6441 matches found
Monster Top List 1.4.2 - 'functions.php?root_path' Remote File Inclusion
!/usr/bin/perl Monster Top List hTTp://RSTZONE.NET .\n"; print ". coded by fluffybunny - [email protected] .\n"; print "...............................................................\n\n"; my $kw3,$path,$shell,$conexiune,$cmd,$data ; if !$ARGV0 || !$ARGV1 exit0; $path = $ARGV0; chomp$path; $shell ...
Monster Top List <= 1.4.2 (functions.php root_path) RFI Exploit
Exploit for unknown platform in category web applications =============================================================== Monster Top List = 1.4.2 functions.php rootpath RFI Exploit =============================================================== !/usr/bin/perl Monster Top List = 1.4.2 remote...
Monster Top List 1.4.2 - functions.php?root_path Remote File Inclusion
Monster Top List 1.4.2 - functions.php?rootpath Remote File Inclusion !/usr/bin/perl Monster Top List hTTp://RSTZONE.NET .\n"; print ". coded by fluffybunny - [email protected] .\n"; print "...............................................................\n\n"; my...
File(1) 4.13 - Command File_PrintF Integer Underflow
// source: https://www.securityfocus.com/bid/23021/info The file1 command is prone to an integer-underflow vulnerability because the command fails to adequately handle user-supplied data. An attacker can leverage this issue to corrupt heap memory and execute arbitrary code with the privileges of ...
CA BrightStor ARCserve - 'msgeng.exe' Remote Stack Overflow
!/usr/bin/python This one was listed in the SANS TOP 20 and I needed an exploit for analysis. I couldnt find a reliable exploit for my analysis and so came up with this. Remote exploit for the CA BrightStor msgeng.exe service stack overflow vulnerability as described in LS-20060330.pdf on...
CA BrightStor ARCserve - msgeng.exe Remote Stack Overflow
CA BrightStor ARCserve - msgeng.exe Remote Stack Overflow !/usr/bin/python This one was listed in the SANS TOP 20 and I needed an exploit for analysis. I couldnt find a reliable exploit for my analysis and so came up with this. Remote exploit for the CA BrightStor msgeng.exe service stack overflo...
CA BrightStor ARCserve (msgeng.exe) Remote Stack Overflow Exploit
Exploit for unknown platform in category remote exploits ================================================================= CA BrightStor ARCserve msgeng.exe Remote Stack Overflow Exploit ================================================================= !/usr/bin/python This one was listed in the...
Sql injection
SQL injection vulnerability in mainfile.php in PHP-Nuke 8.0 and earlier allows remote attackers to execute arbitrary SQL commands in the Top or News module via the lang parameter...
CVE-2007-1450
SQL injection vulnerability in mainfile.php in PHP-Nuke 8.0 and earlier allows remote attackers to execute arbitrary SQL commands in the Top or News module via the lang parameter...
CVE-2007-1450
SQL injection vulnerability in mainfile.php in PHP-Nuke 8.0 and earlier allows remote attackers to execute arbitrary SQL commands in the Top or News module via the lang parameter...
Top Auction 1.0 - 'viewcat.php' SQL Injection
!/usr/bin/perl Script Name: Top Auction 1.0 viewcat.php Remote Blind SQL Injection Exploit Coded by : ajann Author : ajann Contact : : S.Page : http://www.phplabs.com $$ : 39.95$ .. : ajann,Turkey use IO::Socket; if@ARGV : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are...
Top Auction 1.0 (viewcat.php) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ========================================================== Top Auction 1.0 viewcat.php Remote SQL Injection Exploit ========================================================== !/usr/bin/perl Script Name: Top Auction 1.0 viewcat.php Remote...
Cross site scripting
Cross-site scripting XSS vulnerability in the Nullsoft ShoutcastServer 1.9.7 allows remote attackers to inject arbitrary web script or HTML via the top-level URI on the Incoming interface port 8001/tcp, which is not properly handled in the administrator interface when viewing the log file...
CVE-2007-1151
Cross-site scripting XSS vulnerability in LoveCMS 1.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter to the top-level URI, possibly related to a SQL error...
CVE-2007-1149
Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote attackers to read arbitrary files via a .. dot dot in 1 the step parameter to install/index.php or 2 the load parameter to the top-level URI...
Directory traversal
Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 allow remote attackers to read arbitrary files via a .. dot dot in the 1 act or 2 pid parameter to the top-level URI index.php, or the 3 action parameter to admin/index.php. NOTE: some of these details are obtained from third part...
CVE-2007-0921
Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL in the query string to the top-level URI...
Cross site scripting
Cross-site scripting XSS vulnerability in Quick Digital Image Gallery Qdig 1.2.9.3 and devel-20060624 allows remote attackers to inject arbitrary web script or HTML via the Qwd parameter to the top-level URI...
DEBIAN-CVE-2007-0341
Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than...
phpPC <= 1.04 Multiple Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ============================================================ phpPC = 1.04 Multiple Remote File Inclusion Vulnerabilities ============================================================ phpPC 1.04 Multiples Remote File Inclusion Script : PHP...