CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

exploitpack•added 2009/12/19 12:0 a.m.•8 views

CFAGCMS - SQL Injection

CFAGCMS - SQL Injection Exploit Title: CFAGCMS SQL Injection Exploit Date: 20-12-2009 Author: cr4wl3r Software Link: http://sourceforge.net/project/showfiles.php?groupid=197936 Version: N/A Tested on: GNU/LINUX Code right.php $title = $GET'title'; $query = "SELECT FROM pages WHERE title =...

0.4AI score

exploitpack•added 2009/12/19 12:0 a.m.•11 views

Lizard Cart - Multiple SQL Injections

Lizard Cart - Multiple SQL Injections Exploit Title: Lizard Cart Multiple SQL Injection Exploit Date: 20-12-2009 Author: cr4wl3r Software Link: http://sourceforge.net/projects/lizardcart/ Version: N/A Tested on: GNU/LINUX Code detail.php $dbResult = mysqlquery"select from products where id='$id'"...

0.2AI score

Exploit DB•added 2009/12/19 12:0 a.m.•34 views

CFAGCMS - SQL Injection

Exploit Title: CFAGCMS SQL Injection Exploit Date: 20-12-2009 Author: cr4wl3r Software Link: http://sourceforge.net/project/showfiles.php?groupid=197936 Version: N/A Tested on: GNU/LINUX Code right.php $title = $GET'title'; $query = "SELECT FROM pages WHERE title = '".$title."'"; $result =...

Exploit DB•added 2009/12/19 12:0 a.m.•42 views

3Com OfficeConnect Routers - Remote Denial of Service

Model - Tested on 3Com OfficeConnect ADSL Wireless 11g Firewall Router 3CRWDR100A-72 and 3CRWDR100Y-72 Software Version - Tested on 2.06T13 Apr 2007, last version for these routers Attacker - Tested from GNU/Linux Sidux and Ubuntu Exploit languaje - Ruby Type - Remote Denial of Service Exploit by...

seebug.org•added 2009/12/19 12:0 a.m.•13 views

Ptag <= 4.0.0 Multiple RFI Exploit

No description provided by source. Exploit Title: Ptag = 4.0.0 Multiple RFI Exploit Date: 19-12-2009 Author: cr4wl3r Software Link: http://sourceforge.net/projects/ptag/ Version: N/A Tested on: GNU/LINUX Code session.php ?php //Plottable Tagboard Systems Version 4.0.0 - ROLAND //Session handling...

seebug.org•added 2009/12/19 12:0 a.m.•7 views

Lizard Cart Multiple SQL Injection Exploit

No description provided by source. Exploit Title: Lizard Cart Multiple SQL Injection Exploit Date: 20-12-2009 Author: cr4wl3r Software Link: http://sourceforge.net/projects/lizardcart/ Version: N/A Tested on: GNU/LINUX Code detail.php $dbResult = mysqlquery"select from products where id='$id'"; P...

exploitpack•added 2009/12/19 12:0 a.m.•16 views

Saurus CMS 4.6.4 - Multiple Remote File Inclusions

Saurus CMS 4.6.4 - Multiple Remote File Inclusions Exploit Title: SaurusCMS = 4.6.4 Multiple RFI Exploit Date: 19-12-2009 Author: cr4wl3r Software Link: http://www.saurus.info Version: N/A Tested on: GNU/LINUX Code class.writeexcelworkbook.inc.php global $classpath; requireonce...

0.3AI score

exploitpack•added 2009/12/19 12:0 a.m.•8 views

FestOs 2.2.1 - Multiple Remote File Inclusions

FestOs 2.2.1 - Multiple Remote File Inclusions Exploit Title: FestOs $reports header"Location:index.php"; include "includes/reportheader.php"; ? 3xplo!t : festospath/admin/reportsplacement.php?ABSOLUTEFILEPATH=Shell Code : FestOS.php requireonce$config'ABSOLUTEFILEPATH'."core/sessions.php"; 3xplo...

0.1AI score

0day.today•added 2009/12/19 12:0 a.m.•25 views

CFAGCMS SQL Injection Exploit

Exploit for unknown platform in category web applications ============================= CFAGCMS SQL Injection Exploit ============================= Exploit Title: CFAGCMS SQL Injection Exploit Date: 20-12-2009 Author: cr4wl3r Software Link:...

Exploit DB•added 2009/12/19 12:0 a.m.•31 views

Saurus CMS 4.6.4 - Multiple Remote File Inclusions

Exploit Title: SaurusCMS = 4.6.4 Multiple RFI Exploit Date: 19-12-2009 Author: cr4wl3r Software Link: http://www.saurus.info Version: N/A Tested on: GNU/LINUX Code class.writeexcelworkbook.inc.php global $classpath; requireonce $classpath."excel/class.writeexcelbiffwriter.inc.php"; requireonce...

Exploit DB•added 2009/12/19 12:0 a.m.•30 views

Lizard Cart - Multiple SQL Injections

Exploit Title: Lizard Cart Multiple SQL Injection Exploit Date: 20-12-2009 Author: cr4wl3r Software Link: http://sourceforge.net/projects/lizardcart/ Version: N/A Tested on: GNU/LINUX Code detail.php $dbResult = mysqlquery"select from products where id='$id'"; PoC lizardcartpath/detail.php?id=SQL...

7AI score

Packet Storm•added 2009/12/18 12:0 a.m.•15 views

gpEasy 1.5RC3 Remote File Inclusion

Exploit Title: gpEasy = 1.5RC3 Remote FIle Include Exploit Date: 18-12-2009 Author: cr4wl3r Software Link: http://sourceforge.net/projects/gpeasy/files/ Version: N/A Tested on: GNU/LINUX Code adminpassword.php : requireonce$GLOBALS'rootDir'.'/include/admin/adminusers.php'; 3xplo!t :...

0.4AI score

0day.today•added 2009/12/18 12:0 a.m.•19 views

gpEasy <= 1.5RC3 Remote FIle Include Exploit

Exploit for unknown platform in category web applications ============================================ gpEasy = 1.5RC3 Remote FIle Include Exploit ============================================ Exploit Title: gpEasy = 1.5RC3 Remote FIle Include Exploit Date: 18-12-2009 Author: cr4wl3r Software Link...

Packet Storm•added 2009/12/18 12:0 a.m.•18 views

F3Site2009 Local File Inclusion

Exploit Title: F3Site2009 Multiple LFI Exploit Date: 18-12-2009 Author: cr4wl3r Software Link: http://code.google.com/p/f3site/ Version: N/A Tested on: GNU/LINUX Code poll.php : iffileexists'./cache/poll'.$GLOBALS'nlang'.'.php': include'./cache/poll'.$GLOBALS'nlang'.'.php'; 3xplo!t :...

seebug.org•added 2009/12/18 12:0 a.m.•9 views

gpEasy <= 1.5RC3 Remote FIle Include Exploit

No description provided by source. Exploit Title: gpEasy = 1.5RC3 Remote FIle Include Exploit Date: 18-12-2009 Author: cr4wl3r Software Link: http://sourceforge.net/projects/gpeasy/files/ Version: N/A Tested on: GNU/LINUX Code adminpassword.php :...

seebug.org•added 2009/12/18 12:0 a.m.•10 views

F3Site2009 Multiple LFI Exploit

No description provided by source. Exploit Title: F3Site2009 Multiple LFI Exploit Date: 18-12-2009 Author: cr4wl3r Software Link: http://code.google.com/p/f3site/ Version: N/A Tested on: GNU/LINUX Code poll.php : iffileexists'./cache/poll'.$GLOBALS'nlang'.'.php':...