36 matches found
InterPhoto 2.3.0 Shell Upload
==================================================================================================================================== | Title : InterPhoto 2.3.0 Persians Remote Shell Upload vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...
Gratipay: Host Header poisoning on gratipay.com
There is a host header poisoning vulnerability on gratipay.com that allows an attacker to cause a 301 redirect and poison the browser DNS cache to cause all further requests to gratipay.com to be redirected to the attacker's site. PoC Request: GET https://gratipay.com/ HTTP/1.1 Host: heroku.com...
MangosWeb SQL Injection Vulnerability
No description provided by source. EXPLOIT TITLE: MangosWeb SQL Vulnerability DATE: 1/7/2012 BY Hood3dRob1n AFFECTED PRODUCTS: MangosWeb Enhanced Version 3.0.3 SW LINK: http://code.google.com/p/mwenhanced/ CATEGORY: WebApp 0day DORK: intext:MangosWeb ENhanced Version 3.0.3 @2009-2011, KeysWow Dev...
Rash CMS SQL Injection Vulnerability
No description provided by source. ========================================== Rash CMS SQL Injection Vulnerability ========================================== InformatioN Title : Rash CMS SQL Injection Vulnerability Author : keracker Vendor or Software Link : http://rashcms.com Email :...
Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities
No description provided by source. Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution v6.0 Version: 6.1.0 & 6.2.0 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Software description: The employ...
Free Image Hosting Script Arbitrary File Upload Vulnerability
No description provided by source. ============================================ Free Image Hosting Script Remote File Upload Vulnerability ============================================ Exploit Title: Free Image Hosting Script ALL VERSIONS Remote File Upload Vulnerability Date: 26/12/11 Author:...
azuresites cms Multiple Vulnerabilities
No description provided by source. AzureSites CMS - Multiple Vulnerabilities Vulnerabilities discovered by: LidlosesAuge Greetz to: -=Player=- , Suicide, g4ms3, enco, GPM, Free-Hack, Ciphercrew, h4ck-y0u Date: 26.05.2008 Vulnerabilities: 1. SQL Injection 1.1...
MyBB (editpost.php, posthash) - SQL Injection Vulnerability
No description provided by source. MyBB 1.6.9 is vulnerable to Stored, Error based, SQL Injection. Vulnerable code: /editpost.php === Line 398 === $posthashquery = posthash='$posthash' OR ; === It can be done by using Tamper DataOr Live HTTP Headers, and when submitting a post, edit the 'posthash...
PHP-Nuke 8.3 News SQL Injection
title : phpnuke 8.3 sql injection vulnerability Exploit Title: phpnuke 8.3 submit news module sql injection vulnerability Google Dork: inurl:modules.php?name=SubmitNews Date: 5/24/2014 Exploit Author: ali ahmady -- Iranian Researcher snip3rirathotmail.com Vendor Homepage: phpnuke.org Software Lin...
Localize: A Serious Bug on SIGNUP Process!
Hello, I found a bug on your registration/Sign UP process.. You should fix this one soon as Possible! With This bug, Attacker will able to create thousands of ID's on you application.. POC ------ it can be done in three 3 ways.. 1 By CSRF .. Copy You Registration FORM source only form code is...
Simple File Manager vX.X File Upload Vulenrability
Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Exploit Title: Simple File Manager vX.X File Upload Vulenrability + Date: 11-12-2013 + Category: WebApp + Vendor:onedotoh.sourceforge.net/ + Google Dork: Do Some Work and you'll find it : + Tested on: Win7 , ubuntu...
Fluidgalleries Photo Upload Shell Upload
In The Name Of Allah + Exploit Title : fluidgalleries Photo Upload Remote Shell Upload Vulnerability + Google Dork 1 : inurl:"fluidgalleries/dat/info.dat" + Google Dork 2 : inurl:"/fluidgalleries/php/" + Date : 01/08/2013 + Exploit Author : IranianDarkCodersTeam + Home : www.idc-team.net +...
MyBB editpost.php SQL Injection
MyBB...
MyBB 1.6.9 - editpost.php?posthash Blind SQL Injection
MyBB 1.6.9 - editpost.php?posthash Blind SQL Injection MyBB...
osCommerce Authentication Bypass (misconfigured htaccess)
Exploit for php platform in category web applications Exploit Title : osCommerce Authentication Bypass misconfigured htaccess Google Dork : "Powered by osCommerce" or you can try own dorks Exploit Author: D35m0nd142 Vendor Homepage: http://www.oscommerce.com/ Tested on: Linux Ubuntu 12.04 with...
A lot of the rebate built Station system V8 installation vulnerability-vulnerability warning-the black bar safety net
Brief description of the A lot of the rebate built Station system after installing the site, will put the install folder of the install. php renamed the install. php. lock, but in this file we can access to, so use the capture tool, you can reinstall the site. The use of Description 1, FireFox to...
Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities
Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution v6.0 Version: 6.1.0 & 6.2.0 Vendor Site: http://www.cyclope-series.com/ Software Download:...
Sandcat Browser - Penetration Testing Oriented Browser
Penetration Testing Oriented Browser - Sandcat Browser The fastest web browser combined with the fastest scripting language packed with features for pen-testers. Sandcat Browser is a freeware portable pen-test oriented multi-tabbed web browser with extensions support developed by the Syhunt team,...
Ajax Upload - Arbitrary File Upload
Exploit Title: Ajax Upload Arbitrary File Upload Date: 30/01/2012 Author: Daniel Godoy Author Mail: DanielGodoyatGobiernoFederaldotcom Author Web: www.delincuentedigital.com.ar Software: Ajax Upload http://valums.com/ajax-upload/ Tested on: Linux Comment Agradezco a mis amigos: Hernan Jais, Alfon...
Ajax Upload Shell Upload
Exploit Title: Ajax Upload Arbitrary File Upload Date: 30/01/2012 Author: Daniel Godoy Author Mail: DanielGodoyatGobiernoFederaldotcom Author Web: www.delincuentedigital.com.ar Software: Ajax Upload http://valums.com/ajax-upload/ Tested on: Linux Comment Agradezco a mis amigos: Hernan Jais, Alfon...