Dokeos LMS <= 1.8.5 (whoisonline.php) PHP Code Injection Exploit

No description provided by source. ?php / ----------------------------------------------------------------------- Dokeos LMS = 1.8.5 whoisonline.php Remote PHP Code Injection Exploit ----------------------------------------------------------------------- author...: EgiX mail.....:...

Pluck CMS 4.7 - HTML Code Injection

No description provided by source. Exploit Title: Pluck CMS CSRF - Injecting malicious contents to pagess Date: 2013 4 August Exploit Author: Yashar shahinzadeh Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://www.pluck-cms.org/ Tested on: Linux & Windows, PHP 5.2.9...

Pacer Edition CMS 2.1 (l param) Local File Inclusion Vulnerability

No description provided by source. Pacer Edition CMS 2.1 l param Local File Inclusion Vulnerability Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 867 Summary: The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 a...

Bigace CMS 2.7.8 - Add Admin Account CSRF

No description provided by source. Exploit Title: Bigace CMS CSRF - Adding an admin account Date: 2013 29 July Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://www.bigace.de/ Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 2.7.8 Contacts:...

RiteCMS 1.0.0 - Multiple Vulnerabilities

No description provided by source. Exploit Title: RiteCMS multiple vulnerabilities Date: 2013 30 July Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://ritecms.com/ Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 1.0.0 Contacts:...

Apprain 3.0.2 Cross Site Request Forgery

Exploit Title: Apprain CMF / CSRF ADD/DELETE administrator's account Date: 2013 29 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://www.apprain.com/ Tested on: Linux & Windows, PHP 5.2.9 Affected...

WordPress Plugin ThinkIT 0.1 - Multiple Vulnerabilities

Exploit Title: Wordpress ThinkIT plugin - CSRF / XSS Date: 2013 15 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://thinkoverit.com/ Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 0.1...

Spitefire CMS 1.1.4 Cross Site Request Forgery Vulnerability

Spitefire CMS version 1.1.4 suffers from a cross site request forgery vulnerability. Exploit Title: spitefire CMS - CSRF / ADD / EDTI / UPLOAD FILE Date: 2013 15 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor...

Pluck CMS 4.7 - HTML Code Injection

Exploit Title: Pluck CMS CSRF - Injecting malicious contents to pagess Date: 2013 4 August Exploit Author: Yashar shahinzadeh Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://www.pluck-cms.org/ Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 4.7 Contacts:...

Pluck CMS 4.7 - HTML Code Injection

Pluck CMS 4.7 - HTML Code Injection Exploit Title: Pluck CMS CSRF - Injecting malicious contents to pagess Date: 2013 4 August Exploit Author: Yashar shahinzadeh Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://www.pluck-cms.org/ Tested on: Linux & Windows, PHP 5.2.9...

RiteCMS 1.0.0 - Multiple Vulnerabilities

Exploit Title: RiteCMS multiple vulnerabilities Date: 2013 30 July Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://ritecms.com/ Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 1.0.0 Contacts: http://Twitter.com/YShahinzadeh , http://y-shahinzadeh.ir...

RiteCMS 1.0.0 - Multiple Vulnerabilities

RiteCMS 1.0.0 - Multiple Vulnerabilities Exploit Title: RiteCMS multiple vulnerabilities Date: 2013 30 July Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://ritecms.com/ Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 1.0.0 Contacts:...

Rite CMS 1.0.0 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: RiteCMS multiple vulnerabilities Date: 2013 30 July Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://ritecms.com/ Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 1.0.0 Contacts: http://Twitter.com/YShahinzadeh , http://y-shahinzadeh.ir...

BigACE 2.7.8 - Cross-Site Request Forgery (Add Admin)

BigACE 2.7.8 - Cross-Site Request Forgery Add Admin Exploit Title: Bigace CMS CSRF - Adding an admin account Date: 2013 29 July Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://www.bigace.de/ Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 2.7.8...

Machform Form Maker 2 XSS / Shell Upload / SQL Injection

Exploit Title: Machform form maker - Multiple Vulnerabilities Date: 2013 17 June Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://www.appnitro.com Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 2 Special thanks to: Mormoroth Dork1: "Powered by...

Machform Form Maker 2 - Multiple Vulnerabilities

Exploit Title: Machform form maker - Multiple Vulnerabilities Date: 2013 17 June Exploit Author: Yashar shahinzadeh Credit goes for: ha.cker.ir Vendor Homepage: http://www.appnitro.com Tested on: Linux & Windows, PHP 5.2.9 Affected Version : 2 Special thanks to: Mormoroth Dork1: "Powered by...

Pacer Edition CMS 2.1 (l param)local file inclusion flaw and fix-vulnerability warning-the black bar safety net

Pacer Edition CMS 2.1 l param Local File Inclusion Vulnerability Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 8 6 7 Summary: The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pace...

Pacer Edition CMS 2.1 Local File Inclusion

Pacer Edition CMS 2.1 l param Local File Inclusion Vulnerability Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 867 Summary: The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pacer...

Pacer Edition CMS 2.1 (l param) Local File Inclusion Vulnerability

Exploit for php platform in category web applications Pacer Edition CMS 2.1 l param Local File Inclusion Vulnerability Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 867 Summary: The 'Pacer Edition' is a Content Management SystemCMS writte...

Pacer Edition CMS 2.1 - rm Arbitrary File Deletion

Pacer Edition CMS 2.1 - rm Arbitrary File Deletion !/usr/bin/python Pacer Edition CMS 2.1 rm Remote Arbitrary File Deletion Exploit Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 867 Summary: The 'Pacer Edition' is a Content Management...