8 matches found
EUVD-2006-0486
Malware in sbrugna...
XAMPP 1.6.8 - (CSRF) Change Administrative Password Exploit
No description provided by source. XAMPP change administrative password: -------------------------------------------------------------------------------- Written by Michael Brooks special thanks to str0ke Affects XAMPP 1.6.8. homepage: http://www.apachefriends.org/ XAMPP has 17+ million downloads...
Destoon 20140530最新版超全局变量覆盖导致的安全问题(官方demo演示)
简要描述: 短时间没找到合适的注入 找了个任意文件读取发上来了 详细说明: 代码片段0x1 /common.inc.php行17 None 这里用$GET配合上传unset了$FILES然后在extract$POST的时候重新初始化了$FILES 随便选个文件提交拦下数据包 修改 Content-Disposition: form-data; name="file"; filename="" 中的filename字段为空 如图就返回了我们要读取的文件了 漏洞证明:...
Coppermine Photo Gallery 1.4.19 - Remote File Upload
Coppermine Photo Gallery 1.4.19 - Remote File Upload Written By Michael Brooks Special thanks to str0ke! Coppermine Photo gallery - Remote PHP File Upload Affects: v1.4.19 Homepage: http://coppermine-gallery.net/ 5,239,057 downloads from sf.net! For this attack we need registerglobals=on . The...
Coppermine Photo Gallery 1.4.19 Remote PHP File Upload Vulnerability
Exploit for unknown platform in category web applications ==================================================================== Coppermine Photo Gallery 1.4.19 Remote PHP File Upload Vulnerability ==================================================================== Written By Michael Brooks...
Coppermine Photo Gallery 1.4.19 - Remote File Upload
Written By Michael Brooks Special thanks to str0ke! Coppermine Photo gallery - Remote PHP File Upload Affects: v1.4.19 Homepage: http://coppermine-gallery.net/ 5,239,057 downloads from sf.net! For this attack we need registerglobals=on . The problem is that the anti-registerglobals security can b...
XAMPP 1.6.8 (XSRF) Change Administrative Password Exploit
No description provided by source. XAMPP change administrative password: -------------------------------------------------------------------------------- Written by Michael Brooks special thanks to str0ke Affects XAMPP 1.6.8. homepage: http://www.apachefriends.org/ XAMPP has 17+ million downloads...
XAMPP 1.6.8 Password Exploit
XAMPP change administrative password: -------------------------------------------------------------------------------- Written by Michael Brooks special thanks to str0ke Affects XAMPP 1.6.8. homepage: http://www.apachefriends.org/ XAMPP has 17+ million downloads from sourceforge.net...