NOCC Webmail <= 1.0 (Local Inclusion) Remote Code Execution Exploit

Exploit for unknown platform in category web applications =================================================================== NOCC Webmail works regardless of any magicquotesgpc settings dork: "powered by nocc" intitle:"NOCC Webmail" -site:sourceforge.net -Zoekinalles.nl -analysis Sun-Tzu: "Knowi...

cpg_143_incl_xpl

this works regardless of any php.ini settings, you need a normal user account with upload rights in personal albums and at least one album usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "The direct and the indirect lead on to each other in turn. It is like moving in a...

GeekLog 1.* (error.log) Remote Commands Execution Exploit (gpc = Off)

No description provided by source. !/usr/bin/perl -w use IO::Socket; print "\r\n"; print "| Geeklog 1. remote commands execution |\r\n"; print "| By rgod rgodATautisticiDOTorg |\r\n"; print "| site: http://retrogod.altervista.org |\r\n"; print "| |\r\n"; print "\r\n"; print "| - this works agains...

PHPKIT &lt;= 1.6.1R2 (filecheck) Remote Commands Execution Exploit

No description provided by source. ?php ---PHPKIT161r2inclxpl.php 4.27 16/02/2006 PHPKIT = 1.6.1R2 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works with allowurlfopen = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "All men c...

EnterpriseGS 1.0 rc4 - Remote Command Execution

EnterpriseGS 1.0 rc4 - Remote Command Execution works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Thus the energy developed by good fighting men is as the momentum of a round stone rolled down a mountain thousands of feet in height. So much on the subject ...

EnterpriseGS <= 1.0 rc4 Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ========================================================= EnterpriseGS works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Thus the energy developed by good fighting men is as the momentum of a round...

FlySpray 0.9.7 (install-0.9.7.php) Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ==================================================================== FlySpray 0.9.7 install-0.9.7.php Remote Commands Execution Exploit ==================================================================== works against PHP5 usage: launch...

FlySpray 0.9.7 (install-0.9.7.php) Remote Commands Execution Exploit

No description provided by source. ?php ---flyspray097php5inclxpl.php 19.57 13/02/2006 FlySpray 0.9.7 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Therefore the goo...

FlySpray 0.9.7 - &#039;install-0.9.7.php&#039; Remote Command Execution

works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Therefore the good fighter will be terrible in his onset, and prompt in his decision" / short explaination: found this bug in FlySpray, exploiting EGS Enterprise Groupware System 1.0 rc4, see this link for...

EnterpriseGS &lt;= 1.0 rc4 Remote Commands Execution Exploit

No description provided by source. ?php ---egs10rc4php5inclxpl.php 17.57 13/02/2006 EGS Enterprise Groupware System =1.0 rc4 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5 usage: launch from Apache, fill in requested fields, then go!...

DocMGR &lt;= 0.54.2 (file_exists) Remote Commands Execution Exploit

No description provided by source. ?php ---docmgr0542inclxpl.php 0.30 12/02/2006 DocMGR = 0.54.2 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested...

DocMGR 0.54.2 - file_exists Remote Command Execution

DocMGR 0.54.2 - fileexists Remote Command Execution works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "The quality of decision is like the well-timed swoop of a falcon which enables it to strike and destroy i...

DocMGR <= 0.54.2 (file_exists) Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ================================================================ DocMGR works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "The quality of decision is...

RunCMS 1.2 - class.forumposts.php Remote File Inclusion

RunCMS 1.2 - class.forumposts.php Remote File Inclusion ?php ---runcms13axpl.php 17.30 09/02/2006 RunCMS = 1.2 arbitrary remote inclusion exploit " = 1.3a shell upload through FCKEditor coded by rgod site: http://retrogod.altervista.org usage: launch from Apache, fill in requested fields, then go...

SPIP <= 1.8.2g Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ================================================ SPIP this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Fighting with a large army under your command is nowise differen...

SPIP &lt;= 1.8.2g Remote Commands Execution Exploit

No description provided by source. ?php ---spip182gshellinjxpl.php 17.33 08/02/2006 SPIP = 1.8.2g remote commands execution coded by rgod site: http://retrogod.altervista.org - this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu:...

CPGNuke Dragonfly 9.0.6.1 Remote Commands Execution Exploit

No description provided by source. ?php ---dragonfly9.0.6.1inclxpl.php 20.15 07/02/2006 CPGNuke Dragonfly 9.0.6.1 remote commands execution through arbitrary local inclusion - Sun-Tzu Drangonfly killing - coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc...

LoudBlog <= 0.4 (path) Arbitrary Remote Inclusion Exploit

Exploit for unknown platform in category web applications ========================================================= LoudBlog LoudBlog 4.0 remote commands execution meta http-equiv="Content-Type" content="text/html;...

phpDocumentor <= 1.3.0 rc4 Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ============================================================ phpDocumentor PhpDocumentor body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: cross...

phpDocumentor &lt;= 1.3.0 rc4 Remote Commands Execution Exploit

No description provided by source. ?php ---phpdocu130rc4inclxpl.php 13.06 29/12/2005 PhpDocumentor = 1.3.0 rc4 remote commands execution coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Confront your soldiers with the deed...