phpnukeplatinum-exec.txt

Date: 02/07/08 Note I modified a bit phpsploit for this exploit, because PHP Nuke plays with REQUESTURI var ... Requirements registerglobals=On phpreter phpreter is really easy to use: You can change mode using "mode=", with = sql, php or cmd If you want to understand how it work ... read the cod...

phpTournois <= G4 Remote File Upload/Code Execution Exploit

Exploit for unknown platform in category web applications =========================================================== phpTournois Remote Code Execution - Remote File Upload When testing if we are admin, phpTournois checks if $grade'a'=='a'. But when we are not loggued in, this var is not defined...

PEEL CMS 3.x - Admin Hash Extraction / Arbitrary File Upload

!/usr/bin/php URL: http://realn.free.fr/ Date: 03-18-08 Targets: PEEL PREMIUM PEEL POWERSELL PEEL INTEGRALE PEEL PROFESSIONNELLE This exploit will use multiple vulns of multiple versions of PEEL to try to spawn a Remote Upload File. Special thanks to: ddx39...

zKup CMS 2.0 &lt; 2.3 - Remote Add Admin

!/usr/bin/php Date: 03-08-2008 Conditions: None. This exploit add a new zKup admin. / print "\n"; print " zKup CMS v2.0 \n\n"; if$argc \n eg: php zkup2adminexploit.php http://127.0.0.1/votresite/ real p4ssw0rd";exit-1; $url = $argv1; $log = $argv2; $pas = $argv3; $postit =...

zKup CMS 2.0 2.3 - Remote Add Admin

zKup CMS 2.0 2.3 - Remote Add Admin !/usr/bin/php Date: 03-08-2008 Conditions: None. This exploit add a new zKup admin. / print "\n"; print " zKup CMS v2.0 \n\n"; if$argc \n eg: php zkup2adminexploit.php http://127.0.0.1/votresite/ real p4ssw0rd";exit-1; $url = $argv1; $log = $argv2; $pas = $argv...