Lucene search
+L

209 matches found

Exploit DB
Exploit DB
added 2006/04/10 12:0 a.m.37 views

phpList 2.10.2 - 'GLOBALS[]' Remote Code Execution

!/usr/bin/php -q -d shortopentag=on this works against registerglobals=On \r\n"; echo "a dork: inurl:"lists/?p=subscribe" | inurl:"lists/index.php?p=subscribe"\r\n"; echo " -ubbi phplist\r\n\r\n"; if $argc4 echo "Usage: php ".$argv0." host path cmd OPTIONS\r\n"; echo "host: target server...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/04/06 12:0 a.m.26 views

phpMyChat 0.15.0dev - SYS enter Remote Code Execution

phpMyChat 0.15.0dev - SYS enter Remote Code Execution !/usr/bin/php -q -d shortopentag=on works with magicquotesgpc=Off\r\n\r\n"; echo "dork: intext:"2000-2001 The phpHeaven Team" -sourceforge\r\n\r\n"; if $argc4 echo "Usage: php ".$argv0." host path cmd OPTIONS\r\n"; echo "host: target server...

0.4AI score
Exploits0
NVD
NVD
added 2005/12/31 5:0 a.m.16 views

CVE-2005-4700

TellMe 1.2 and earlier, when the Server oServer and HEAD oHead options are enabled, allows remote attackers to obtain sensitive information via an invalid qHost parameter, which reveals the full pathname of the application in an fsockopen error message...

5CVSS6.2AI score0.01531EPSS
Exploits1References5
seebug.org
seebug.org
added 2005/09/07 12:0 a.m.27 views

PBLang <= 4.65 Remote Command Execution Exploit (2)

No description provided by source. ?php | | | PBLang = 4.65 remote commands exec exploit | | tested on 4.65 | | coded by Pengo 2005 RST/GHC | | http://rst.void.ru | | http://ghc.ru | | | WARNING! This exploit is successfully work when magicquotesrpc off = D:\httpd\phpphp.exe ..\www\r57pblang465.p...

7.1AI score
Exploits0
0day.today
0day.today
added 2005/06/25 12:0 a.m.111 views

UBB Threads < 6.5.2 Beta (mailthread.php) SQL Injection Exploit

Exploit for unknown platform in category web applications =============================================================== UBB Threads Alphaprogrammer , Oilkarchack , TheCephaleX , Str0ke And Iranian Hacking & Security Teams : IHS TeaM , alphaST , Shabgard Security Team , Emperor Hacking Team ,...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2005/06/17 12:0 a.m.25 views

Claroline e-Learning &lt;= 1.6 Remote Hash SQL Injection Exploit

No description provided by source. ?php T r a p - S e t U n d e r g r o u n d H a c k i n g T e a m Vulnerable: Claroline E-Learning Application Exploit By : MHp0rtal Discovered By: Sieg Fried Gr33tz To == Alphaprogrammer , Oilkarchack , DrCephaleX , Str0ke And Iranian Hacking & Security Teams :...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2005/06/08 12:0 a.m.47 views

Invision Power Board 1.3.1 - &#039;login.php&#039; SQL Injection

?php / = 1.3.1 Final /str0ke / $server = "SERVER"; $port = 80; $file = "PATH"; $target = 81; / User id and password used to fake-logon are not important. '10' is a random number. / $id = 10; $pass = ""; $hex = "0123456789abcdef"; for$i = 1; $i = 32; $i++ $idx = 0; $found = false; while !$found...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/05/24 12:0 a.m.318 views

Fusionphp Fusion News 3.33.6 - X-Forworded-For PHP Script Code Injection

Fusionphp Fusion News 3.33.6 - X-Forworded-For PHP Script Code Injection source: https://www.securityfocus.com/bid/13661/info FusionPHP Fusion News is prone to a remote PHP code injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. Th...

Exploits0
securityvulns
securityvulns
added 2005/05/17 12:0 a.m.87 views

Fusion News v3.6.1 - remote shell exploit

? $copyr = " !!! PRIVATE !!! PRIVATE !!! PRIVATE !!! PRIVATE !!! PRIVATE !!! oooo...oooo.oooooooo8.ooooooooooo .8888o..88.888........88..888..88 .88.888o88..888oooooo.....888 .88...8888.........888....888 o88o....88.o88oooo888....o888o Network security team nst.void.ru Title: Fusion News v3.6.1...

7.1AI score
Exploits0
Rows per page
Query Builder