Read Excel Script v1.1 Shell Upload Vulnerability

Exploit for unknown platform in category web applications ================================================= Read Excel Script v1.1 Shell Upload Vulnerability ================================================= ======================================= Script : Read Excel v1.1 Shell Upload Vendor :...

Simplicity oF Upload (1.3.2) Remote File Upload Vulnerability

No description provided by source. Exploit Title: Simplicity oF Upload 1.3.2 Remote File Upload Vulnerability Date: 20-12-2009 Author: Master Mind Software Link: http://www.phpsimplicity.com/scripts.php?id=3 Version: 1.3.2 CVE : N/A Tested on: Windows 2003 Server...

Cyrus IMAPd buffer overflow vulnerability

Overview The Cyrus IMAP server contains a vulnerability that may allow an authenticated attacker to execute code. Description The Cyrus IMAP mail server supports the SIEVE mail filtering language. Cyrus IMAP versions 2.2 through 2.3.14 contain a buffer overflow vulnerability that may be triggered...

CVE-2009-2632

Buffer overflow in the SIEVE script component sieve/script.c, as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to...

Auction RSS Content Script 3.0 XSS

/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || Auction RSS Content Script V3.0 Remote XSS Vulnerabilities Discovered By : Moudi Contact : Download : http://www.jce-tech.com/auction.php...

Shorty 0.7.1b Insecure Cookie

Vulnerable Software -------------------------------------------------------------------------------- Script: Shorty v0.7.1 Beta maybe other versions URL:http://get-shorty.com/ Download:http://get-shorty.com/beta?force=download Google dork: intitle:"Shorty Beta" Bug...

Infinity 2.0.5 - Arbitrary Create Admin

?php printr' || || | || o,7 || . o7 || q||| o///, : / / . /QQQQQQQQQQQQQQQQQQQ\ q Infinity = 2.0.5 Create Admin /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ q POST 3 /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ q Owned : |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait, PEACE... |QQQQ| |QQQQ| |QQQQ| |QQQQ\ iqaahotmail.fr...

TalkBack 2.3.14 Execution / Local File Inclusion

JIKO No-exploit.Com Download:http://scripts.oldguy.us/talkback/downloads2/talkback2.3.14.zip Script : talkback V 2.3.14 Dork:inurl:test.php Powered by TalkBack -------------------------------------------- Edit Comment + talkback/comments.php?edit=1&editid=2& Command +...

DB Top Sites 1.0 - Remote Command Execution

DB Top Sites 1.0 - Remote Command Execution ?php / ------------------------------------------------------------ + About DB Top Sites v1.0 Remote Command Execution Exploit Script homepage : http://www.jnmsolutions.co.uk/topsites/ Author : SirGod Thanks to : Nytro Website : www.mortal-team.org...

PHP Article Publisher - Remote Change Admin Password

=-=-remote change password and add admin xpl-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-= script:phparticlepublisher ------------------------------------------------- Author: ahmadbady my site :Coming Soon =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= download...

CVE-2009-1652

admin/adminaddeditdetails.php in Business Community Script does not properly restrict access, which allows remote attackers to gain privileges and add administrators via a direct request...

Apache Tiles Multiple XSS Vulnerability

This host has Apache Tiles installed and is prone to Cross-Site Script Vulnerability OpenVAS Vulnerability Test $Id: secpodapachetilesxssvuln.nasl 8695 2018-02-06 16:42:37Z cfischer $ Apache Tiles Multiple XSS Vulnerability Authors: Sujit Ghosal Copyright: Copyright c 2009 SecPod,...

Job2C 4.2 - 'adtype' Local File Inclusion

Job2C version 4.2 adtype MulTiple LFi Script: http://www.w2b.ru/download/Job2C.zip ---------------------------------------------------------- Discovered By: ZoRLu Date: 15.04.2009 Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com contact: [email protected] N0T: Herkes Hecker Olmu...

CVE-2008-6683

Cross-site scripting XSS vulnerability in listtest.php in Apartment Search Script allows remote attackers to inject arbitrary web script or HTML via the r parameter...

BlogPlus 1.0 Local File Inclusion

--:local file include:-- --------------------------------- script:blog+ v1.0 ---------------------------------------------- download from:http://www.ziddu.com/download/3151643/blogplusv1.0final.zip.html ----------------------------------------------...

Free Joke Script 1.0 Auth Bypass / SQL Injection Vulnerability

No description provided by source. freejokesscript = 1.0 joke-archives.php remote sql injection vulnerability & admin bypass vulnerability info : found at semi sexy mode, when i was searching jokes script for my own site. if u have any please help :. i didnt sit and search them like others so don...

Synactis ALL In-The-Box ActiveX控件SaveDoc()方法覆盖任意文件漏洞

Synactis ALL In-The-Box ActiveX控件是一种PDF及图像文件自动化生成及输出工具。 ALL In-The-Box ActiveX控件AllInTheBox.ocx的SaveDoc方法实现上存在漏洞，远程攻击者可能利用此漏洞通过指定以NULL结尾的文件名覆盖系统上的任意文件，导致拒绝服务或任意命令执行。 Synactis ALL In-The-Box ActiveX 3.x 厂商补丁： Synactis -------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.synactis.com...

PT-2009-2988 · Ninja · Ninja Blog

Name of the Vulnerable Software and Affected Versions: Ninja Blog version 4.8 Description: The issue allows remote attackers to read arbitrary files due to a directory traversal vulnerability in the entries/index.php file when magic quotes gpc is disabled. This is achieved by using a .. dot dot i...

Free Directory Script 1.1.1 (API_HOME_DIR) RFI Vulnerability

Exploit for unknown platform in category web applications ============================================================ Free Directory Script 1.1.1 APIHOMEDIR RFI Vulnerability ============================================================ Directory v1.1.1 APIHOMEDIR RFI Vulnerablity © Ghost Hacker...

MemHT Portal 4.0.1 SQL Injection Code Execution Exploit

No description provided by source. !/usr/bin/perl =about MemHT 4.0.1 Perl exploit AUTHOR discovered & written by Ams ax330d doggy gmail dot com VULN. DESCRIPTION: Due to weak params filtering we are able to make SQL-Injection. So, 1. Look at 'inc/ajax/ajaxrating.php', line 29. It is not enough to...