31 matches found
EUVD-2007-4295
Malware in sbrugna...
Php Blue Dragon CMS <= 2.9.1 (XSS/SQL) Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? $devilteam = " ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :...
php blue dragon cms 3.0.0 - Remote File Inclusion Vulnerability
No description provided by source. // Exploit Name: Php Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zaprasza...
Php Blue Dragon CMS 3.0.0 - Remote SQL Injection Exploit
No description provided by source. ? // Exploit Name: Php Blue Dragon CMS 3.0.0 Remote SQL Injection Exploit //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zapraszam na...
Php Blue Dragon CMS 3.0.0 - Remote Code Execution Exploit
No description provided by source. ?php // Exploit Name: Php Blue Dragon CMS 3.0.0 Code Execution Exploit //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zapraszam na irc...
Sql injection
SQL injection vulnerability in index.php in Php Blue Dragon CMS 3.0.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a "print articles" action...
Immunity Canvas: PBD_INCLUDE
Name| pbdinclude ---|--- CVE| CVE-2007-4313 Exploit Pack| CANVAS Description| Php Blue Dragon CMS Remote Include Notes| CVSS: 6.8 Repeatability: Infinite VENDOR: phpbluedragon.pl CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4313 CVE Name: CVE-2007-4313...
CVE-2007-4312
SQL injection vulnerability in index.php in Php Blue Dragon CMS 3.0.0 allows remote attackers to execute arbitrary SQL commands via the articleid parameter in a "print articles" action...
Remote file inclusion
PHP remote file inclusion vulnerability in publicincludes/pubblocks/activecontent.php in Php Blue Dragon CMS 3.0.0 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter, a different vector than CVE-2006-2392, CVE-2006-3076, and CVE-2006-6958...
CVE-2007-4313
PHP remote file inclusion vulnerability in publicincludes/pubblocks/activecontent.php in Php Blue Dragon CMS 3.0.0 allows remote attackers to execute arbitrary PHP code via a URL in the vsDragonRootPath parameter, a different vector than CVE-2006-2392, CVE-2006-3076, and CVE-2006-6958...
CVE-2007-4312
The CVE-2007-4312 entry concerns a SQL injection in Php Blue Dragon CMS 3.0.0. The vulnerability occurs in index.php during the “print articles” action, where the parameter article_id can be used by remote attackers to execute arbitrary SQL commands. Connected sources (NVD/NVD-derived records and...
CVE-2007-4313
Affected software : Php Blue Dragon CMS 3.0.0. Vulnerability : PHP remote file inclusion via the vsDragonRootPath parameter in public_includes/pub_blocks/activecontent.php, allowing remote code execution. Root cause : improper handling of a user-supplied URL leading to remote inclusion. Impact : ...
pbd-rfi.txt
// Exploit Name: Php Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zapraszam na irc! //Irc: irc.milw0rm.com:66...
pbd-sql.txt
126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r\n"; return $exa."\r\n".$result; $proxyregex = '\b\d1,3.\d1,3.\d1,3...
Php Blue Dragon CMS 3.0.0 Remote SQL Injection Exploit
Exploit for unknown platform in category web applications ====================================================== Php Blue Dragon CMS 3.0.0 Remote SQL Injection Exploit ====================================================== 126 $result.=" ."; else $result.=" ".$string$i; if...
PHP blue dragon CMS 3.0.0 - Remote File Inclusion
PHP blue dragon CMS 3.0.0 - Remote File Inclusion // Exploit Name: Php Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL...
Php Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability
No description provided by source. // Exploit Name: Php Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zaprasza...
PHP Blue Dragon CMS 3.0.0 - SQL Injection
PHP Blue Dragon CMS 3.0.0 - SQL Injection 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r\n"; return $exa."\r\n".$result; $proxyregex =...
Php Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications ============================================================= Php Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability ============================================================= // Exploit Name: Php Blue Dragon CMS 3.0.0 Remote Fil...
Php Blue Dragon CMS 3.0.0 Remote Code Execution Exploit
Exploit for unknown platform in category web applications ======================================================= Php Blue Dragon CMS 3.0.0 Remote Code Execution Exploit ======================================================= 126 $result.=" ."; else $result.=" ".$string$i; if...