2611 matches found
xml2owl-exec.txt
--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Remote...
xml2owl 0.1.1 showCode.php Remote Command Execution Vulnerability
Exploit for unknown platform in category web applications ================================================================= xml2owl 0.1.1 showCode.php Remote Command Execution Vulnerability =================================================================...
Free QBoard qb_path远程文件包含漏洞
BUGTRAQ ID: 18788 Free Qboard是高级的开放源码留言簿服务。 Free Qboard的多个模块中存在远程文件包含漏洞,远程攻击者可能利用此漏洞在服务器上执行任意命令。 具体漏洞代码如下: ---------------------- 1- index.php include $qbpath."incs/mysql.php"; include $qbpath."incs/crypt.php"; ---------------------------------- 2- about.php include $qbpath."incs/header.php";...
Tikiwiki 1.9.8.3 tiki-special_chars.php XSS Vulnerability
H - Security Labs Tikiwiki v1.9.8.3 Security Advisory ID : HSEC20072212 General Information -------------------------- Name : Tikiwiki 1.9.8.3 Vendor HomePage :http://tikiwiki.org Platforms : PHP && MySQL Vulnerability Type : Input Validation Error Timeline ------------------------- 17 December...
NmnNewsletter 1.0.7 (output) Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications ================================================================ NmnNewsletter 1.0.7 output Remote File Inclusion Vulnerability ================================================================...
Uber Uploader <= 5.3.6 Remote File Upload Vulnerability
Uber Uploader = 5.3.6 Remote File Upload Vulnerability Download: http://sourceforge.net/projects/uber-uploader Bug found by JosS / Jose Luis Gуngora Fernбndez Contact: sys-projectathotmail.com Spanish Hackers Team www.spanish-hackers.com /server irc.freenode.net /join fullsecure .vuln/ There isn'...
PhpMyDesktop|arcade 1.0 Final (phpdns_basedir) RFI Vulnerability
Exploit for unknown platform in category web applications ================================================================ PhpMyDesktop|arcade 1.0 Final phpdnsbasedir RFI Vulnerability ================================================================ Name : PhpMyDesktop|arcade 1.0 Final...
Anon Proxy Server - Remote Code Execution
By Michael Brooks Vulnerability type: Multiple Remote System commands execution. Software: Anon Proxy Server Home page:http://sourceforge.net/projects/anonproxyserver/ Affects version: 0.100 Example exploit:...
PHP RPG - Sql Injection and Session Information Disclosure.
By Michael Brooks Vulneralbity: Sql Injection and Session Information Disclosure. Homepage:http://sourceforge.net/projects/phprpg/ Verison affected 0.8.0 There are two flaws that affect this applcation. A nearly vinnella login bypass issues affects phprpg. If magicqutoesgpc=off then this will log...
Anon Proxy Server 0.1000 Remote Command Execution Vulnerability
No description provided by source. By Michael Brooks Vulnerability type: Multiple Remote System commands execution. Software: Anon Proxy Server Home page:http://sourceforge.net/projects/anonproxyserver/ Affects version: 0.100 Example exploit:...
123tkShop 0.9.1 Remote Authentication Bypass Vulnerability
No description provided by source. By Michael Brooks Vulnerability:Sql Injection Software:123tkShop Homepage:http://sourceforge.net/projects/my123tkshop/ Affects Version 0.9.1. An attacker can gain Administrative rights with this authentication bypass exploit:...
CVE-2007-6348
SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net before 20071213, has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability, which allows remote attackers to execute arbitrary code...
Remote file inclusion
SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net before 20071213, has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability, which allows remote attackers to execute arbitrary code...
CVE-2007-6348
CVE-2007-6348 affects SquirrelMail 1.4.11 and 1.4.12 as distributed on SourceForge before 2007-12-13, where an external modification introduced a PHP remote file inclusion vulnerability allowing remote code execution. The vulnerability is categorized with CVSS v2 base score 6.8 (Network attack ve...
123tkShop 0.9.1 - Remote Authentication Bypass
123tkShop 0.9.1 - Remote Authentication Bypass By Michael Brooks Vulnerability:Sql Injection Software:123tkShop Homepage:http://sourceforge.net/projects/my123tkshop/ Affects Version 0.9.1. An attacker can gain Administrative rights with this authentication bypass exploit:...
Anon Proxy Server 0.1000 - Remote Command Execution
Anon Proxy Server 0.1000 - Remote Command Execution By Michael Brooks Vulnerability type: Multiple Remote System commands execution. Software: Anon Proxy Server Home page:http://sourceforge.net/projects/anonproxyserver/ Affects version: 0.100 Example exploit:...
xml2owl 0.1.1 (filedownload.php) Remote File Disclosure Vulnerability
No description provided by source. xml2owl 0.1.1 filedownload.php Remote File Disclosure Vulnerability D.s : http://surfnet.dl.sourceforge.net/sourceforge/xml2owl/xml2owl-0.1.1.tar.bz2 POC : /xml2owl-0.1.1/filedownload.php?file=config.inc.php...
123tkShop 0.9.1 Remote Authentication Bypass Vulnerability
Exploit for unknown platform in category web applications ========================================================== 123tkShop 0.9.1 Remote Authentication Bypass Vulnerability ========================================================== By Michael Brooks Vulnerability:Sql Injection Software:123tkSh...
Anon Proxy Server 0.1000 - Remote Command Execution
By Michael Brooks Vulnerability type: Multiple Remote System commands execution. Software: Anon Proxy Server Home page:http://sourceforge.net/projects/anonproxyserver/ Affects version: 0.100 Example exploit:...
123tkShop 0.9.1 - Remote Authentication Bypass
By Michael Brooks Vulnerability:Sql Injection Software:123tkShop Homepage:http://sourceforge.net/projects/my123tkshop/ Affects Version 0.9.1. An attacker can gain Administrative rights with this authentication bypass exploit:...