SuSE 11.3 Security Update : php53 (SAT Patch Number 10313)

PHP 5.3 was updated to fix three security issues : - Use-after-free vulnerability allowed remote attackers to execute arbitrary code via a crafted unserialize call that leveraged improper handling of duplicate keys within the serialized properties of an object. bnc910659. CVE-2014-8142 -...

MyCMS <= 0.9.8 - Remote Command Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo MyCMS = 0.9.8 Remote Command Execution Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love ; if $argc3 echo Usage: php .$argv0. Host Path C...

LinPHA <= 1.3.1 (new_images.php) Remote Blind SQL Injection Exploit

No description provided by source. ?php / LinPHA = 1.3.1 newimages.php Remote Blind SQL Injection Hash Fishing Exploit / BENCHMARK method author...: EgiX mail.....: n0b0d1esathotmaildotcom link.....: http://linpha.sourceforge.net/ dork.....: LinPHA Version 1.3.x or The LinPHA developers vulnerabl...

PhpCommander <= 3.0 (upload) Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? $devilteam = ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+:...

Family Connections CMS 2.5.02.7.1 - less.php Remote Command Execution

Family Connections CMS 2.5.02.7.1 - less.php Remote Command Execution $theme = isset$argv1 ? $argv1 : 'default'; system"clear"; if fileexists"$dir/themes/$theme/style.css" echo "\n themes/$theme/style.css already exists.\n\n"; echo "Overwrite y/n ? "; $handle = fopen "php://stdin","r"; $line =...

gcards-sql-exec.txt

!/usr/bin/php -q -d shortopentag=on ?php errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; if $argc4 print "-------------------------------------------------------------------------\r\n"; print " gCards = 1.46 SQL Injection/Remote Code Execution Exploit\r\n"; print...

PHPAlbum 0.4.1 Beta 6 - language.php Local File Inclusion

PHPAlbum 0.4.1 Beta 6 - language.php Local File Inclusion DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] cod3d by Kacper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Greetings DragonHeart and all DEVIL...

FlatNuke用户数据任意PHP代码执行漏洞 Exploit

No description provided by source. ?php / Aug 2005, 4th Flatnuke 2.5.5 possibly prior versions remote code execution by rgod site: http://rgod.altervista.org thanks to UlisseHacker... : make these changes in php.ini if you have troubles with this script: allowcalltimepassreference = on...

PHPGraphy 0.9.12 Privilege Escalation / Commands Execution Exploit

No description provided by source. ?php printr' --------------------------------------------------------------------------- PHPGraphy 0.9.12 ZendHashDelKeyOrIndex/privilege escalation/ /remote command execution exploit by rgod dork: intext:"This site is using phpGraphy" | intitle:"my phpgraphy...

Quick.Cms.Lite <= 0.3 (Cookie sLanguage) Local File Include Exploit

Exploit for unknown platform in category web applications =================================================================== Quick.Cms.Lite = 0.3 Cookie sLanguage Local File Include Exploit =================================================================== ? print ' ::::::::: :::::::::: ::: :::...

N/X WCMS <= 4.1 (nxheader.inc.php) Remote File Include Exploit

Exploit for unknown platform in category web applications ============================================================== N/X WCMS | | \\ | | | | | | \ //----------------------- | DEVIL TEAM - POLISH TEAM \/ http://www.rahim.webd.pl/ . .\ . \ / | | ||/ | || / \ | \ / /\ | | / | \ \ | |/ \ /...

PHPKIT 1.6.1R2 - filecheck Remote Command Execution

PHPKIT 1.6.1R2 - filecheck Remote Command Execution works with allowurlfopen = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "All men can see the tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." also if magicquotesgpc =...

PHPKIT 1.6.1R2 - &#039;filecheck&#039; Remote Command Execution

works with allowurlfopen = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "All men can see the tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." also if magicquotesgpc = Off, you can view any file on target system by null...

DocMGR 0.54.2 - file_exists Remote Command Execution

DocMGR 0.54.2 - fileexists Remote Command Execution works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "The quality of decision is like the well-timed swoop of a falcon which enables it to strike and destroy i...

Website Baker &lt;= 2.6.0 Login Bypass / Remote Code Execution Exploit

No description provided by source. ?php ---wbaker260xpl.php 19.42 02/12/2005 Website Baker 2.6.0 Login Bypass / remote commands execution coded by rgod site: http://rgod.altervista.org - this works with magicquotesgpc off usage: launch from Apache, fill in requested fields, then go! Sun Tzu: "The...