142 matches found
WordPress Woopra plugin remote PHP arbitrary code execution exploit.
No description provided by source. Exploit Title: woopra plugins execute arbitrary PHP code Exploit Google Dork: inurl:/plugins/woopra/inc/php-ofc-library , inurl:wp-content/plugins/woopra/inc/ Date: 06-10-2013 Exploit Author: wantexz Vendor Homepage:wordpress.org/plugins/woopra/ Software Link:...
Mandrake Linux Security Advisory : xpdf (MDKSA-2000:041-1)
There is a potential race condition when using tmpnam and fopen in xpdf versions prior to 0.91. This exploit can be only used as root to overwrite arbitrary files if a symlink is created between the calls to tmpname and fopen. There is also a problem with malicious URL-type links in PDF documents...
phpcms-exp 0day-vulnerability warning-the black bar safety net
Reprinted from dis9.com ---------------------- ? php errorreportingEERROR; settimelimit0; $keyword=’inurl:about/joinus’ ; // batch keywords $timeout = 1; $stratpage = 1; $lastpage = 1 0 0 0 0 0 0 0; for $i=$stratpage ; $i=$lastpage ; $i++ $array=ReadBaiduList$keyword,$timeout,$i; foreach $array a...
kuwebs cool the weft enterprise website management system to discover the source code of built-in Backdoor-vulnerability warning-the black bar safety net
Disclosure of status: 2012-02-17: positive contact vendors and wait for manufacturers to claim, details not open to the public 2012-02-17: the vendors have actively ignored vulnerabilities, the details disclosed to the public Brief description: The source code in the presence of a get back the...
CMSmini 0.2.2 Local File Inclusion
Exploit for php platform in category web applications Exploit Title: CMSmini 0.2.2 Local File Inclusion Date: 2011.10.20 Author: I2Sec5-BSK Software Link: http://sourceforge.net/projects/cmsmini/ Version: CMSmini 0.2.2 Tested on: Windows XP --------------------------------------------------...
VMCPlayer 1.0 Denial of Service
Exploit for windows platform in category dos / poc done by BraniX www.hackers.org.pl found: 2011.03.22 published: 2011.03.22 tested on: Windows XP SP3 Home Edition App: VMCPlayer 1.0 App Url: http://files.videomobileconverter.com/vmcplayer.exe VMCPlayer.exe MD5: 8a98ffbb404731f8f5ffbf3eaf30a327...
VMCPlayer 1.0 Denial Of Service
done by BraniX www.hackers.org.pl found: 2011.03.22 published: 2011.03.22 tested on: Windows XP SP3 Home Edition App: VMCPlayer 1.0 App Url: http://files.videomobileconverter.com/vmcplayer.exe VMCPlayer.exe MD5: 8a98ffbb404731f8f5ffbf3eaf30a327 VMCPlayer can be DoS'ed in two or probably more ways...
MetInfo 2.0 PHP代码注入漏洞
MetInfo企业网站管理系统是一个功能完善的营销型企业网站管理平台,PHP+MYSQL架构 MetInfo 2.0的/include/common.inc.php文件第132行: evalbase64decode$class2all10; $class2all10变量未初始化,因此我们可以控制其值,进行代码注入的利用。 MetInfo 2.0 SEBUG临时解决方法: 对$class2all10变量进行初始化 厂商补丁: metinfo ----- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.metinfo.cn...
Поиск уязвимостей в веб приложениях
В этой статье я собрал интересные на мой взгляд ошибки в php скриптах. Но для начала, описание некоторых параметров PHP-интерпретатора: Цитата: registerglobals = ON - все переменные регистрируются как глобальные; magicquotesgpc = ON - в массивах POST, GET, COOKIE экранируются кавычки и опасные...
School Data Navigator (page) Local/Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications ====================================================================== School Data Navigator page Local/Remote File Inclusion Vulnerability ======================================================================...
Podcast Generator 1.2 - 'GLOBALS[]' Multiple Vulnerabilities
++ | Podcast Generator RFI | | | magicquotesgpc=off -- LFI | +-------------------------+-----------------------------------------------------------+ | delete.php?GLOBALSamilogged=true&file&GLOBALSabsoluteurl= | | admin.php?p=admin&GLOBALSabsoluteurl= | |...
Webboard <= v.2.90 beta Remote File Disclosure Vulnerability
No description provided by source. Webboard = v.2.90 beta Remote File Disclosure Vulnerability ============================================================= Author: MrDoug Email: mrdoug13 at gmail dot com Greetz to all my friends ============================================================= There...
Webboard 2.90 Beta File Disclosure
Webboard = v.2.90 beta Remote File Disclosure Vulnerability ============================================================= Author: MrDoug Email: mrdoug13 at gmail dot com Greetz to all my friends ============================================================= There are 3 vulnerable calls to fopen in...
Webboard <= v.2.90 beta Remote File Disclosure Vulnerability
Exploit for unknown platform in category web applications ============================================================ Webboard = v.2.90 beta Remote File Disclosure Vulnerability ============================================================ Webboard = v.2.90 beta Remote File Disclosure Vulnerabili...
212Cafe WebBoard 2.90 Beta - Remote File Disclosure
Webboard = v.2.90 beta Remote File Disclosure Vulnerability ============================================================= Author: MrDoug Email: mrdoug13 at gmail dot com Greetz to all my friends ============================================================= There are 3 vulnerable calls to fopen in...
212Cafe WebBoard 2.90 Beta - Remote File Disclosure
212Cafe WebBoard 2.90 Beta - Remote File Disclosure Webboard = v.2.90 beta Remote File Disclosure Vulnerability ============================================================= Author: MrDoug Email: mrdoug13 at gmail dot com Greetz to all my friends...
Zoom Player Pro 3.30 - .m3u Local Buffer Overflow (SEH)
Zoom Player Pro 3.30 - .m3u Local Buffer Overflow SEH ?php / Zoom Player Pro v.3.30 .m3u file buffer overflow exploit seh by Nine:Situations:Group::surfista seems the same of http://secunia.com/advisories/28214/ bug found by Luigi Auriemma no full working exploit out, so I made my test version / ...
Coppermine Photo Gallery 1.4.19 File Upload
Written By Michael Brooks Special thanks to str0ke! Coppermine Photo gallery - Remote PHP File Upload Affects: v1.4.19 Homepage: http://coppermine-gallery.net/ 5,239,057 downloads from sf.net! For this attack we need registerglobals=on . The problem is that the anti-registerglobals security can b...
Gallery Kys 1.0 Admin Password Disclosure / Permanent XSS Vulns
No description provided by source. START 0x01 Informations: Script : Gallery Kys 1.0 Download : http://www.advancescripts.com/djump.php?ID=6285 Vulnerability : Admin Password Disclosure / Permanent XSS Author : Osirys Contact : osirysatlivedotit Website : http://osirys.org 0x02 Bug: Admin Passwor...
Gallery Kys 1.0 - Admin Password Disclosure Persistent Cross-Site Scripting
Gallery Kys 1.0 - Admin Password Disclosure Persistent Cross-Site Scripting START 0x01 Informations: Script : Gallery Kys 1.0 Download : http://www.advancescripts.com/djump.php?ID=6285 Vulnerability : Admin Password Disclosure / Permanent XSS Author : Osirys Contact : osirysatlivedotit Website :...