Ksemail (index.php language) Local File Inclusion Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discoverd by dun \ dunatstrcpy.eu Ksemail Local File Include Vulnerability Script site: http://www.ksemail.com/,...

mybbcp-sql.txt

MyBulletin Board MyBB Plugin "Custom Pages 1.0" - SQL Injection Vulnerability found by: LidlosesAuge Contact ICQ: 120946783 Greetz to: free-hack.com Vulnerability: Document: pages.php GET-Parameter: page Dork: inurl:"pages.php" + intext:"powered by mybb" Example:...

MyBB Plugin Custom Pages 1.0 Remote SQL Injection Vulnerability

No description provided by source. MyBulletin Board MyBB Plugin "Custom Pages 1.0" - SQL Injection Vulnerability found by: LidlosesAuge Contact ICQ: 120946783 Greetz to: free-hack.com Vulnerability: Document: pages.php GET-Parameter: page Dork: inurl:"pages.php" + intext:"powered by&...

724CMS <= 4.01 Enterprise (index.php ID) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================================== 724CMS = 4.01 Enterprise index.php ID SQL Injection Vulnerability ==================================================================== 724CMS = 4.01 Enterprise - SQL...

Blog PixelMotion (index.php categorie) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== Blog PixelMotion index.php categorie SQL Injection Vulnerability ================================================================== Blog Pixel Motion Sql Injection...

MyBB Plugin Custom Pages 1.0 - SQL Injection

MyBulletin Board MyBB Plugin "Custom Pages 1.0" - SQL Injection Vulnerability found by: LidlosesAuge Greetz to: free-hack.com Vulnerability: Document: pages.php GET-Parameter: page Dork: inurl:"pages.php" + intext:"powered by mybb" Example:...

Cobalt 0.1 - Multiple SQL Injections

---------------------------------------- CoBaLT v1.0 Remote SQL Ä°njection Vulnerabiltiy Discovered : U238 Mail : [email protected] WebPage : http://ugur238.org The End Script: http://www.aspindir.com/indir.asp?ID=5414 Script Alternativ :...

CoBaLT 0.1 Multiple Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ======================================================== CoBaLT 0.1 Multiple Remote SQL Injection Vulnerabilities ======================================================== ---------------------------------------- CoBaLT v1.0 Remote SQL...

Wordpress Plugin Download (dl_id) SQL Injection Vulnerability

No description provided by source. Wordpress Plugin Download file Remote SQL Injection Vulnerability Author: BL4CK Mail: [email protected] Dork: inurl:"wp-download.php?dlid=" Example: http://localhost/path/path/path/wp-download.php?dlid=SQL SQL:...

digidomain-xss.txt

Hello i'm re-posting this message from the actual message which was on Tue-29 May 2007 becuase my old message got live example , anyway : Vulnerable : DigiDomain Version: 2.2 web : http://www.digiappz.com XSS : 1- http://site.com/lookup/lookupresult.asp?domain=XSS&tld=.com 2-...

easyclanpage-sql.txt

.-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-. Easy-Clanpage v2.2 gallery Remote SQL Injection Vulnerability .-=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=-. + Author: n3w7u + Mail: [email protected] + Source:...

PHP-Nuke Yellow_Pages Module - &#039;cid&#039; SQL Injection

source: https://www.securityfocus.com/bid/28109/info The YellowPages module for PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

eazyportal-sql.txt

!/usr/bin/perl Vendor url: http://www.eazyportal.com/ by Iron - http://www.randombase.com exploit goes through $COOKIE use LWP::UserAgent; use MIME::Base64; print " EazyPortal ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .= "/"; print "User id to retrieve...

SLAED CMS 'index.php'本地文件包含漏洞

BUGTRAQ ID: 27426 CNCAN ID:CNCAN-2008012406 SLAED CMS是一款基于PHP的WEB应用程序。 SLAED CMS不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 问题是由于'index.php'脚本对用户提交的'newlang'参数处理缺少充分过滤，提交本地系统文件作为包含对象，可导致以WEB权限查看系统文件内容。 SLAED CMS 2.5 Lite 厂商解决方案 目前没有详细解决方案提供： http://www.slaed.net/...

ZeroCMS 1.0 Alpha - Arbitrary File Upload SQL Injection

ZeroCMS 1.0 Alpha - Arbitrary File Upload SQL Injection | | | / | |\ \ / | / |/ | | | | |/ \ | | | |||| | | /| / / | | Zero CMS Remote Arbitrary File Upload / SQL Injections | | Version: = 1.0 Alpha Last | | Vendor: www.zero-cms.com | | Discovered by: KiNgOfThEwOrLd | | Intro: | | | | An...

zerocms-sql.txt

| | | / | |\ \ / | / |/ | | | | |/ \ | | | |||| | | /| / / | | Zero CMS Remote Arbitrary File Upload / SQL Injections | | Version: = 1.0 Alpha Last | | Vendor: www.zero-cms.com | | Discovered by: KiNgOfThEwOrLd | | Intro: | | | | An attacker can bypass the avatar upload extension filter editing...

WebSihirbazi 5.1.1 (pageid) Remote SQL Injection Vulnerability

No description provided by source. ||---------------------------------------------------------------------- | Title : websihirbazi v5.1.1 Remote Blind SQL Injection Vulnerability| ||---------------------------------------------------------------------- | AUTHOR: bypas |...

Simple HTTPD <= 1.41 (/aux) Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ============================================================ Simple HTTPD = 1.41 /aux Remote Denial of Service Exploit ============================================================ usage: poc.py host port import socket import sys print...

patbb-rfi.txt

Link to download: http://www.php-tools.net/site.php?file=patBBCode/overview.xml Vuln file: examples\patExampleGen\bbcodeSource.php Vuln code: if !isset $GET'example' die 'No example selected.' ; $exampleId = $GET'example'; obstart; // make the example think it's still in the right place chdir '.....

patBBcode 1.0 - &#039;bbcodeSource.php&#039; Remote File Inclusion

Link to download: http://www.php-tools.net/site.php?file=patBBCode/overview.xml Vuln file: examples\patExampleGen\bbcodeSource.php Vuln code: if !isset $GET'example' die 'No example selected.' ; $exampleId = $GET'example'; obstart; // make the example think it's still in the right place chdir '.....