86 matches found
PHPRunner 4.2 - 'SearchOption' Blind SQL Injection
www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory: http://www.bugreport.ir/index63.htm Fix: N/A - Description: PHPRunner...
PHPRunner 4.2 - SearchOption Blind SQL Injection
PHPRunner 4.2 - SearchOption Blind SQL Injection www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory:...
PHPRunner 4.2 SQL Injection
www.BugReport.ir AmnPardaz Security Research Team Title: PHPRunner SQL Injection Vendor: http://www.xlinesoft.com Vulnerable Version: 4.2 prior versions also may be affected Exploitation: Remote with browser Original Advisory: http://www.bugreport.ir/index63.htm Fix: N/A - Description: PHPRunner...
PHP-List Remote Code Execution
phplist 2.10.x remote code execution Credit:AmnPardaz Security Research Team for the vuln exploit author [email protected] Poc root@server pentest perl phplistrce.pl http://www.helpcenter.it/list/ phplist 2.10.x 0day RCE may b others by mozi: uname -a 686 i686 i386 GNU/Linux mozi: w 04:43:41 up...
phplist 2.10.x (RCE by environ inclusion) Local File Inclusion Exploit
Exploit for unknown platform in category web applications ====================================================================== phplist 2.10.x RCE by environ inclusion Local File Inclusion Exploit ====================================================================== phplist 2.10.x remote code...
NewsCMSlite Insecure Cookie Handling
www.BugReport.ir AmnPardaz Security Research Team Title: NewsCMSlite Vendor: http://www.katywhitton.com Bug: Insecure Cookie Handling Exploitation: Remote with browser Fix: N/A Original Advisory: http://www.bugreport.ir/index62.htm - Description: NewsCMSlite is an easy way to get regularly update...
phpList 2.10.8 - Local File Inclusion
www.BugReport.ir AmnPardaz Security Research Team Title: phpList Local File inclusion Vendor: http://www.phplist.com Bug: Local File Inclusion Vulnerable Version: 2.10.8 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original Advisory:...
phpList 2.10.8 - Local File Inclusion
phpList 2.10.8 - Local File Inclusion www.BugReport.ir AmnPardaz Security Research Team Title: phpList Local File inclusion Vendor: http://www.phplist.com Bug: Local File Inclusion Vulnerable Version: 2.10.8 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original...
CFAGCMS Remote File Inclusion
www.BugReport.ir AmnPardaz Security Research Team Title: CFAGCMS Remote File Inclusion Vendor: http://sourceforge.net/projects/cfagcms/ Bug: Remote File Inclusion Vulnerable Version: 1 Exploitation: Remote with browser Fix: N/A Original Advisory: http://www.bugreport.ir/index58.htm - Description:...
Enthusiast 3 Remote Code Execution
www.BugReport.ir AmnPardaz Security Research Team Title: Enthusiast 3 Remote Code Execution Vendor: http://scripts.indisguise.org/enthusiast/ Bug: File Inclusion Vulnerable Version: 3.1.4 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original Advisory:...
enthusiast-exec.txt
www.BugReport.ir AmnPardaz Security Research Team Title: Enthusiast 3 Remote Code Execution Vendor: http://scripts.indisguise.org/enthusiast/ Bug: File Inclusion Vulnerable Version: 3.1.4 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original Advisory:...
Enthusiast 3.1.4 (show_joined.php path) Remote File Inclusion Vuln
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Enthusiast 3 Remote Code Execution Vendor: http://scripts.indisguise.org/enthusiast/ Bug: File Inclusion Vulnerable Version: 3.1.4 prior versions also may be affected Exploitation: Remote with browser Fix:...
Enthusiast 3.1.4 - show_joined.php Remote File Inclusion
Enthusiast 3.1.4 - showjoined.php Remote File Inclusion www.BugReport.ir AmnPardaz Security Research Team Title: Enthusiast 3 Remote Code Execution Vendor: http://scripts.indisguise.org/enthusiast/ Bug: File Inclusion Vulnerable Version: 3.1.4 prior versions also may be affected Exploitation:...
Enthusiast 3.1.4 (show_joined.php path) Remote File Inclusion Vuln
Exploit for unknown platform in category web applications ================================================================== Enthusiast 3.1.4 showjoined.php path Remote File Inclusion Vuln ==================================================================...
Enthusiast 3.1.4 - 'show_joined.php' Remote File Inclusion
www.BugReport.ir AmnPardaz Security Research Team Title: Enthusiast 3 Remote Code Execution Vendor: http://scripts.indisguise.org/enthusiast/ Bug: File Inclusion Vulnerable Version: 3.1.4 prior versions also may be affected Exploitation: Remote with browser Fix: N/A Original Advisory:...
Persia BME E-Catalogue Remote SQL Injection Vulnerability
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: Persia BME E-Catalogue SQL Injection Vulnerability Vendor: http://www.persiabme.com/products/ Impact: High Fix: N/A Original Advisory: http://www.bugreport.ir/index55.htm 1. Description: Persia BME...
persiabme-sql.txt
www.BugReport.ir AmnPardaz Security Research Team Title: Persia BME E-Catalogue SQL Injection Vulnerability Vendor: http://www.persiabme.com/products/ Impact: High Fix: N/A Original Advisory: http://www.bugreport.ir/index55.htm 1. Description: Persia BME E-Catalogue is a powerful engine which...
Persia BME E-Catalogue - SQL Injection
Persia BME E-Catalogue - SQL Injection www.BugReport.ir AmnPardaz Security Research Team Title: Persia BME E-Catalogue SQL Injection Vulnerability Vendor: http://www.persiabme.com/products/ Impact: High Fix: N/A Original Advisory: http://www.bugreport.ir/index55.htm 1. Description: Persia BME...
CMME Multiple Information disclosure vulnerabilities
WwW.BugReport.ir AmnPardaz Security Research & Penetration Testing Group Title: CMME Multiple Information disclosure vulnerabilities Vendor: http://cmme.oesterholt.net Bug: Information Disclosure Vulnerable Version: 1.19 prior versions also may be affected Exploitation: Remote with browser Exploi...
ParsaWeb CMS SQL Injection
www.BugReport.ir AmnPardaz Security Research Team Title: ParsaWeb CMS SQL Injection Vendor: http://www.parsagostar.com Demo: http://cms.parsagostar.com/ Exploit: Available Impact: High Fix: N/A Original advisory: http://www.bugreport.ir/index53.htm 1. Description: ParsaWeb is a commercial ASP.NET...