5 matches found
F3Site <= 2.1 - Remote Code Execution Exploit
No description provided by source. ? // //Kacper & str0ke Settings $exploitname = F3Site = 2.1 Remote Code Execution Exploit; $scriptname = F3Site 2.1; $scriptsite = http://dhost.info/compmaster/; $dork = 'Powered by F3Site'; //to work exploit you need admin session, and cookies prefix // print '...
Cross site scripting
Cross-site scripting XSS vulnerability in the news comment functionality in F3Site 2.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the Autor field...
CVE-2007-0763
CVE-2007-0763 is an XSS vulnerability in the news comment functionality of F3Site (versions 2.1 and earlier), exploitable via the Autor field to inject arbitrary script/HTML. The affected component is the news comments input processing; root cause is improper input handling leading to script exec...
CVE-2007-0764
CVE-2007-0764 concerns an unrestricted file upload in F3Site 2.1 and earlier . The vulnerability allows a remote authenticated administrator to upload and execute arbitrary PHP scripts by abusing a GIF86 header in a file passed via the uplf parameter , with the file later retrievable through a re...
F3Site 2.1 - Remote Code Execution
? // //Kacper & str0ke Settings $exploitname = "F3Site = 2.1 Remote Code Execution Exploit"; $scriptname = "F3Site 2.1"; $scriptsite = "http://dhost.info/compmaster/"; $dork = '"Powered by F3Site"'; //to work exploit you need admin session, and cookies prefix // print ' ::::::::: :::::::::: ::: :...