ASPired2Quote (quote.mdb) Remote Database Disclosure Vulnerability

No description provided by source. --------------------------------------------------------- Portal Name: ASPired2Quote Vendor : http://thenetguys.us/Home/Quote.asp Author : PouyaServer , [email protected] Vulnerability : DD --------------------------------------------------------- DD:...

z1exchange-sqlxss.txt

--------------------------------------------------------- Portal Name: z1exchange Download : http://1scripts.net/scripts/z1exchange.zip Author : PouyaServer , [email protected] Vulnerability : SQL,XSS --------------------------------------------------------- SQL:...

Ocean12 Mailing List Manager Gold - File Disclosure / SQL Injection / Cross-Site Scripting

--------------------------------------------------------- Portal Name: Ocean12 Mailing List Manager Gold Vendor : http://ocean12tech.com/products/o12mailgold Author : PouyaServer , [email protected] Vulnerability : DD,SQL,XSS --------------------------------------------------------- DD:...

sfshotornot-sql.txt

SFS EZ Hot or Notviewcomments.php?phid Remote SQL Injection Vulnerability =============================================================== ---------------------------------------------------------------- script : SFS EZ Hot ot Not script : http://www.scripts-for-sites.info Risk : High...

ayeview220-dos.txt

Name : AyeView v2.20 malformed gif image DoS Exploit Credit : suN8Hclf DaRk-CodeRs Group, [email protected] Download: : http://www.ayeview.com/downloads.htm Greetz : Luigi Auriemma, 0in, cOndemned, e.wiZz!, Gynvael Coldwind, Katharsis, all from dark-coders and others; PoC: !/usr/local/bin/pe...

FastStone Image Viewer 3.6 - '.BMP' Image Crash

Name : FastStone Image Viewer v3.6 malformed bmp image DoS Exploit Credit : suN8Hclf DaRk-CodeRs Group, [email protected] Download: : http://www.FastStone.org Greetz : Luigi Auriemma, 0in, cOndemned, e.wiZz!, Gynvael Coldwind, Katharsis, all from dark-coders and others; PoC:...

AyeView 2.20 - .GIF Image Local Crash

AyeView 2.20 - .GIF Image Local Crash Name : AyeView v2.20 malformed gif image DoS Exploit Credit : suN8Hclf DaRk-CodeRs Group, [email protected] Download: : http://www.ayeview.com/downloads.htm Greetz : Luigi Auriemma, 0in, cOndemned, e.wiZz!, Gynvael Coldwind, Katharsis, all from dark-code...

AyeView 2.20 (malformed gif image) Local Crash Exploit

No description provided by source. Name : AyeView v2.20 malformed gif image DoS Exploit Credit : suN8Hclf DaRk-CodeRs Group, [email protected] Download: : http://www.ayeview.com/downloads.htm Greetz : Luigi Auriemma, 0in, cOndemned, e.wiZz!, Gynvael Coldwind, Katharsis, all from dark-coders...

fuzzylime (cms) 3.01 Remote Command Execution Exploit

No description provided by source. !/usr/bin/perl fuzzylime 3.0.1 Perl exploit discovered & written by Ams [email protected] DESCRIPTION: There are availability to load files through script rss.php, and also there are unfiltered extract; usage. This exploit creates shell in...

sunshop-blindsql.txt

!/usr/bin/perl -w use LWP::UserAgent; scripts : SunShop Version 3.5.1 Remote Blind Sql Injection scripts site : http://www.turnkeywebtools.com/sunshop/ Discovered By : irvian site : http://irvian.cn email : [email protected] print "\r\n+-----------------------------------------+\r\n"; print...

EQDKP 1.3.2f (user_id) Authentication Bypass (PoC)

No description provided by source. ?php // EQDKP 1.3.2f Authentication Bypass PoC // [email protected] $data'autologinid' = 'x'; $data'userid' = "1' " . "UNION SELECT " . "1, " . // userid "'a', " . // username "'x', " . // userpassword &nbsp...

adv94-K-159-2008.txt

ECHOADV94$2008 ----------------------------------------------------------------------------------------- ECHOADV94$2008 Kmita Mail = 3.0 file Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran Addahroni...

DivX Player 6.7 - '.srt' File Subtitle Parsing Buffer Overflow

// Exploit.cpp : Defines the entry point for the console application. // include "stdafx.h" / DivX Player =6.7 srt subtitle parsing exploit Coded by [email protected] Tested on Windows XP SP2 + DivX Player 6.7.0 Credit to securfrog for his PoC Actually this exploit is not relevant to DivX 6.6....

Aztech ADSL2/2+ 4 Port default password

Playing around with the configuration files will reveal…..even though the admin accounts password has been changed, there is still another administrative account burried in there. username: isp password: isp Sneaks one past [email protected] http://www.elitter.net...

rxmaxsoft-sql.txt

Provozováno na RS MAXSOFT SQL-Injection PAGE:http://redakcni-system.maxsoft.cz/ AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : "RS MAXSOFT" DORK 2 : "Provozováno na RS MAXSOFT" you will see...

koobiprogal-sql.txt

Koobi Pro V6.25 gallerygalid AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : allinurl: galid "index.php?p=gallerypic" EXPLOiT :...

Dream4 Koobi Pro 6.25 Showimages - galid SQL Injection

Dream4 Koobi Pro 6.25 Showimages - galid SQL Injection Koobi Pro V6.25 showimages galid AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : allinurl: "index.php?area"galid EXPLOiT :...

joomlacinema-sql.txt

Joomla Component comcinema SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAiL : [email protected] DORK 1 : allinurl: "comcinema" EXPLOiT 1 :...

Joomla! Component Acajoom 1.1.5 - SQL Injection

Joomla Component comacajoom SQL Injection Author: fataku Mail : [email protected] Dorks 1 : inurl:"comacajoom" mailingid Sploit:...

xoopsdict-sql.txt

XOOPS Module dictionary0.94-0.91-0.70SQL Injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 MAİL : [email protected] DORK 1 : allinurl: "modules/dictionary" DORK 2 : allinurl: "modules/dictionary/print.php?id" EXPLOIT :...