1147 matches found
FlySpray 0.9.7 - 'install-0.9.7.php' Remote Command Execution
works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Therefore the good fighter will be terrible in his onset, and prompt in his decision" / short explaination: found this bug in FlySpray, exploiting EGS Enterprise Groupware System 1.0 rc4, see this link for...
DocMGR 0.54.2 - file_exists Remote Command Execution
DocMGR 0.54.2 - fileexists Remote Command Execution works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "The quality of decision is like the well-timed swoop of a falcon which enables it to strike and destroy i...
SPIP 1.8.2g - Remote Command Execution
SPIP 1.8.2g - Remote Command Execution this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Fighting with a large army under your command is nowise different from fighting with a small one: it is merely a question of instituting...
Clever Copy 3.0 - Admin Auth Details / SQL Injection
this works with magicquotesgpc = Off usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "While heading the profit of my counsel, avail yourself also of any helpful circumstances over and beyond the ordinary rules" errorreporting0; iniset"maxexecutiontime",0;...
HTTP Proxy Detection
Binary data 3389.prm...
creLoaded 6.15 - HTMLAREA Automated Perl
creLoaded 6.15 - HTMLAREA Automated Perl !/usr/bin/perl creLoaded Rather simple exploit, but still an exploit nonetheless. Attempts to upload php script and utilise that to execute commands, and show off a fake shell. Can specify: User-defined PHP script or one provided in this script suits most...
creLoaded 6.15 - 'HTMLAREA' Automated Perl
!/usr/bin/perl creLoaded Rather simple exploit, but still an exploit nonetheless. Attempts to upload php script and utilise that to execute commands, and show off a fake shell. Can specify: User-defined PHP script or one provided in this script suits most occasions Additional variables to pass to...
creLoaded <= 6.15 (HTMLAREA) Automated Perl Exploit
No description provided by source. !/usr/bin/perl creLoaded = 6.15 HTMLAREA automated perl exploit hacked up by kaneda [email protected] Rather simple exploit, but still an exploit nonetheless. Attempts to upload php script and utilise that to execute commands, and show off a fake shell. C...
Ubuntu 4.10 / 5.04 : apache2 vulnerabilities (USN-160-1)
Marc Stern discovered a buffer overflow in the SSL module's certificate revocation list CRL handler. If Apache is configured to use a malicious CRL, this could possibly lead to a server crash or arbitrary code execution with the privileges of the Apache web server. CAN-2005-1268 Watchfire...
cijfer-mnxpl.pl.txt
!/usr/bin/perl Magic News Plus All rights reserved. An input validation flaw exists within 'settings.php' of Magic News Plus which can lead to the changing of the administrative password. Here is where the problem is line 108 of 426: ... 1 elseif $action == "change" ... 2 if $passwd !=...
WinProxy < 6.1a HTTP Proxy Multiple Vulnerabilities
The remote host is running WinProxy, a proxy server for Windows. The installed version of WinProxy's HTTP proxy fails to handle long requests as well as requests with long Host headers. An attacker may be able to exploit these issues to crash the proxy or even execute arbitrary code on the affect...
Magic News Plus 1.0.3 - Admin Pass Change
Magic News Plus 1.0.3 - Admin Pass Change !/usr/bin/perl Magic News Plus All rights reserved. An input validation flaw exists within 'settings.php' of Magic News Plus which can lead to the changing of the administrative password. Here is where the problem is line 108 of 426: ... 1 elseif $action ...
Blue Coat WinProxy proxy server multiple vulnerabilities
HTTP proxy buffer overflow and DoS, telnet proxy DoS...
Dev Web Management System <= 1.5 (cat) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications =================================================================== Dev Web Management System this works regardless of magicquotesgpc setting usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Prohibit the taking of...
ProjectForum 4.7.0 vuln.
ProjectForum 4.7.0 vuln. Vuln. dicovered by : r0t Date: 14 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/projectforum-470-vuln.html vendor:http://www.projectforum.com/pf/ affected version:4.7.0 and prior Product Description: ProjectForum provides a professional and easy-to-use...
SimpleBBS 1.1 - Remote Command Execution
this works regardless of magicquotesgpc settings usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "He will win who knows when to fight and when not to fight." errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout", 2; obimplicitflush 1; echo' SimpleBBS bod...
DoceboLms 2.0.4 - 'connector.php' Arbitrary File Upload
DoceboLMS body background-color:111111; SCROLLBAR-ARROW-COLOR: ffffff; SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: 1CB081; img background-color: FFFFFF !important input background-color: 303030 !important option background-color: 303030 !important textarea background-color: 303030...
AD20051202.txt
WinEggDropShell Multiple Remote Stack Overflow by Sowhat 2005.12.02 http://secway.org/advisory/AD20051202.txt http://secway.org/exploit/wineggdropshellbof.py.txt Affected: WinEggDropShell Eterntiy version 1.7 Other version may be vulnerable toooooo Overview: WinEggDropShell is a popular Chinese R...
Xaraya <= 1.0.0 RC4 create() Denial of Service Exploit
No description provided by source. ?php ---XarayaDOS.php 17.30 28/11/2005 Xaraya =1.0.0 RC4 D.O.S coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Hold out baits to entice the enemy. Feign disorder, and crush him."...
EUVD-2003-1276
HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests...