PHPKIT <= 1.6.1R2 (filecheck) Remote Commands Execution Exploit

No description provided by source. ?php ---PHPKIT161r2inclxpl.php 4.27 16/02/2006 PHPKIT = 1.6.1R2 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works with allowurlfopen = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: All men ca...

Moodle <= 1.6dev SQL Injection / Command Execution Exploit

No description provided by source. ?php moodle16devxpl.php 4.19 10/11/2005 Moodle = 1.6dev get record SQL injection / / remote commands execution by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! make these changes in php.ini if you have troubl...

phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo PHPWebSite = 0.10.2 remote cmmnds xctn\r\n; echo - arbitrary local inclusion, works with magicquotesgpc = Off\r\n; echo by rgod, mail: [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; if $argc4...

X7 Chat <= 2.0 (help_file) Remote Commands Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo X7 Chat =2.0 \helpfile\ arbitrary local inclusion\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n; echo - works regardless of magicquotesgpc settings\r\n; echo if avatar uploads a...

PHP 4.x/5.0.x File Upload GLOBAL Variable Overwrite Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15250/info PHP is prone to a vulnerability that allows attackers to overwrite the GLOBAL variable via HTTP POST requests. By exploiting this issue, remote attackers may be able to overwrite the GLOBAL variable. This may...

eFiction <= 2.0 Fake GIF Shell Upload Exploit

No description provided by source. ?php ---efiction20xpl.php 15.19 17/11/2005 eFiction = 2.0 fake GIF Shell Upload coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: If fighting is sure to result in victory, then you must fight,...

DocMGR <= 0.54.2 (file_exists) Remote Commands Execution Exploit

No description provided by source. ?php ---docmgr0542inclxpl.php 0.30 12/02/2006 DocMGR = 0.54.2 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested...

PHP-Stats <= 0.1.9.1 - Remote Commands Execution Exploit

No description provided by source. ?php ---phpstats0191xpl.php 04/03/2006 4.53.41 PHP-Stats = 0.1.9.1 optionadminpass overwrite / / remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works regardless of magicquotesgpc settings... usage: launch from Apache, fill...

PHPWebThings <= 1.4 (msg/forum) SQL Injection Exploit

No description provided by source. ?php ---phpwebth14xpl.php 10.47 16/11/2005 PHPWebThings 1.4 msg and forum SQL injection / Administrative credentials disclosure and remote commands execution coded by rgod site: http://rgod.altervista.org based on http://secunia.com/advisories/17410/, but here w...

phpBB <= 2.0.10 Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; @@@@@@@ @@@ @@@ @@@@@@ @@@ @@@ @@! @@@ @@! @@@ !@@ @@! @@@ @!@!!@! @!@ !@! !@@!! @!@!@!@! !!: :!! !!: !!! !:! !!: !!! : : : :.:: : ::.: : : : : phpBB = 2.0.10 remote commands exec exploit based on...

Most Sophisticated Android malware ever detected

A new piece of sophisticated Android malware has been discovered by security researchers at Kaspersky Labs. Dubbed as Backdoor.AndroidOS.Obad.a, it is the most sophisticated piece of Android malware ever seen. It exploits multiple vulnerabilities, blocks uninstall attempts, attempts to gain root...

Most Sophisticated Android malware ever detected

A new piece of sophisticated Android malware has been discovered by security researchers at Kaspersky Labs. Dubbed as Backdoor.AndroidOS.Obad.a, it is the most sophisticated piece of Android malware ever seen. It exploits multiple vulnerabilities, blocks uninstall attempts, attempts to gain root...

SAP SOAP RFC SXPG_COMMAND_EXECUTE Remote Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ This module is based on, inspired by, or is a port of a...

SAP SOAP RFC SXPG_CALL_SYSTEM Remote Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ This module is based on, inspired by, or is a port of a...

Microsoft Carries out Nitol Botnet Takedown

A botnet known as Nitol, built on the backs of PCs and laptops loaded with malware somewhere in the supply chain, was taken down by Microsoft. Microsoft’s Digital Crimes Unit was given permission this week by the U.S. District Court for the Eastern District of Virginia to take over the 3322.org...

New iOS Bug Lets Apps Run Unsigned Code

There is a bug in Apple iOS that enables an attacker to run unsigned code on a user’s device, circumventing the company’s checks on apps in the iTunes App Store. The bug, which researcher Charlie Miller identified, can be exploited by an app to take actions on the device without the user’s...

CVE-2010-5026

SQL injection vulnerability in winners.php in Science Fair In A Box SFIAB 2.0.6 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. NOTE: some of these details are obtained from third party information...

CVE-2010-5000

SQL injection vulnerability in login/loginindex.php in MCLogin System 1.1 and 1.2 allows remote attackers to execute arbitrary SQL commands via the myusername parameter aka Username field in a dologin action. NOTE: some of these details are obtained from third party information...

Android malware - Works on remote commands form encrypted blog

Android malware - Works on remote commands form encrypted blog Researchers from Trend Micro have spotted a piece of malicious software for Android. This is the first known Android malware that reads blog posts and interprets these as commands. It can also download and install additional...

Android malware - Works on remote commands form encrypted blog

Android malware - Works on remote commands form encrypted blog Researchers from Trend Micro have spotted a piece of malicious software for Android. This is the first known Android malware that reads blog posts and interprets these as commands. It can also download and install additional...