CVE-2011-3748

Kamads Classifieds 2B3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by V2AXHTML/style/view.php and certain other files...

Kamads Classifieds 2.0 - Admin Hash Disclosure

No description provided by source. ?php if $argc 2 echo \n+-----------------------------------------------------------------+\n; echo | Kamads classifieds V2 Multiple Vulnerabilities |\n; echo | Author:Mr.tro0oqy |\n; echo | [email protected] |\n; echo | dork:inurl:V2AXHTML |\n; echo | |\n; echo...

Kamads Classifieds 2.0 - Admin Hash Disclosure

Kamads Classifieds 2.0 - Admin Hash Disclosure \n"; print "\nex...........: php $argv0 http://www.target.com/V2AXHTML/admin/admin.php\n"; die; else $ch = curlinit; curlsetopt$ch,CURLOPTURL,"$argv1"; $op1 = curlsetopt$ch,CURLOPTRETURNTRANSFER,true; curlsetopt$ch,CURLOPTUSERAGENT,"Mozilla/4.0...

Kamads Classifieds 2.0 - Admin Hash Disclosure

\n"; print "\nex...........: php $argv0 http://www.target.com/V2AXHTML/admin/admin.php\n"; die; else $ch = curlinit; curlsetopt$ch,CURLOPTURL,"$argv1"; $op1 = curlsetopt$ch,CURLOPTRETURNTRANSFER,true; curlsetopt$ch,CURLOPTUSERAGENT,"Mozilla/4.0 compatible; MSIE 5.01; Windows NT 5.0";...

Kamads classifieds V2 admin Disclosure / AuthBypass exploit

Exploit for php platform in category web applications \n"; print "\nex...........: php $argv0 http://www.target.com/V2AXHTML/admin/admin.php\n"; die; else $ch = curlinit; curlsetopt$ch,CURLOPTURL,"$argv1"; $op1 = curlsetopt$ch,CURLOPTRETURNTRANSFER,true; curlsetopt$ch,CURLOPTUSERAGENT,"Mozilla/4....

CVE-2011-3748

Kamads Classifieds 2B3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by V2AXHTML/style/view.php and certain other files...

Information disclosure

Kamads Classifieds 2B3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by V2AXHTML/style/view.php and certain other files...

CVE-2011-3748

CVE-2011-3748 affects Kamads Classifieds 2_B3. An information-disclosure flaw exists where remote attackers can obtain sensitive data by requesting a PHP file directly, causing an error message that reveals the installation path (illustrated by V2A_XHTML/style/view.php and related files). The con...

CVE-2011-3748

Kamads Classifieds 2B3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by V2AXHTML/style/view.php and certain other files...

Bloginator不安全Cookie和SQL注入漏洞

BUGTRAQ ID: 34187 CVECAN ID: CVE-2009-1050,CVE-2009-1049 Bloginator是一套PHP脚本，允许用户在网站上显示、添加、编辑和删除文章。 Bloginator没有正确地验证认证cookie，远程攻击者可以通过修改identifyYourself cookie参数绕过安全限制获得非授权访问。以下是有漏洞的代码段： URL www.site.com/bloginator/articleCall.php global $name,$password,$returnLink; $pname =...

Bloginator 1a - SQL Injection Command Injection (via Cookie Bypass )

Bloginator 1a - SQL Injection Command Injection via Cookie Bypass Author = FireShot , Jacopo Vuga. Thx to = Osirys for develop the Exploitation Code with me Mail = fireshotautisticiorg / osirysautisticiorg Vulnerability = SQL Command Injection mq = off Software = Bloginator V1A Download =...