Flatnuke <= 2.5.8 file() Priv Escalation / Code Execution Exploit

Exploit for unknown platform in category web applications ================================================================= Flatnuke 126...

Flatnuke 2.5.8 - file() Privilege Escalation Code Execution

Flatnuke 2.5.8 - file Privilege Escalation Code Execution !/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexo...

SendCard 3.4.0 - Unauthorized Administrative Access

SendCard 3.4.0 - Unauthorized Administrative Access !/usr/bin/php -q -d shortopentag=on php injection\n"; echo " works against magicquotesgpc=Off\n"; echo " 2 - arbitrary remote inclusion\n"; echo " works against allowurlfopen=On\n"; echo " 3 - arbitrary local inclusion\n"; echo " works regardles...

ToendaCMS 1.0.0 - &#039;FCKeditor&#039; Arbitrary File Upload

!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r\n"; return $exa."\r\n".$result; $proxyregex =...

X7 Chat &lt;= 2.0 (help_file) Remote Commands Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "X7 Chat =2.0 "helpfile" arbitrary local inclusion\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n"; echo "- works regardless of magicquotesgpc settings\r\n"; echo " if avatar...

phpWebSite &lt;= 0.10.2 (hub_dir) Remote Commands Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "PHPWebSite = 0.10.2 remote cmmnds xctn\r\n"; echo "- arbitrary local inclusion, works with magicquotesgpc = Off\r\n"; echo "by rgod, mail: [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; i...

PHP121 Instant Messenger 1.4 - Remote Code Execution

PHP121 Instant Messenger 1.4 - Remote Code Execution !/usr/bin/php -q -d shortopentag=on works with magicquotesgpc = Off\r\n\r\n"; echo "a dork: inurl:php121login.php | inurl:php121im.php | intitle:"PHP121 - PLEASE"\r\n\r\n"; if $argc4 echo "Usage: php ".$argv0." host path cmd OPTIONS\r\n"; echo...

Simplog &lt;= 0.9.2 (s) Remote Commands Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "Simplog = 0.9.2 "s" remote cmmnds xctn\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "dork: intext:"Powered by simplog"\r\n\r\n"; if $argc5 echo "Usage: php...

Simplog <= 0.9.2 (s) Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ====================================================== Simplog \r\n"; die; / software site: http://www.simplog.or...

PT-2006-2670 · Md · Md-Pro

Name of the Vulnerable Software and Affected Versions: MD-Pro versions 1.0.72 through 1.0.73, and possibly other versions prior to 1.076 Description: The issue allows remote attackers to execute arbitrary SQL commands via the topicid parameter in a "display" action. This is due to improper handli...

phpMyChat <= 0.14.5 (SYS enter) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ============================================================= phpMyChat query"INSERT INTO ".CMSGTBL." VALUES $T, '$R', 'SYS exit', '', ".time.", '', 'sprintfLEXITROM, "".specialchar$U,$Latin1,1.""'"; $kicked = 3; ... have a look to "T"...

Claroline &lt;= 1.7.4 (scormExport.inc.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "Claroline = 1.7.4 "scormExport.inc.php" remote cmmnds xctn\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "- works with registerglobals = On & allowurlfopen =...

CuteNews 1.4.1 - function.php Local File Inclusion

CuteNews 1.4.1 - function.php Local File Inclusion CuteNews 1.4.1 user Hash password Finder CuteNews 1.4.1 and Below user Hash password Finder Security ? . Bug Discovered and Exploited by Hamid Ebadi .: Hamid Network Security Team :. Happy Norouz PERSIAN new year celebration Greetz to all Iranian...

Gallery <= 2.0.3 stepOrder[] Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ============================================================== Gallery autisticiorg \r\n"; echo "site: http://retrogod.altervista.org \r\n\r\n"; echo "- works with registerglobals = On and magicquotesgpc = Off \r\n"; if $argc5 echo "Usage:...

PHP-Stats &lt;= 0.1.9.1 remote commands execution

------------- PHP-Stats = 0.1.9.1 remote commands execution ------------------- software: site: http://www.phpstats.net/ description: Open source statistical package for PHP enabled web sites -------------------------------------------------------------------------------- i vulnerable code in...

PHP-Stats &lt;= 0.1.9.1 Remote Commands Execution Exploit

No description provided by source. ?php ---phpstats0191xpl.php 04/03/2006 4.53.41 PHP-Stats = 0.1.9.1 optionadminpass overwrite / / remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works regardless of magicquotesgpc settings... usage: launch from Apache, fill...

PHP-Stats 0.1.9.1 - Remote Commans Execution

PHP-Stats 0.1.9.1 - Remote Commans Execution works regardless of magicquotesgpc settings... usage: launch from Apache, fill in requested fields, then go! Sun-Tzu:"Of old, the rise of the Yin dynasty was due to I Chih who had served under the Hsia. Likewise, the rise of the Chou dynasty was due to...

PHP-Stats <= 0.1.9.1 Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ====================================================== PHP-Stats works regardless of magicquotesgpc settings... usage: launch from Apache, fill in requested fields, then go! Sun-Tzu:"Of old, the rise of the Yin dynasty was due to I Chih wh...

igenus_remote.txt

!/usr/bin/perl use IO::Socket; print "\r\n"; print "iGENUS WebMail works against PHP5 with registerglobals = On\r\n"; print " & allowurlfopen = On\r\n"; print "by rgod rgodautisticiorg\r\n"; print "site: http://retrogod.altervista.org\r\n\r\n"; print "dork: intitle:"igenus webmail login"\r\n";...

iGENUS WebMail &lt;= 2.0.2 (config_inc.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; print "\r\n"; print "iGENUS WebMail = 2.0.2 remote commads xctn\r\n"; print "- works against PHP5 with registerglobals = On\r\n"; print " & allowurlfopen = On\r\n"; print "by rgod rgodATautisticiDOTorg\r\n"; print "site:...