V3n0M-Scanner - Popular Pentesting scanner for SQLi/XSS/LFI/RFI and other Vulns

V3n0M is a free and open source scanner. Evolved from baltazar's scanner, it has adapted several new features that improve fuctionality and usability. It is mostly experimental software. This program is for finding and executing various vulnerabilities. It scavenges the web using dorks and...

vBulletin 4.0.x - 4.1.2 (search.php, cat param) - SQL Injection Exploit

No description provided by source. vBulletin 4.0.x = 4.1.2 AUTOMATIC SQL Injection exploit Author: D35m0nd142, [email protected] Google Dork: inurl:search.php?searchtype=1 Date: 02/09/2014 Vendor Homepage: http://www.vbulletin.com/ Tested on: vBulletin 4.1.2 Usage: perl exploit.pl http://targe...

vBulletin 4.0.x 4.1.2 - search.php?cat SQL Injection

vBulletin 4.0.x 4.1.2 - search.php?cat SQL Injection vBulletin 4.0.x = 4.1.2 AUTOMATIC SQL Injection exploit Author: D35m0nd142, Google Dork: inurl:search.php?searchtype=1 Date: 02/09/2014 Vendor Homepage: http://www.vbulletin.com/ Tested on: vBulletin 4.1.2 Usage: perl exploit.pl Tutorial video:...

Adobe ColdFusion all versions LFD exploit (without Metasploit)

This code exploit a Local FIle Disclosure vulnerability in ColdFusion that allows attackers to dump administrator passwords and log into the admin panel. !/usr/bin/perl ColdFusion Locale File Disclosure exploit without Metasploit Google Dork: intitle:"Index of /CFIDE/" administrator Date:...

MySQL.com Once again Compromised using Sql Flaw

MySQL.com Once again Compromised using Sql Flaw A hacker with name "D35M0ND142 " claim to hack MySql.com website using Sql Injection Flaws. In September, Mysql.com was hacked and it was serving BlackHole exploit malware on the site. In a pastebin dump Hacker Exposes various Admin user credentials...