Academy LMS 6.1 Cross Site Scripting / File Upload

Exploit Title: Academy LMS 6.1 - Arbitrary File Upload Exploit Author: CraCkEr Date: 05/08/2023 Vendor: Creativeitem Vendor Homepage: https://academylms.net/ Software Link: https://demo.academylms.net/ Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CWE: CWE-79 -...

Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusions

Title: Ovidentia Module bulletindoc 2.9 Multiple Remote File Inclusion Vulnerabilities Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Download:...

Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusions

Ovidentia bulletindoc Module 2.9 - Multiple Remote File Inclusions Title: Ovidentia Module bulletindoc 2.9 Multiple Remote File Inclusion Vulnerabilities Author: bd0rk eMail: bd0rkathackermail.com Twitter: twitter.com/bd0rk Tested on: Ubuntu-Linux Download:...

lastRSS autoposting bot MOD 0.1.3 'phpbb_root_path' Parameter Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33843/info lastRSS autoposting bot MOD is prone to a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote...

uTorrent 2.0.3 DLL Hijacking Exploit

/ Exploit Title: uTorrent define DLLIMPORT declspec dllexport DLLIMPORT void hookstartup evil; int evil WinExec"calc", 0; exit0; return 0;...

PHPAuctionSystem PHP Code Execution

====================================================== PHPAuctionSystem Upload Vulnerability ====================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' ...

PHPAuctionSystem - Arbitrary File Upload

Name : PHPAuctionSystem Upload Vulnerability Date : june, 16 2010 Vendor url :http://www.phpauctions.info/ Critical Level : HIGH Author : Sid3^effects aKa HaRi special thanks to : r0073r inj3ct0r.com,L0rd CruSad3r,MaYur,gunslinger greetz to :All ICW members and my friends : luv y0 guyz...

NTSOFT BBS E-Market Professional XSS

+==========================================================================+ + NTSOFT BBS E-Market Professional & XSS - Remote Evil Java + +==========================================================================+ Authors: Ivan Sanchez Product: BBS E-Market Professional Vendor Overview: NTSOFT...

School Data Navigator - page LocalRemote File Inclusion

School Data Navigator - page LocalRemote File Inclusion ---------------------------------------------------------------------------------------------------- Name : School Data Navigator Site : http://sourceforge.net/projects/school-data-nav/ Down : http://216.92.6.173/datanavigator/appandreadme.z...

OTManager CMS 2.4 (Tipo) Remote File Inclusion Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= OTManager 2.4 Remote File Inclusion RFI Vulnerability - Security flaw discovered by Colt7r - CONTACT: colt7r |@| bsdmail.org - Affected Software: OTManager 2.4 - Risk: HIGH - Exploit:...

netbutikker-sql.txt

Viva Islam rEm0te SQL Injection Vulnerability netbutik V1 index.php id Script Name : Netbutik Download : www.simpelside.dk Version : version 1 , 2 , 3 ,4 AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM Email : [email protected] Note This script have 4 version on demo and users table have diffrents names y...

hordeturba-xss.txt

+==========================================================================+ + Horde & Turba Contact Manager & XSS Vulnerabilities + +==========================================================================+ Authors: Ivan Sanchez Product: Turba Contact Manager Web: http://www.horde.org Versions...

Ktools PhotoStore 3.4.3 (gallery.php gid) SQL Injection Vulnerability

No description provided by source. Remote SQL Injection Vulnerability PhotoStore 3.4.3 gallery.php gid Script NAME : PhotoStore VERSION : 3.4.3 DOWNLOAD : http://www.ktools.net/ AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM Email : [email protected] D0rk :: n/a ; ExPlo!t For ADMIN INFO : ===...

SiteBuilderElite 1.2 - Multiple Remote File Inclusions

SiteBuilderElite 1.2 - Multiple Remote File Inclusions --==+================================================================================+==-- --==+ SiteBuilderElite1.2 Multiple Remote File Inclusion +==-- --==+================================================================================+==...

lookstrike-rfilfi.txt

--==+================================================================================+==-- --==+ LookStrike Lan Manager v0.9 Remote\Local File Inclusion +==-- --==+================================================================================+==-- Author: MhZ91 Title: LookStrike Lan Manager v0....

phpcon-rfi.txt

PHP-CON v1.3 include.phpRemote File Inclusion Vulnerability Script : http://sourceforge.net/project/showfiles.php?groupid=182182 POC : /PHPCON/Exchange/include.php?webappcfgAPPPATH= Evil Code...

PHP-CON 1.3 (include.php) Remote File Inclusion Vulnerability

No description provided by source. PHP-CON v1.3 include.phpRemote File Inclusion Vulnerability Script : http://sourceforge.net/project/showfiles.php?groupid=182182 POC : /PHPCON/Exchange/include.php?webappcfgAPPPATH= Evil Code...

PHP-CON 1.3 (include.php) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================= PHP-CON 1.3 include.php Remote File Inclusion Vulnerability ============================================================= PHP-CON v1.3 include.phpRemote File Inclusion...

patBBcode 1.0 bbcodeSource.php Remote File Inclusion Vulnerability

No description provided by source. Link to download: http://www.php-tools.net/site.php?file=patBBCode/overview.xml Vuln file: examples\patExampleGen\bbcodeSource.php Vuln code: if !isset $GET'example' die 'No example selected.' ; $exampleId = $GET'example'; obstart; // make the example think it's...

phpFFL PHPFFL_File_Root参数远程文件包含漏洞

phpFFL是一款基于PHP的WEB应用程序。 phpFFL不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是多个脚本对用户提交的'PHPFFLFileRoot'参数缺少过滤，指定远程服务器上的任意文件作为包含对象，可导致以WEB权限执行任意PHP代码。 phpFFL 1.24 目前没有解决方案提供： http://www.phpffl.com/ http://www.example.com/phpffl/phpfflwebfiles/programfiles/livedraft/livedraft.php?PHPFFLFILEROOT= Evil Cod...