PHP::HTML 0.6.4 (phphtml.php) Remote File Inclusion Vulnerability

No description provided by source. phphtml v 0.6.4 FOUND BY : o0xxdark0o Website: http://www.sitellite.org/ DOWNLOAD : http://sourceforge.net/projects/phphtml REMOTE FILE INCLUDE FILE : PATH\phphtml.php EXP: xxx.com\path\phphtml.php?htmlclasspath=SH3ll.txt? CODE: on line 19 ? define PHPHTMLVERSIO...

apache mod rewrite exploit (win32)

No description provided by source. / apache mod rewrite exploit win32 By: fabio/b0x oc-192, old CoTS member Vuln details: http://www.securityfocus.com/archive/1/archive/1/443870/100/0/threaded Code: bind shell on port 4445, tested on apache 2.0.58 with modrewrite windows 2003...

tomcat XSS in example webapps

Cross-site scripting XSS vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via the time parameter to cal2.jsp and possibly...

Ol Bookmarks Manager 0.7.4 Remote SQL Injection Vulnerability

No description provided by source. ========================================================================== Ol Bookmarks Manager 0.7.4 root Remote SQL Injection Vulnerabilities ========================================================================== Found by: Cyber-Security...

Zomplog <= 3.8 (mp3playlist.php speler) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/python ---------------------------------------------------------------------------------- The sql injection : /zomplog-3.8/plugins/mp3playlist/mp3playlist.php?speler=sql I've code a sploit for the fun x...

Ol BookMarks Manager 0.7.4 - SQL Injection

========================================================================== Ol Bookmarks Manager 0.7.4 root Remote SQL Injection Vulnerabilities ========================================================================== Found by: Cyber-Security...

PHPGlossar Format_Menue远程文件包含漏洞

PHPGlossar是一款基于PHP的WEB应用程序。 PHPGlossar不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是多个脚本对用户提交的'formatmenue'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 PHPGlossar 0.8 目前没有解决方案提供： http://www.crear.de/2003/dienste/phpdownloadlinks0.6/loadpage.php?uid=7...

Apache Tomcat 6.0.10 - Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities

Apache Tomcat 6.0.10 - Documentation Sample Application Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/24058/info Apache Tomcat's documentation web application includes a sample application that is prone to multiple cross-site scripting vulnerabilities...

PHPGlossar 0.8 - 'format_menue' Remote File Inclusion

?????????? ??????????????? ??????????????????? ??????????????????????? ?????????????????????????? ?????????????????????????????? ????????????????????????????????? ??????????????????????????????????? ????????????????????????????????????? ???????????????????????????????????????...

phpAtm 1.30 (downloadfile) Remote File Disclosure Vulnerability

No description provided by source. download page in : http://phpatm.free.fr/ bug in : phpatm injection attack : index.php?action=downloadfile&filename=index.php&directory=../& Dork in google : "powered by php advanced transfer manager" example :...

phpAtm 1.30 - 'downloadfile' Remote File Disclosure

download page in : http://phpatm.free.fr/ bug in : phpatm injection attack : index.php?action=downloadfile&filename=index.php&directory=../& Dork in google : "powered by php advanced transfer manager" example :...

Sun Microsystems Solaris SRSEXEC 3.2.x - Arbitrary File Read Local Information Disclosure

source: https://www.securityfocus.com/bid/23915/info Sun Microsystems Solaris is prone to a local information-disclosure vulnerability due to a design error. A local attacker may exploit this issue to access sensitive information, including superuser password information, that may lead to further...

tomcat manager example DoS

Multiple cross-site scripting XSS vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 el/functions.jsp, 2 el/implicit-objects.jsp, and 3 jspx/textRotate.jspx in examples/jsp2/, as demonstrated via...

phpcoupon-sql.txt

============================================== PHP Coupon Script 3.0 Remote SQL Injection ============================================== Found: Cyber-Security.org ============================================== Script site: http://www.couponscript.com/ =============================================...

preshop-sql.txt

============================================== Pre Shopping Mall v1.0 Remote SQL Injection ============================================== Found: Cyber-Security.org ============================================== Exploit:...

pnflash-sql.txt

============================================================ PostNuke pnFlashGames Module v1.5 REmote SQL Injection ============================================================ Bulan: xoron xoron.biz + Love's the funeral of hearts The funeral of hearts And a plea for mercy When love is a gun...

PHPBandManager 0.8 - 'index.php?pg' Remote File Inclusion

author:koray greetz:cigicigi.net script:http://sourceforge.net/projects/phpbandmanager allowurlfopen:on or registerglobals:on vuln; /bandmanager/suite/index.php include$GET'pg'.".php"; example; http://www.victim.com/suite/index.php?pg=shell link? milw0rm.com 2007-04-26...

PHP Turbulence Turbulence.PHP远程文件包含漏洞

PHP Turbulence是一款基于PHP的WEB应用程序。 PHP Turbulence不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Turbulence.PHP'脚本对用户提交的'GLOBALStcore'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 PHP Turbulence 0.0.1 alpha 目前没有解决方案提供： http://turbulence.sourceforge.net/...

SunShop Shopping Cart 3.5/4.0 (abs_path) RFI Vulnerabilities

No description provided by source. sunshop 4 index.php Remote File Include Vulnerability ----------------------------------------------------------------------------------------- scripts : SunShop v3.5/4.0 Discovered By : irvian scripts site : http://www.turnkeywebtools.com/sunshop/ Thanks To :...

RicarGBooK 1.2.1 (header.php lang) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ===================================================================== RicarGBooK 1.2.1 header.php lang Local File Inclusion Vulnerability =====================================================================...