656 matches found
PHPGedView <= 3.3.7 Arbitrary Remote Code Execution Exploit
Exploit for unknown platform in category web applications =========================================================== PHPGedView PhpGedView body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: FFFFFF...
flatnuke256_xpl.txt
?php ---flatnuke256xpl.php 4.32 10/12/2005 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit works with magicquotesgpc off, try this with 2.5.5: http://www.milw0rm.com/id.php?id=1140 coded by rgod at http://rgod.altervista.org mail: retrogod at aliceposta it original advisor...
Flatnuke 2.5.6 privilege escalation / remote commands execution exploit
?php ---flatnuke256xpl.php 4.32 10/12/2005 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit works with magicquotesgpc off, try this with 2.5.5: http://www.milw0rm.com/id.php?id=1140 coded by rgod at http://rgod.altervista.org mail: retrogod at aliceposta it original advisor...
Flatnuke 2.5.6 Privilege Escalation / Remote Commands Execution Exploit
No description provided by source. ?php ---flatnuke256xpl.php 4.32 10/12/2005 Flatnuke 2.5.6 privilege escalation / remote commands execution exploit works with magicquotesgpc off, try this with 2.5.5: http://www.milw0rm.com/id.php?id=1140 coded by rgod at http://rgod.altervista.org mail: retrogo...
Website Baker 2.6.0 - Authentication Bypass / Remote Code Execution
this works with magicquotesgpc off usage: launch from Apache, fill in requested fields, then go! Sun Tzu: "The control of a large force is the same principle as the control of a few men: it is merely a question of dividing up their numbers." errorreporting0; iniset"maxexecutiontime",0;...
SimpleBBS <= 1.1 Remote Commands Execution Exploit (c code)
Exploit for unknown platform in category web applications =========================================================== SimpleBBS !--total 188 drwxrwxrwx 2 f1 f1 4096 Dec 6 17:02 . drwxr-xr-x 7 f1 f1 4096 Nov 17 2002 .. -rw-r--r-- 1 f1 f1 916 Oct 20 09:30 WSFTP.LOG -rwxrwxrwx 1 f1 f1 28 Nov 17 2002...
SimpleBBS <= 1.1 Remote Commands Execution Exploit (c code)
No description provided by source. / SimpleBBS = v1.1 remote commands execution in c coded by: unitedasia v.Dec.7.2005 greetz: iloveyouma http://geography.about.com/library/maps/blrasia.htm http://www.lib.utexas.edu/maps/middleeastandasia/asiapol00.jpg $ gcc -o bbs bbs.c Usage ./bbs host /folder/...
SimpleBBS <= 1.1 Remote Commands Execution Exploit
No description provided by source. ?php ---simplebbs11xpl.php 19.42 02/12/2005 SimpleBBS = v1.1 remote commands execution coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "He wi...
Zen Cart 1.2.6d - password_forgotten.php SQL Injection
Zen Cart 1.2.6d - passwordforgotten.php SQL Injection this works with magicquotesgpc both on & off usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "With his forces intact he will dispute the mastery of the Empire, and thus, without losing a man, his triumph will be complete...
Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================= Zen Cart this works with magicquotesgpc both on & off usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "With his forces intact he will dispute the...
Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit
No description provided by source. ?php ---zencart126dxpl.php 19.42 02/12/2005 Zen-Cart = 1.2.6d blind SQL injection / remote commands execution coded by rgod site: http://rgod.altervista.org - this works with magicquotesgpc both on & off usage: launch from Apache, fill in requested fields, then...
Zen Cart 1.2.6d - 'password_forgotten.php' SQL Injection
this works with magicquotesgpc both on & off usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "With his forces intact he will dispute the mastery of the Empire, and thus, without losing a man, his triumph will be complete. This is the method of attacking by stratagem."...
PHPX 3.5.x - 'Admin 'login.php' SQL Injection
source: https://www.securityfocus.com/bid/15680/info PHPX is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result in a compromise of the application...
Guppy <= 4.5.9 (REMOTE_ADDR) Remote Commands Execution Exploit
No description provided by source. ?php if magicquotesgpc is off you can inject arbitrary php code from rgod /str0ke ---guppy459xpl.php 17.30 28/11/2005 Guppy =4.5.9 SERVERREMOTEADDR overwrite / remote commands xctn coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in...
Guppy <= 4.5.9 (REMOTE_ADDR) Remote Commands Execution Exploit
Exploit for unknown platform in category web applications ============================================================== Guppy Guppy style type="text/css"...
eFiction <= 2.0 Fake GIF Shell Upload Exploit
Exploit for unknown platform in category web applications ============================================= eFiction eFiction body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color:...
Mambo 4.5.2 - Globals Overwrite Remote Command Execution
Mambo 4.5.2 - Globals Overwrite Remote Command Execution Mambo body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: F...
PHPWebThings <= 1.4 (msg/forum) SQL Injection Exploit
No description provided by source. ?php ---phpwebth14xpl.php 10.47 16/11/2005 PHPWebThings 1.4 "msg" and "forum" SQL injection / Administrative credentials disclosure and remote commands execution coded by rgod site: http://rgod.altervista.org based on http://secunia.com/advisories/17410/, but he...
PHPWebThings 1.4 - msgforum SQL Injection
PHPWebThings 1.4 - msgforum SQL Injection ?php ---phpwebth14xpl.php 10.47 16/11/2005 PHPWebThings 1.4 "msg" and "forum" SQL injection / Administrative credentials disclosure and remote commands execution coded by rgod site: http://rgod.altervista.org based on http://secunia.com/advisories/17410/,...
XOOPS 2.2.3 Final arbitrary local inclusion / XOOPS WF-Downloads module v 2.05 SQL Injection
11.04 12/11/2005 1XOOPS 2.2.3 Final arbitrary local inclusion 2XOOPS WF-Downloads module v 2.05 SQL Injection / Administrative credentials disclousre / Remote commands execution software: site: http://www.xoops.org/ description: "XOOPS is an extensible, OO Object Oriented, easy to use dynamic web...