2481 matches found
creative Guestbook 1.0 - Multiple Vulnerabilities
creative Guestbook 1.0 - Multiple Vulnerabilities .-""""""""-. / Dj7xpl \ | | |, .-. .-. ,| | o/ \o | |/ /\ | @ ^^ \|IIIIII|/ @8@8 / \ / @ +Iranian Are The Best In World+ Portal : Creative Guestbook 1.0 Download : http://www.thecreativeheads.de/CreativeFiles/downloads.php Author : Dj7xpl |...
CVE-2007-0409
BEA WebLogic 7.0 through 7.0 SP6, 8.1 through 8.1 SP4, and 9.0 initial release does not encrypt passwords stored in the JDBCDataSourceFactory MBean Properties, which allows local administrative users to read the cleartext password...
CVE-2006-6773
pages/register/register.php in Fishyshoop 0.930 beta allows remote attackers to create arbitrary administrative users by setting the isadmin HTTP POST parameter to 1...
CVE-2006-6773
CVE-2006-6773 affects Fishyshoop 0.930 beta, where pages/register/register.php allows remote attackers to create arbitrary administrative users by sending is_admin=1 via HTTP POST. The vulnerability enables elevation of privileges (admin account creation) through a parameter-based bypass in the r...
Woltlab Burning Board Lite 1.0.2 decode_cookie() SQL Injection Exploit
Exploit for unknown platform in category web applications ====================================================================== Woltlab Burning Board Lite 1.0.2 decodecookie SQL Injection Exploit ====================================================================== ?php printr'...
Solaris 8 (sparc) : 110011-02
The remote host is missing Sun Security Patch number 110011-02 AnswerBook 1.4.2: create admin user that can interact with shell. Date this patch was last updated by Sun : Thu Aug 03 18:00:00 MDT 2000 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@...
Solaris 7 (sparc) : 110011-02
The remote host is missing Sun Security Patch number 110011-02 AnswerBook 1.4.2: create admin user that can interact with shell. Date this patch was last updated by Sun : Thu Aug 03 18:00:00 MDT 2000 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@...
cahierSQL.txt
Cahier de textes Pierre Lemaitre - St Lô France - Ver 2.0 Remote SQL injection Exploit Discovred By s4mi s4miatlinuxmaildotorg exploit http://localhost/PATH/lire.php?classeID=1&matiereID=SQL or http://localhost/PATH/lireafaire.php?classeID=SQL expemle of sql code to get admin user and password...
Cahier de textes 2.0 Remote SQL injection Exploit
Cahier de textes Pierre Lemaitre - St Lф France - Ver 2.0 Remote SQL injection Exploit Discovred By s4mi s4miatlinuxmaildotorg exploit http://localhost/PATH/lire.php?classeID=1&matiereID=SQL or http://localhost/PATH/lireafaire.php?classeID=SQL expemle of sql code to get admin user and password...
CVE-2006-4468
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to unvalidated input, allow attackers to have an unknown impact via unspecified vectors involving the 1 mosMail, 2 JosIsValidEmail, and 3 josSpoofValue functions; 4 the lack of inclusion of globals.php in...
mybb-sql-115.php.txt
!/usr/bin/php -q -d shortopentag=on ? echo "MyBulletinBoard MyBB = 1.1.5 'CLIENT-IP' SQL injection / create new admin exploit\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork, version specific: "Powered By MyBB" "2006 MyBB Group"\n\n"; / works...
MyBulletinBoard (MyBB) 1.1.5 - CLIENT-IP SQL Injection
MyBulletinBoard MyBB 1.1.5 - CLIENT-IP SQL Injection !/usr/bin/php -q -d shortopentag=on ? echo "MyBulletinBoard MyBB = 1.1.5 'CLIENT-IP' SQL injection / create new admin exploit\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork, version specific:...
MyBulletinBoard (MyBB) <= 1.1.5 (CLIENT-IP) SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================= MyBulletinBoard MyBB = 1.1.5 CLIENT-IP SQL Injection Exploit ================================================================= !/usr/bin/php -q -d shortopentag=on ? echo...
VHCS <= 2.4.7.1 (Add User) Authentication Bypass Exploit
Exploit for unknown platform in category web applications ======================================================== VHCS VHCS version function submitform if document.adminadduser.username.value=='admin' alert'Learn to read before launching an exploit, script-kiddie!'; exit;...
pafaq.pl.txt
!/usr/bin/perl -w paFaq 1.0 Add Administrator PoC // By James // http://www.gulftech.org use LWP::UserAgent; Set up the LWP User Agent $ua = new LWP::UserAgent; $ua-agent"paFaq Hash Grabber v1.0"; if !$ARGV0 print "Usage : pafaq.pl http://path/to/pafaq"; exit; my $keytime = time; my $dbmpath =...
God Admin Injection Vulnerability in Siteman 1.0.x
God Admin Injection Vulnerability in Siteman 1.0.x, Discovered by PersianHacker.NET Security Team by amironline452 amironline452 hotmail com http://www.PersianHacker.NET http://www.amironline452.tk Siteman is a Content Management System CMS that is so easy to install and use, that a person who ha...
PT-2004-3258 · Phpx · Phpx
Name of the Vulnerable Software and Affected Versions: PHPX versions 3.0 through 3.2.6 Description: A cross-site request forgery CSRF issue allows remote attackers to execute arbitrary commands via specific URLs that are automatically executed on behalf of the administrator. The affected URLs...
os-x/PPC Add user r00t 219 bytes
No description provided by source. / PPC OS X / Darwin Shellcode by B-r00t. 2003. open; write; close; execve; exit; See ASM below. 219 Bytes! / char shellcode = "\x7c\xa5\x2a\x79\x40\x82\xff\xfd\x7d\x48\x02\xa6\x3b\xea\x01\x70" "\x39\x60\x01\x70\x39\x1f\xff\x0d\x7c\xa8\x29\xae\x38\x7f\xff\x04"...
PHP-Nuke 6.x/7.0/7.1 - Image Tag Admin Command Execution
source: https://www.securityfocus.com/bid/9895/info It has been reported that PHP-Nuke is prone to a remote admin command execution vulnerability. This issue is due to a design error that allows an attacker to specify arbitrary URI values in bbCode tags contained within posts. This issue may be...
Poster 2.0 - Unauthorized Privileged User Access
source: https://www.securityfocus.com/bid/8426/info A vulnerability has been reported for Poster.version:two. The problem occurs due to the application failing to lock the 'setup' variable after initialization. As a result, an attacker may access this variable to add additional adminstrator users...