209 matches found
LinPHA <= 1.3.1 (new_images.php) Remote Blind SQL Injection Exploit
No description provided by source. ?php / LinPHA = 1.3.1 newimages.php Remote Blind SQL Injection Hash Fishing Exploit / BENCHMARK method author...: EgiX mail.....: n0b0d1esathotmaildotcom link.....: http://linpha.sourceforge.net/ dork.....: LinPHA Version 1.3.x or The LinPHA developers vulnerabl...
Auto CMS <= 1.8 - Remote Code Execution
No description provided by source. ?php / ===================================== Auto CMS = 1.8 Remote Code Execution ===================================== Author: giudinvx Email: giudinvxatgmaildotcom Date: 10/31/2010 Site: http://www.giudinvx.altervista.org/ Site CMS: http://ventics.com/autocms/...
RoSPORA <= 1.5.0 - Remote PHP Code Injection
No description provided by source. ?php / -------------------------------------------------- RoSPORA = 1.5.0 Remote PHP Code Injection Exploit -------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://code.google.com/p/rospora/ This PoC...
Wordpress Zingiri Plugin <= 2.2.3 (ajax_save_name.php) Remote Code Execution
No description provided by source. ?php / ------------------------------------------------------------------------ Wordpress Zingiri Web Shop Plugin = 2.2.3 Remote Code Execution Exploit ------------------------------------------------------------------------ author...............: Egidio Romano...
FusionPHP Fusion News 3.3/3.6 X-ForwordedFor PHP Script Code Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13661/info FusionPHP Fusion News is prone to a remote PHP code injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This may facilitate unauthorized access. ...
MyCMS <= 0.9.8 - Remote Command Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo MyCMS = 0.9.8 Remote Command Execution Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love ; if $argc3 echo Usage: php .$argv0. Host Path C...
FLABER <= 1.1 RC1 Remote Command Execution Exploit
No description provided by source. ?php / -------------------------------------------------- FLABER = 1.1 RC1 Remote Command Execution Exploit -------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://sourceforge.net/projects/flaber -...
LinPHA <= 1.3.3 (maps plugin) Remote Command Execution Exploit
No description provided by source. ?php / -------------------------------------------------------------- LinPHA = 1.3.3 maps plugin Remote Command Execution Exploit -------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...
PhpWebGallery <= 1.7.2 Session Hijacking / Code Execution Exploit
No description provided by source. ?php / ------------------------------------------------------------------------ PhpWebGallery = 1.7.2 Remote Session Hijacking / Code Execution Exploit ------------------------------------------------------------------------ author...: EgiX mail.....:...
MyCMS <= 0.9.8 - Remote Command Execution Exploit (2 method)
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo MyCMS = 0.9.8 Remote Command Execution Exploit 2 method by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love ; if $argc3 echo Usage: php .$argv0. Ho...
Drake CMS <= 0.4.11 Remote Blind SQL Injection Exploit
No description provided by source. ?php / ------------------------------------------------------ Drake CMS = 0.4.11 Remote Blind SQL Injection Exploit ------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://drakecms.sourceforge.net...
phpFox <= 3.0.1 (ajax.php) Remote Command Execution Exploit
No description provided by source. ?php / ----------------------------------------------------------- phpFox = 3.0.1 ajax.php Remote Command Execution Exploit ----------------------------------------------------------- author.............: Egidio Romano aka EgiX mail...............:...
Coppermine Photo Gallery <= 1.4.14 Remote SQL Injection Exploit
No description provided by source. ?php RST/GHC PRIVATE CPG 1.4.10 sql injection exploit Date: 17.05.07 bug: SQL injection in private album function through array indexes with COOKIE errorreporting EERROR; inisetmaxexecutiontime,0; intro; if $argc 4 print Usage: . $argv0 . host dir force table...
PHP-Nuke 7.x Block-Old_Articles.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22037/info PHP-Nuke is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
PHPcounter <= 1.3.2 (index.php name) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/php -q ?php // PHPcounter = 1.3.2 Remote SQL Injection Exploit // Discovered By: StAkeR - StAkeRathotmaildotit // Discovered On: 28/09/2008 // Download: http://sourceforge.net/projects/phpcounter/ errorreporting0; $host = $argv1 or banner; $path = $arg...
Goople <= 1.8.2 (frontpage.php) Blind SQL Injection Exploit
No description provided by source. --+++=========================================================+++-- --+++====== Goople = 1.8.2 Blind SQL Injection Exploit ======+++-- --+++=========================================================+++-- !/usr/bin/php ? function usage echo \n+ Goople = 1.8.2 Blin...
PHP 4/5 Input/Output Wrapper Remote Include Function Command Execution Weakness
No description provided by source. source: http://www.securityfocus.com/bid/10427/info PHP is reportedly affected by an arbitrary command-execution weakness through the PHP 'include' function. This issue is due to a design error that allows the execution of attacker-supplied POST PHP commands whe...
iPlanet 4.1 Web Publisher Remote Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/2732/info iPlanet Webserver is an http server product offered by the Sun-Netscape Alliance. By sending a specially crafted request composed of at least 2000 characters it is possible to cause a buffer overflow. This could...
Joomla 1.5.12 read/exec remote files
No description provided by source. ?php / Copyright c ITIX LTD This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at your option any later...
Community CMS <= 0.4 (/index.php id) Blind SQL Injection Exploit
No description provided by source. --+++==============================================================+++-- --+++====== Community CMS = 0.4 Blind SQL Injection Exploit ======+++-- --+++==============================================================+++-- ?php function query $user, $pos, $chr $query...