Joomla Bch / Content Shell Upload

Joomla comcontent Shell Upload Vulnerability x Author : AgdScorp x Home : www.turkguvenligi.info former x E-mail : [email protected] x Found : Mon, Dec 24, 2012 x Tested : Windows 7, Ubuntu, Gentoo x Dork : inurl:"/index.php?option=combch" x The Conlusion The vulnerability resides at 'cont'...

SmartCMS (index.php, idx parameter) SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================================================================================= o SmartCMS = SQL Injection Vulnerability Software : SmartMS Vendor : http://smartcms.nl/ Author : NoGe Contact :...

Joomla Component com_garyscookbook file upload Vulnerability

Exploit for php platform in category web applications Exploit Title: joomla comgaryscookbook file upload Author: Over-X email: email protected Vendor or Software Link: www.joomla.it Version: 242 Google dork: "inurl:comgaryscookbook" Tested on: win Xp...

HP Operations Agent Opcode coda.exe 0x34 Buffer Overflow

This Metasploit module exploits a buffer overflow vulnerability in HP Operations Agent for Windows. The vulnerability exists in the HP Software Performance Core Program component coda.exe when parsing requests for the 0x34 opcode. This Metasploit module has been tested successfully on HP Operatio...

HP Operations Agent Opcode coda.exe 0x8c Buffer Overflow

This Metasploit module exploits a buffer overflow vulnerability in HP Operations Agent for Windows. The vulnerability exists in the HP Software Performance Core Program component coda.exe when parsing requests for the 0x8c opcode. This Metasploit module has been tested successfully on HP Operatio...

Seven koncepts sql Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Seven koncepts sql Injection Vulnerability Date: 08/09/2012 Author: The Black Devils Home: 1337day Exploit DataBase 1337day.com Software Link: www.sevenkoncepts.com Category : webapps Google dork: Powered by: Seven koncepts...

PHP PDO内存访问冲突拒绝服务漏洞

BUGTRAQ ID: 54777 PHP是一种HTML内嵌式的语言，PHP与微软的ASP颇有几分相似，都是一种在服务器端执行的嵌入HTML文档的脚本语言，语言的风格有类似于C语言，现在被很多的网站编程人员广泛的运用。 PHP 5.4.3及其他版本在实现上存在远程拒绝服务漏洞，攻击者可利用此漏洞造成Web服务器崩溃，拒绝服务合法用户。 0 PHP 5.3.x PHP 5.2.x 厂商补丁： PHP --- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.php.net ?php try $db = new...

Duvys Media web design and development file upload

Exploit for php platform in category web applications Exploit Title: duvys media web design and development file upload Date: 01.08.2012 Author: DzErRoR Category:: webapps.. Google dork: intext:Website by Duvys Media: Tested on: win7 Demo sites: http://omnirehab.com/...

vBulletin 3.x.x full path disclosure Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

WordPress "photocrati-theme" Remote File Upload

Exploit for php platform in category web applications .::IN THE NAME OF ALLAH::. Exploit Title: WordPress "photocrati-theme" Remote File Upload "RFU" By : AShiyane Digital Security Team Dork : "inurl:wp-content/themes/photocrati-theme/admin" Tested : Windows 7 / bt5 Exploit : go to gallery in adm...

Drupal 7.x 核心路径泄露漏洞

BUGTRAQ ID: 53454 Drupal是一款开放源码的内容管理平台。 Drupal 7.14之前版本在实现上存在路径泄露漏洞，通过错误信息中泄露安装路径的index.php的q参数，includes/bootstrap.inc内的requestpath函数可允许远程攻击者获取敏感信息。 0 Drupal 7.x 厂商补丁： Drupal ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.drupal.org/ http://localhost/?q=x ------------------------------------...

Feifei television systems PHP version v1. 9 injection exploit-vulnerability warning-the black bar safety net

Article author: honglousy Yesterday the whole hacking Forum next station on the program, found that people also really many. Simply write the exp. Boring as... ? php / Fly fly video management system SQL injection Feifei television systems PHP version v1. 9 injection exploit by:www.08sec.com fans...

Vertrigoserv 2.27 Privilege Escalation

===================================================== Vertrigoserv 2.27 Local Privilege Escalation Exploit ====================================================...

Estudioayllon Blind Sql Injection Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Developing and Sharing Tools for Professional Hackers

Professional hackers or security testers tend to write a lot of code. We write exploit code, fuzzers, code to handle esoteric protocols and data structures, unpackers, disassemblers, reversers, parsers, and so much more. We write this code because often what we’re doing is so specific that is...

Debian Security Advisory DSA 2452-1 (apache2)

The remote host is missing an update to apache2 announced via advisory DSA 2452-1. OpenVAS Vulnerability Test $Id: deb24521.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2452-1 apache2 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

DEBIAN-CVE-2012-0216

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...

CVE-2012-0216

The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when modphp or modrivet is used, provides example scripts under the doc/ URI, which might allow local users to conduct cross-site scripting XSS...

PT-2012-2407 · Apache · Apache Http Server

Name of the Vulnerable Software and Affected Versions: apache2 versions prior to 2.2.16-6+squeeze7 apache2 versions prior to 2.2.22-4 Description: The default configuration of the apache2 package, when mod php or mod rivet is used, provides example scripts under the doc/ URI. This might allow loc...

[SECURITY] [DSA 2452-1] apache2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2452-1 [email protected] http://www.debian.org/security/ Stefan Fritsch April 15, 2012 http://www.debian.org/security/faq -...