sNews <= 1.5.30 Remote Reset Admin Pass / Command Exec Exploit

No description provided by source. ?php printr' --------------------------------------------------------------------------- sNews = 1.5.30 unauthorized access / reset admin pass / cmd exec exploit by rgod dork: "Barbecued by sNews" mail: retrog at alice dot it site: http://retrogod.altervista.org...

Woltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection Exploit

No description provided by source. ?php printr' -------------------------------------------------------------------------------- Woltlab Burning Board Lite 1.0.2 decodecookie sql injection exploit by rgod [email protected] site: http://retrogod.altervista.org dork: "Powered by Burning Board Lite...

Quick.Cms.Lite <= 0.3 (Cookie sLanguage) Local File Include Exploit

Exploit for unknown platform in category web applications =================================================================== Quick.Cms.Lite = 0.3 Cookie sLanguage Local File Include Exploit =================================================================== ? print ' ::::::::: :::::::::: ::: :::...

Nitrotech 0.0.3a (includes/common.php) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ==================================================================== Nitrotech 0.0.3a includes/common.php Remote Code Execution Exploit ==================================================================== !/usr/bin/php -q -d shortopentag=o...

JaxUltraBB 2.0 - &#039;delete.php&#039; Remote Auto Deface

!/usr/bin/php -q -d shortopentag=on ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...

exV2 &lt; 2.0.4.3 - &#039;sort&#039; SQL Injection

!/usr/bin/php -q -d shortopentag=on = 4.1 allowing subs and if 'messages' module is enabled / if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord...

pppBlog 0.3.8 - System Disclosure

pppBlog 0.3.8 - System Disclosure !/usr/bin/php -q -d shortopentag=on ? echo "pppBlog = 0.3.8 system disclosure exploit\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "dork: intext:"Powered by pppblog"\r\n\r\n"; / works with:...

XHP CMS <= 0.5 (upload) Remote Command Execution Exploit

Exploit for unknown platform in category web applications ======================================================== XHP CMS = 0.5 upload Remote Command Execution Exploit ======================================================== !/usr/bin/php -q -d shortopentag=on ? echo "XHP CMS = 0.5 remote cmmnds...

FCKEditor 2.0 2.2 - FileManager connector.php Arbitrary File Upload

FCKEditor 2.0 2.2 - FileManager connector.php Arbitrary File Upload a short explaination: if a user cam call directly http://target/path/editor/filemanager/browser/default/connectors/php/connector.php he can upload malicious contempt on a target server, including arbitrary php code, and launch...

AnalogX SimpleServer:WWW <= 1.05 Denial of Service Exploit

Exploit for unknown platform in category dos / poc ========================================================== AnalogX SimpleServer:WWW Prepare to start connect.\n"; sleep1; $s = IO::Socket::INET-newProto="tcp", PeerAddr=$ARGV0, PeerPort=$ARGV1, Timeout=6 or die " Target web server already DoSeD ?...

Mtp-Target Server 1.2.2 - Memory Corruption

Mtp-Target Server 1.2.2 - Memory Corruption source: https://www.securityfocus.com/bid/13463/info The Mtp-Target server is prone to a memory corruption vulnerability. The issue exists because a comparison fails to ensure that an integer value parameter retrieved from a client is signed. A check is...

Nuked-klaN 1.3 - Remote Information Disclosure

Nuked-klaN 1.3 - Remote Information Disclosure source: https://www.securityfocus.com/bid/6917/info A vulnerability has been discovered in Nuked-Klan which may be exploited to execute certain PHP functions on a target server. This issue occurs in the 'Team', 'News', and 'Lien' modules and is due t...

FuseWare FuseMail 2.7 - POP Mail Buffer Overflow

FuseWare FuseMail 2.7 - POP Mail Buffer Overflow // source: https://www.securityfocus.com/bid/634/info There is a buffer overflow in the FuseMail POP service long USER,PASS that may allow an intruder to execute arbitrary code on the target server. FuseMail 2.7...

NetcPlus SmartServer 3.5.1 - SMTP Buffer Overflow

NetcPlus SmartServer 3.5.1 - SMTP Buffer Overflow // source: https://www.securityfocus.com/bid/632/info There is a buffer overflow on the SmartServer3 SMTP service long MAIL FROM: that may allow an intruder to execute arbitrary code on the target server. 1 @Work SmartServer3...

PYSEC-2024-55

Malicious package. Exfiltrated secrets to a target server...