Traq 2.3 - Authentication Bypass / Remote Code Execution

group'isadmin' 32. header"Location: login.php"; 33. This function is called in each script located into /admicp/ directory to make sure the user has admin rights, but this is a broken authorization schema due to the header function doesn't stop the execution flow. This can be exploited by malicio...

Zhuo Xun intelligent site management system EmteEasySite vulnerability 0day-vulnerability warning-the black bar safety net

| Zhuo Xun intelligent site management system ,official website:http://www. emte. com. cn/ Google:technical support:Zhuo information technology the default background:/main/login. asp //directly into the backstage to see the copyright is not EmteEasy system Exploit:the default address database ca...

vBSEO 3.5.2 & 3.2.2 - Persistent XSS via LinkBacks

Exploit for php platform in category web applications Versions Affected: 3.5.2 & 3.2.2 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on the Web. The 1 SEO plugin and the only professional, fully supported solution. A full package of SEO enhancement...

vBSEO 3.2.23.5.2 - Persistent Cross-Site Scripting via LinkBacks

vBSEO 3.2.23.5.2 - Persistent Cross-Site Scripting via LinkBacks vBSEO - Persistent XSS via LinkBacks http://www.exploit-db.com/vbseo-from-xss-to-reverse-php-shell/ Versions Affected: 3.5.2 & 3.2.2 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on t...

vBSEO 3.2.2/3.5.2 - Persistent Cross-Site Scripting via LinkBacks

vBSEO - Persistent XSS via LinkBacks http://www.exploit-db.com/vbseo-from-xss-to-reverse-php-shell/ Versions Affected: 3.5.2 & 3.2.2 Most likely all versions Info: A proven success record, vBSEO powers the most optimized forums on the Web. The 1 SEO plugin and the only professional, fully support...

vbShout 5.2.2 Remote / Local File Inclusion

Title: vbShout 5.2.2 Remote/Local File Inlcusion Mod/Admin + Author: fred777 - fred777.5x.to + Link: http://www.dragonbyte-tech.com/vbecommerce.php?do=purchase&act=product&id=2 + Vuln: vbshout.php?do=path/fileNULL-Byte + Greetzz to: SceneCoderz + Contact: [email protected] + -- Vuln...

vbShout 5.2.2 - Local/Remote File Inclusion

Title: vbShout 5.2.2 Remote/Local File Inlcusion Mod/Admin + Author: fred777 - fred777.5x.to + Link: http://www.dragonbyte-tech.com/vbecommerce.php?do=purchase&act=product&id=2 + Vuln: vbshout.php?do=path/fileNULL-Byte + Greetzz to: SceneCoderz + Contact: [email protected] + -- Vuln...

vBulletin 3.8.4 / 3.8.5 Registration Bypass

=============================================================== vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability =============================================================== 010101010101010101010101010101010101010101010101010101010 0 0 1 Iranian Datacoders Security Team 2010 1 0 0...

vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability

No description provided by source. =============================================================== vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability =============================================================== 010101010101010101010101010101010101010101010101010101010 0 0 1 Iranian...

vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability

Exploit for php platform in category web applications ========================================================= vBulletin 3.8.4 & 3.8.5 Registration Bypass Vulnerability ========================================================= 010101010101010101010101010101010101010101010101010101010 0 0 1 Irani...

File Share scriptFile share - SQL Injection

File Share scriptFile share - SQL Injection ----------------------oOO------OOo----------------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | |MouDy-Dz // 2o1o | ------------------------------------------------------------ Upload Shell...

Games Script (Galore) Backup Dump Vulnerability

Exploit for php platform in category web applications =============================================== Games Script Galore Backup Dump Vulnerability =============================================== ======================================================================================== | Title :...

GameScript 3.0 - SQL Injection

Author : FormatXformat Home : Tkurd.net Script : http://www.gamescript.net Vulnerabilities : SQL Injection Dork: Copyright © 2005 - 2006 GameScript.net. All Games Copyright © To Their Respective Owners. All Rights Reserved. Exploit:...

vBulletin adminCP Cross Site Scripting

.::vBulletin adminCP Cross-Site Scripting ::. Exploit Title: vBulletin adminCP Cross-Site Scripting Date: 2009 Author: Ashiyane Digital Security Members Cair3x Software Link: http://www.vbulletin.com/ Version: 3.8.4 and all Version Tested on: vBulletin 3.8.4 CVE : Code : -::Forum Manager = Add Ne...

vBulletin adminCP Cross-Site Scripting

No description provided by source. .::vBulletin adminCP Cross-Site Scripting ::. Exploit Title: vBulletin adminCP Cross-Site Scripting Date: 2009 Author: Ashiyane Digital Security Members Cair3x Software Link: http://www.vbulletin.com/ Version: 3.8.4 and all Version Tested on: vBulletin 3.8.4 CVE...

Uploadscript 1.0 Disclosure / Shell Upload

Exploit Title: Uploadscript v1.0. Multiple Vulnerabilities Date: 13-12-2009 Author: Mr.aFiR Software Link: http://www.phpstudio.hu/?action=verify&categorize=php&subaction=php&context=php&ID=75&verify=0 Version: N/A Tested on: GNU/LINUX CVE : N/A Code : N/A / \ / \ / \ | | |/ | | | Y Y | V\ / Y| |...

Uploadscript v1.0. Multiple Vulnerabilities

Exploit for unknown platform in category web applications =========================================== Uploadscript v1.0. Multiple Vulnerabilities =========================================== How to use it ? ----------------- Go to : http://site/path/password.txt You will find a Hashmd5 password !...

Chipmunk Board Script 1.x Multiple XSRF Vulnerabilities

Exploit for unknown platform in category web applications ======================================================= Chipmunk Board Script 1.x Multiple XSRF Vulnerabilities =======================================================...

Chipmunk Board Script 1.x - Multiple Cross-Site Request Forgery Vulnerabilities

------------------------------------------------------------------------------------------------- Title: Chipmunk Board Script 1.x Multiple XSRF Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 11. December 2009...

Uploadscript 1.0 - Multiple Vulnerabilities

Exploit Title: Uploadscript v1.0. Multiple Vulnerabilities Date: 13-12-2009 Author: Mr.aFiR Software Link: http://www.phpstudio.hu/?action=verify&categorize=php&subaction=php&context=php&ID=75&verify=0 Version: N/A Tested on: GNU/LINUX CVE : N/A Code : N/A / \ / \ / \ | | |/ | | | Y Y | V\ / Y| |...