8850 matches found
i-Gallery Multiple Vulnerability
Exploit for php platform in category web applications ================================ i-Gallery Multiple Vulnerability ================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /'...
Joomla Component com_mtree <= 1.0 Remote File Include Vulnerability
Exploit for php platform in category web applications =================================================================== Joomla Component commtree = 1.0 Remote File Include Vulnerability =================================================================== InformatioN Title : Joomla Mosets Tree =...
nuBuilder Local File Include and Cross Site Scripting Vulnerabilities
nuBuilder is prone to a local file-include vulnerability and a cross- site scripting vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the...
NTSOFT BBS E-Market Professional Cross Site Scripting
+================================================================================================+ + NTSOFT BBS E-Market Professional & XSS and Remote Execution Evil code + +================================================================================================+ Authors: Ivan Sanchez...
TELUS Security Labs VR - iSCSI target Multiple Implementations iSNS Stack Buffer Overflow
iSCSI target Multiple Implementations iSNS Stack Buffer Overflow TSL ID: FSC20100701-01 1. Affected Software iSCSI Enterprise Project iscsitarget 1.4.20.1 and prior SCST project iscsi-scst 1.0.1.1 and prior tgt project tgt 1.0.5 and prior References: http://iscsitarget.sourceforge.net/...
Поиск уязвимостей в веб приложениях
В этой статье я собрал интересные на мой взгляд ошибки в php скриптах. Но для начала, описание некоторых параметров PHP-интерпретатора: Цитата: registerglobals = ON - все переменные регистрируются как глобальные; magicquotesgpc = ON - в массивах POST, GET, COOKIE экранируются кавычки и опасные...
DedeCmsV5. 6 local contains another use-vulnerability warning-the black bar safety net
Article author: jannock Continued local contains include/arc.datalist.class.php $codefile = isset$needCode ? $needCode : $cfgsoftlang; iffileexistsDEDEINC.'/ code/datalist.'.$ codefile.'. inc' requireonceDEDEINC.'/ code/datalist.'.$ codefile.'. inc'; Contains this file can contain . inc file type...
PHP Remote File Include Generic Code Execution
This module can be used to exploit any generic PHP file include vulnerability, where the application includes code like the following: This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PHP Remote...
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
$Id: guestbookssiexec.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
PHP code execution vulnerability-summary-vulnerability warning-the black bar safety net
Reference from:http://php-security.org/2010/05/20/mops-submission-07-our-dynamic-php/index.html A code execution function In PHP you can execute the Code of the function. Such as eval , assert , theand system and exec and shellexec and passthru and escapeshellcmd and pcntlexec , etc. demo code 1....
DEDECMS website management system plus/carbuyaction. php local include vulnerability-vulnerability warning-the black bar safety net
DedeCms based on PHP+MySQL technology development, supporting Windows, Linux, Unix and other server platforms, from the 2 0 0 4 year began to publish the first version began, so far has released five large version. DedeCms in a simple, robust, flexible, open source several features occupied the...
PHPortal 1.2 - 'gunaysoft.php' Remote File Inclusion
Tilte: phportal1.2 gunaysoft.php Remote File Include Vulnerability Author..................: Ma3sTr0-Dz Location ...............: ALGERIA Software ...............: phportal1.2 Impact..................: Remote Advisory ...............: exploit-db.com Site Software ..........:...
PithCMS 'lang' Parameter Local File Include Vulnerability
PithCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the...
PithCMS <= 0.9.5 LFI Vulnerability - Active Check
PithCMS is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Plesk Server Administrator (PSA) - 'locale' Local File Inclusion
source: https://www.securityfocus.com/bid/40813/info Plesk Server Administrator PSA is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrar...
AimEx 3.0 Remote Include Exploit
Exploit for php platform in category web applications ====================================== AimEx 3.0 Remote Include Vulnerability ====================================== AimEx 3.0 Remote Include Exploit Found by sh00t0ut Expl: http://victim/spaw/spawcontrol.class.php?spawroot=evil script...
Joomla Component com_galleryxml Multiple Vulnerabilities
Exploit for php platform in category web applications ======================================================== Joomla Component comgalleryxml Multiple Vulnerabilities ======================================================== Exploit Title: Joomla Component Gallery XML 1.1 Multiple Vulnerabilities...
Pithcms 0.9.5 Local File Include Vulnerability
No description provided by source. Published: 2010-06-17 Pithcms 0.9.5 Local Include ExploitPithcms 0.9.5 Local Include Exploit Found by sh00t0ut Expl: http://victim/oldnewsreader.php?lang=etc/passwd%00...
EZPX photoblog 1.2 beta Remote Include Exploit
Exploit for php platform in category web applications ============================================== EZPX photoblog 1.2 beta Remote Include Exploit ============================================== EZPX photoblog 1.2 beta Remote Include Exploit Vendor Url: http://ezpx.org/ Found by sh00t0ut Expl:...
Nakid CMS 0.5.2 Remote Include Exploit
Exploit for php platform in category web applications ====================================== Nakid CMS 0.5.2 Remote Include Exploit ====================================== Nakid CMS 0.5.2 Remote Include Exploit Found by sh00t0ut Expl: http://victim/modules/catalog/uploadphoto.php?coresystempath=ev...