662 matches found
Guppy <= 4.5.9 (REMOTE_ADDR) Remote Commands Execution Exploit
Exploit for unknown platform in category web applications ============================================================== Guppy Guppy style type="text/css"...
eFiction <= 2.0 Fake GIF Shell Upload Exploit
Exploit for unknown platform in category web applications ============================================= eFiction eFiction body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color:...
Mambo 4.5.2 - Globals Overwrite Remote Command Execution
Mambo 4.5.2 - Globals Overwrite Remote Command Execution Mambo body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: F...
PHPWebThings <= 1.4 (msg/forum) SQL Injection Exploit
No description provided by source. ?php ---phpwebth14xpl.php 10.47 16/11/2005 PHPWebThings 1.4 "msg" and "forum" SQL injection / Administrative credentials disclosure and remote commands execution coded by rgod site: http://rgod.altervista.org based on http://secunia.com/advisories/17410/, but he...
PHPWebThings 1.4 - msgforum SQL Injection
PHPWebThings 1.4 - msgforum SQL Injection ?php ---phpwebth14xpl.php 10.47 16/11/2005 PHPWebThings 1.4 "msg" and "forum" SQL injection / Administrative credentials disclosure and remote commands execution coded by rgod site: http://rgod.altervista.org based on http://secunia.com/advisories/17410/,...
XOOPS 2.2.3 Final arbitrary local inclusion / XOOPS WF-Downloads module v 2.05 SQL Injection
11.04 12/11/2005 1XOOPS 2.2.3 Final arbitrary local inclusion 2XOOPS WF-Downloads module v 2.05 SQL Injection / Administrative credentials disclousre / Remote commands execution software: site: http://www.xoops.org/ description: "XOOPS is an extensible, OO Object Oriented, easy to use dynamic web...
XOOPS (wfdownloads) 2.05 Module Multiple Vulnerabilities Exploit
No description provided by source. ?php / rgod: http://target/pathtoxoops/class/xoopseditor/textarea/editorregistry.php?xoopsConfiglanguage=../../../../../../../../../../script...
XOOPS (wfdownloads) 2.05 Module - Multiple Vulnerabilities
?php / rgod: http://target/pathtoxoops/class/xoopseditor/textarea/editorregistry.php?xoopsConfiglanguage=../../../../../../../../../../script http://target/pathtoxoops/class/xoopseditor/textarea/editorregistry.php?xoopsConfiglanguage=../../../../../../../../../../boot.ini%00...
Moodle <= 1.6dev SQL Injection / Command Execution Exploit
Exploit for unknown platform in category web applications ========================================================== Moodle = 1.6dev SQL Injection / Command Execution Exploit ========================================================== ?php moodle16devxpl.php 4.19 10/11/2005 Moodle = 1.6dev get...
Moodle <= 1.6dev SQL Injection / Command Execution Exploit
No description provided by source. ?php moodle16devxpl.php 4.19 10/11/2005 Moodle = 1.6dev get record SQL injection / / remote commands execution by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! make these changes in php.ini if you have troubl...
atutor151pl2.txt
ATutor 1.5.1pl2 SQL Injection / Remote commands execution software: site: http://www.atutor.ca/ description : "ATutor is an Open Source Web-based Learning Content Management System LCMS designed with accessibility and adaptability in mind." if magicquotesgpc off - SQL INJECTION vulnerable code in...
ATutor 1.5.1pl2 - SQL Injection Command Execution
ATutor 1.5.1pl2 - SQL Injection Command Execution ?php atutor151pl2xpl.php 5.12 08/11/2005 Atutor 1.5.1 pl2 possibly prior versions SQL injection / / remote commands execution by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! make these changes...
ATutor 1.5.1pl2 SQL Injection / Command Execution Exploit
No description provided by source. ?php atutor151pl2xpl.php 5.12 08/11/2005 Atutor 1.5.1 pl2 possibly prior versions SQL injection / / remote commands execution by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! make these changes in php.ini if...
CuteNews1.4.1.txt
CuteNews 1.4.1 Arbitrary file inclusion / remote code execution exploit software: site: http://cutephp.com/ description: "Cute news is a powerful and easy for using news management system that use flat files to store its database. It supports comments, archives, search function, image uploading,...
phpnuke78sql.txt
PHPNuke 7.8 with all security fixes/patches "Downloads", "WebLinks" & "YourAccount" SQL INjection - remote commands execution poc exploit there are a lot of unsanitized vars in every module, as I can see, so if magicquotesgpc is Off - SQL INJECTION 1 you can go to "Your Account" and submit a...
mwchat.txt
20.23 21/10/2005 MWCHAT 6.8 SQL INJECTION / REMOTE COMMANDS EXECUTION software: site: http://www.appindex.net description: a php chat no need for exploit code, poc:...
w-Agora 4.2.0 - quicklist.php Remote Code Execution
w-Agora 4.2.0 - quicklist.php Remote Code Execution ?php --- wagora420xpl.php 13.33 14/10/2005 W-Agora 4.2.0 possibly prior versions Remote commands execution through quicklist.php and/or upload features by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles t...
w-Agora 4.2.0 - 'quicklist.php' Remote Code Execution
?php --- wagora420xpl.php 13.33 14/10/2005 W-Agora 4.2.0 possibly prior versions Remote commands execution through quicklist.php and/or upload features by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference = o...
lucid_cms_1011_expl.txt
Lucid CMS 1.0.11a remote commands execution Lucid CMS V 1.0.11a possibly prior versions remote commands executiona script by rgod at a href="http://rgod.altervi...
FlatNuke 2.5.5 (possibly prior versions) remote commands execution / cross site scripting / path disclosure (by rgod)
0.34 2005-08-05 FlatNuke 2.5.5 possibly prior versions remote commands execution / cross site scripting / path disclosure by rgod release date: 2005-07-20 software: author site: http://flatnuke.sourceforge.net/ path disclosure: http://target/path/themes/butterfly/structure.php supllying a null by...