phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection

No description provided by source. $Id: phpldapadminqueryengine.rb 14060 2011-10-25 05:25:39Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

CiviCRM for Joomla 4.2.2 - Remote Code Injection

No description provided by source. Exploit Title: joomla component comcivicrm remode code injection exploit Google Dork:Index of /joomla/administrator/components/comcivicrm/civicrm/packages/OpenFlashChart Date: 20/04/2013 Exploit Author: iskorpitx Vendor Homepage: http://civicrm.org Software Link...

Link Request Contact Form 3.4 - Remote Code Execution Vulnerability

No description provided by source. -=--------------------ADVISORY-------------------=- Link Request Contact Form v3.4 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Link Request Contact Form -=+ Version: 3.4 -=+ Vendor's URL:...

Tiki Wiki CMS Groupware <= 8.2 (snarf_ajax.php) Remote PHP Code Injection

No description provided by source. ------------------------------------------------------------------------- Tiki Wiki CMS Groupware = 8.2 snarfajax.php Remote PHP Code Injection ------------------------------------------------------------------------- author...........: Egidio Romano aka EgiX...

XML-RPC Library <= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit

No description provided by source. tested and working /str0ke !/usr/bin/perl ilo-- This program is no GPL or has nothing to do with FSF, but some code was ripped from romansoft.. sorry, too lazy! xmlrpc bug by James from GulfTech Security Research. http://pear.php.net/bugs/bug.php?id=4692 xmlrpc...

Dolphin <= 7.0.7 (member_menu_queries.php) Remote PHP Code Injection

No description provided by source. ?php / ---------------------------------------------------------------------------- Dolphin = 7.0.7 membermenuqueries.php Remote PHP Code Injection Exploit ---------------------------------------------------------------------------- author...............: EgiX...

Eaton Network Shutdown Module <= 3.21 - Remote PHP Code Injection

No description provided by source. !/usr/bin/env python Quick 'n' Dirty - Metasploit module didn't do it for me 2013 - Filip Waeytens - http://www.wsec.be Usage Example: $ python eaton.py 192.168.1.9 net user User accounts for \...

txtForum 1.0.3/1.0.4 - Remote PHP Script Code Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17061/info txtForum is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to facilitate a compromise of the application and the underlying system; other attacks are also possible. form...

WebCalendar 1.2.4 Pre-Auth Remote Code Injection

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

OSTicket 1.2/1.3 - Multiple Input Validation and Remote Code Injection Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13478/info osTicket is affected by multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Reportedly the application permits the inclusion...

PAJAX <= 0.5.1 - Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; print PAJAX Remote Code Injection - code by: Stoney - exploit found by: RedTeam\n; if $ARGV0 && $ARGV1 $host = $ARGV0; $path = $ARGV1; $sock = IO::Socket::INET-new Proto = tcp, PeerAddr = $host, PeerPort = 80 || die connecterror\n;...

phpliteadmin <= 1.9.3 - Remote PHP Code Injection Vulnerability

No description provided by source. Exploit Title: phpliteadmin = 1.9.3 Remote PHP Code Injection Vulnerability Google Dork: inurl:phpliteadmin.php Default PW: admin Date: 01/10/2013 Exploit Author: L@usch - http://la.usch.io - http://la.usch.io/files/exploits/phpliteadmin-1.9.3.txt Vendor Homepag...

TP Link Gateway 3.12.4 - Multiple Vulnerabilities

No description provided by source. Title: ====== TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities Date: ===== 2012-06-15 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=613 VL-ID: ===== 613 Common Vulnerability Scoring System: ====================================...

TikiWiki Project 1.8 User Profile Multiple Option Arbitrary Remote Code Injection

No description provided by source. source: http://www.securityfocus.com/bid/10100/info Multiple vulnerabilities have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting,...

Yarssr 0.2.2 GUI.PM Remote Code Injection Vulnerability

No description provided by source. source: www.securityfocus.com/bid/26273/info Yarssr is prone to a remote code-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to inject and execute arbitrary malicious Perl code with the...

HostBill App 2.3 - Remote Code Injection Vulnerability

No description provided by source. =-=-=-=-=-=-=-=-=-=-=-=-=-=-In The Name Of Allah, The Most Beneficent, The Most Merciful-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tybe: suffering from RemotE injection php code Vendor:hostbillapp.com + Software:HostBill + Version : v2.3 + author:Dr.DaShE TEAM: Team...

FusionPHP Fusion News 3.3/3.6 X-ForwordedFor PHP Script Code Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13661/info FusionPHP Fusion News is prone to a remote PHP code injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This may facilitate unauthorized access. ...

Dokeos LMS <= 1.8.5 (whoisonline.php) PHP Code Injection Exploit

No description provided by source. ?php / ----------------------------------------------------------------------- Dokeos LMS = 1.8.5 whoisonline.php Remote PHP Code Injection Exploit ----------------------------------------------------------------------- author...: EgiX mail.....:...

phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection Exploit

No description provided by source. ?php / ------------------------------------------------------------------------ phpLDAPadmin = 1.2.1.1 queryengine Remote PHP Code Injection Exploit ------------------------------------------------------------------------ author...............: EgiX...

Maxwebportal <= 1.36 password.asp Change Password Exploit (1 - html)

No description provided by source. !-- Hi, I'm Soroush Dalili from Grayhatz Security Group GSG . I found dangerous sql injection in Maxwebportal version 1.35,1.36,2.0, 20050418 Next Remote user can inject his/her code in memKey var. and change other users password in password.asp Exploit codes to...