51 matches found
EUVD-2008-6742
Malware in sbrugna...
Ramui Web Hosting Directory Script 4.0 RFI
Title: Ramui web hosting directory script 4.0 Remote File Include Vulnerability Author: bd0rk Twitter: twitter.com/bd0rk Vendor: http://www.ramui.com Download: http://ramui.com/directory-script/download-v4.html Proof-of-Concept: /gb/include/connection.php lines 6-13 in php-sourcecode class...
PHP Hosting Directory 2.0 Database Disclosure Exploit (.py)
No description provided by source. !/usr/bin/env python -- coding:cp1254 -- ''' Title : PHP Hosting Directory 2.0 Database Disclosure Exploit .py Author : ZoRLu / http://inj3ct0r.com/author/577 mail-msn : [email protected] Down. Script : - Proof :...
SoftBiz Web Hosting Directory Script 1.1 review.php sbres_id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15561/info Softbiz Web Host Directory Script is prone to multiple SQL injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it in an SQL query...
SoftBiz Web Hosting Directory Script 1.1 search_result.php cid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15561/info Softbiz Web Host Directory Script is prone to multiple SQL injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it in an SQL query...
SoftBiz Web Hosting Directory Script 1.1 browsecats.php cid Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/15561/info Softbiz Web Host Directory Script is prone to multiple SQL injection vulnerabilities. These issues occur because the application fails to properly sanitize user-supplied input before using it in an SQL query...
Hosting Directory CSRF Vulnerability
Exploit for php platform in category web applications Exploit Title: Hosting Directory CSRF Author: Jonturk75 Vendor or Software Link: http://www.scripts.com/viewscript/hosting-directory-script/27433/ Category:: webapps Demo : http://www.e-soft24.com/scripts/hosting-directory/admin Greetz: Inj3ct...
PHP Hosting Directory 2.0 Database Disclosure
!/usr/bin/env python -- coding:cp1254 -- ''' 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit Database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site :...
PHP Hosting Directory 2.0 - Database Disclosure (Python)
PHP Hosting Directory 2.0 - Database Disclosure Python !/usr/bin/env python -- coding:cp1254 -- ''' Title : PHP Hosting Directory 2.0 Database Disclosure Exploit .py Author : ZoRLu / http://inj3ct0r.com/author/577 mail-msn : [email protected] Down. Script : - Proof :...
PHP Hosting Directory 2.0 - Database Disclosure
!/usr/bin/env python -- coding:cp1254 -- ''' Title : PHP Hosting Directory 2.0 Database Disclosure Exploit .py Author : ZoRLu / http://inj3ct0r.com/author/577 mail-msn : [email protected] Down. Script : - Proof : http://img214.imageshack.us/img214/2407/directory.jpg Tested : Windows XP...
PHP Hosting Directory 2.0 background verification bypass vulnerability and fix-vulnerability warning-the black bar safety net
PHP Hosting Directory 2.0 program background verification is not strictly, can lead to bypass the password verification sign in the background. Google: "powered by PHP Hosting Directory 2.0" Default background:http://127.0.0.1/admin Use method: Do not need to enter any password, through cookies...
PHP Hosting Directory 2.0 background verification bypass vulnerability-vulnerability warning-the black bar safety net
PHP Hosting Directory 2.0 program background verification is not strictly, can lead to bypass the password verification sign in the background. Google: "powered by PHP Hosting Directory 2.0" Default background:http://127.0.0.1/admin Use method: Do not need to enter any password, through cookies...
PHP Hosting Directory 2.0 Insecure Cookie
----------------------------------------------------------------------- o X .@% @@@ @ @ @@ %X X@ @ @X% @X% X@ X@ o@ o X o @ % % X @ X X X@ X X % @o @%o @o% X @ % X.@@ o @o@ @ @XX X@ @ X @% X% %@@ X -----------------------------------------------------------------------...
PHP Hosting Directory 2.0 Admin Password Bypass Vulnerability
Exploit for php platform in category web applications ============================================================= PHP Hosting Directory 2.0 Admin Password Bypass Vulnerability ============================================================= Author: ruinerblackhat Version: Versin 2 My Group Web:...
Sql injection
SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field...
CVE-2008-6941
SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field...
CVE-2008-6940
CVE-2008-6940 affects TurnkeyForms Web Hosting Directory. The vulnerability stems from insufficient access control that allows remote attackers to access sensitive data stored under the web root, specifically enabling retrieval of a database backup via a direct request to admin/backup/db. The con...
CVE-2008-6941
The CVE-2008-6941 entry concerns a SQL injection in the login function of TurnkeyForms Web Hosting Directory, allowing remote attackers to execute arbitrary SQL commands via the password field. The NVD data indicates a high impact with a base score of 7.5 (Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P). Con...
CVE-2008-6939
TurnkeyForms Web Hosting Directory allows remote attackers to bypass authentication and 1 gain administrative privileges by setting the adm cookie to 1 or 2 gain privileges as another user by setting the logged cookie to the target username...
CVE-2008-6941
SQL injection vulnerability in the login functionality in TurnkeyForms Web Hosting Directory allows remote attackers to execute arbitrary SQL commands via the password field...