cross-site scripting (XSS) vulnerability in SineCMS 2.3.4, specifically in mods/Core/result.php, exploitable via the stringa parameter. Connected records (e.g., CVE-2007-6367) corroborate XSS in SineCMS 2.3.4 and earlier, via the guestbook fields, but the prima...

6.8CVSS5.6AI score0.02119EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2007/04/19 12:0 a.m.55 views

StoreFront for Gallery (GALLERY_BASEDIR) Remote File Inclusion Vulnerabilities

StoreFront for Gallery GALLERYBASEDIR Remote File Inclusion Vulnerabilities D.Script: http://www.dalton.net/ppstorefront/ppstorefront.zip Discovered by: Alkomandoz Hacker Homepage: http://Www.asb-may.net Exploit: mods/businessfunctions.php?GALLERYBASEDIR=Shell...

0.9AI score
Exploits0
Prion
Prion
added 2007/04/18 3:19 a.m.14 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in the StoreFront mods for Gallery allow remote attackers to execute arbitrary PHP code via a URL in the GALLERYBASEDIR parameter to 1 mods/businessfunctions.php or 2 mods/uifunctions.php...

6.8CVSS8.2AI score0.03237EPSS
Exploits0References7
CVE
CVE
added 2007/04/18 2:20 a.m.47 views

CVE-2007-2068

CVE-2007-2068 describes multiple PHP remote file inclusion vulnerabilities in the StoreFront mods for Gallery. An attacker can supply a URL in the GALLERY_BASEDIR parameter to either mods/business_functions.php or mods/ui_functions.php, enabling remote code execution on the affected system. The d...

6.8CVSS7.7AI score0.03237EPSS
Exploits0References7Affected Software1
0day.today
0day.today
added 2007/04/16 12:0 a.m.25 views

StoreFront for Gallery (GALLERY_BASEDIR) RFI Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ StoreFront for Gallery GALLERYBASEDIR RFI Vulnerabilities ============================================================ StoreFront for Gallery GALLERYBASEDIR Remote File Inclusion...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/03/15 12:0 a.m.27 views

WebCreator <= 0.2.6-rc3 (moddir) Remote File Inclusion Vulnerability

No description provided by source. \ /\ / | \ | / // / | | \ \ Y / | / / \ /\| /\ / / / / / .OR.ID ECHOADV74$2007 ------------------------------------------------------------------------------------- ECHOADV74$2007 WebCreator = 0.2.6-rc3 moddir Remote File Inclusion Vulnerability...

7.1AI score
Exploits0
0day.today
0day.today
added 2007/03/13 12:0 a.m.24 views

WebCreator <= 0.2.6-rc3 (moddir) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ==================================================================== WebCreator = 0.2.6-rc3 moddir Remote File Inclusion Vulnerability ==================================================================== \ /\ \ / | \ \ | / \ // / | \ | \...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/02/24 12:0 a.m.48 views

phpBB Module NoMoKeTos Rules 0.0.1 - Remote File Inclusion

!/usr/bin/perl phpBB Module NoMoKeTos Rules 0.0.1 Remote File Include Exploit Coded by bd0rk || SOH-Crew Usage: exploit.pl target cmd shell shell variable Greetings: str0ke, TheJT, Kacper, Lu7k, Maik Vulnerable Code: includeonce$phpbbrootpath . 'includes/functionsadmin.'.$phpEx; vendor:...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/02/24 12:0 a.m.31 views

phpBB Module NoMoKeTos Rules 0.0.1 Remote File Include Exploit

Exploit for unknown platform in category web applications ============================================================== phpBB Module NoMoKeTos Rules 0.0.1 Remote File Include Exploit ============================================================== !/usr/bin/perl phpBB Module NoMoKeTos Rules 0.0.1...

7.1AI score
Exploits0
CVE
CVE
added 2006/10/18 7:0 p.m.38 views

CVE-2006-5387

The CVE-2006-5387 entry describes a PHP remote file inclusion flaw in the PlusXL 20_272 and earlier phpBB module, specifically in mods/iai/includes/constants.php, allowing an attacker to execute arbitrary PHP code by supplying a URL to the phpbb_root_path parameter. The vulnerability relies on a ...

7.5CVSS8AI score0.03282EPSS
Exploits1References7Affected Software1
myhack58
myhack58
added 2006/10/05 12:0 a.m.26 views

CTB arbitrary file include vulnerability-vulnerability warning-the black bar safety net

Introduction CTBChina Text Bulletinthe Forum is a free domestic text Forum. Since the code is relatively Mature and the text of the Forum of the convenient features used in the country more widely. Previously had a rough turn of the change the forum code found aXSSvulnerabilities, due to school...

8AI score
Exploits0
CVE
CVE
added 2006/03/28 8:0 p.m.44 views

CVE-2006-1427

CVE-2006-1427 involves multiple cross-site scripting (XSS) vulnerabilities in WebAPP 0.9.9.3.2 and earlier. The affected component is the web application’s CGI interfaces, specifically cgi-bin/index.cgi (parameters: action, id, num, board, cat, real, viewcat, img, curcatname) and /mods/calendar/i...

4.3CVSS5.8AI score0.02474EPSS
Exploits0References9Affected Software1
exploitpack
exploitpack
added 2005/09/16 12:0 a.m.12 views

Stoney FTPd - rxBot mods ftpd Denial of Service

Stoney FTPd - rxBot mods ftpd Denial of Service / untested /str0ke / / rx-dos.c by D-oNe There exists a buffer overflow in Stoneys FTPd that most rxBot mod's use. The problem lies in how the code parses the PORT command and gives an opportunity for a buffer overflow. Problem is that the ftpd also...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2005/09/16 12:0 a.m.38 views

Stoney FTPd - &#039;rxBot mods ftpd&#039; Denial of Service

/ untested /str0ke / / rx-dos.c by D-oNe There exists a buffer overflow in Stoneys FTPd that most rxBot mod's use. The problem lies in how the code parses the PORT command and gives an opportunity for a buffer overflow. Problem is that the ftpd also uses select to handle multiple connections. So...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/09/09 12:0 a.m.150 views

DC++ and its mods remote DoS in bzip2 decompression routine

DC++ and its mods remote DoS in bzip2 decompression routine Critical Security research: http://www.critical.lt Original advisory may be found: http://www.critical.lt/?vulnerabilities/22 PoC file may be found here: http://www.critical.lt/research/dc.zip Vulnerable product: DC++ and its mods all...

7.1AI score
Exploits0
Rows per page
Query Builder