iScripts EasyCreate 3.0 - Remote Code Execution

Exploit for php platform in category web applications !C:/Python27/python.exe -u iScripts EasyCreate 3.0 Remote Code Execution Exploit Vendor: iScripts.com Product web page: http://www.iscripts.com Affected version: 3.0 Summary: iScripts EasyCreate is a private label online website builder. This...

iScripts EasyCreate 3.0 - Remote Code Execution

!C:/Python27/python.exe -u iScripts EasyCreate 3.0 Remote Code Execution Exploit Vendor: iScripts.com Product web page: http://www.iscripts.com Affected version: 3.0 Summary: iScripts EasyCreate is a private label online website builder. This software allows you to start an online business by...

Apache 2.4.7 + PHP 7.0.2 - 'openssl_seal()' Uninitialized Memory Code Execution

?php // Source: http://akat1.pl/?id=1 function getmaps $fh = fopen"/proc/self/maps", "r"; $maps = fread$fh, 331337; fclose$fh; return explode"\n", $maps; function findmap$sym $addr = 0; foreachgetmaps as $record if strstr$record, $sym && strstr$record, "r-xp" $addr = hexdecexplode'-', $record0;...

Debian DLA-408-1 : gosa security update

GOsa is a combination of system-administrator and end-user web interface, designed to handle LDAP based setups. GOsa upstream reported a code injection vulnerability in the Samba plugin code of GOsa. During Samba password changes it has been possible to inject malicious Perl code. This upload to...

DLA-408-1 gosa - security update

Bulletin has no description...

iScripts EasyCreate 3.0 Remote Code Execution Exploit

Summary iScripts EasyCreate is a private label online website builder. This software allows you to start an online business by offering website building services to your customers. Equipped with drag and drop design functionality, crisp templates and social sharing capabilities, this online websi...

Remote Code Execution in Exponent

High-Tech Bridge Security Research Lab discovered critical vulnerability in Exponent CMS, which can be exploited to inject and execute arbitrary PHP code on the vulnerable system with the privileges of the web server. The vulnerability resides within "/install/index.php" script, when handling...

CVE-2015-8761

The Values module 7.x-1.x before 7.x-1.2 for Drupal does not properly check permissions, which allows remote administrators with the "Import value sets" permission to execute arbitrary PHP code via the exported values list in a ctools import...

CVE-2015-8761

The Values module 7.x-1.x before 7.x-1.2 for Drupal does not properly check permissions, which allows remote administrators with the "Import value sets" permission to execute arbitrary PHP code via the exported values list in a ctools import...

phpMyFAQ 2.7.9 PHP Code Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : http://0day.today 0 1 + Support e-mail :...

WordPress WooCommerce 2.4.12 PHP Code Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : http://0day.today 0 1 + Support e-mail :...

Zen Cart 1.5.4 Local File Inclusion

Advisory ID: HTB23282 Product: Zen Cart Vendor: Zen Ventures, LLC Vulnerable Versions: 1.5.4 Tested Version: 1.5.4 Advisory Publication: November 25, 2015 without technical details Vendor Notification: November 25, 2015 Vendor Patch: November 26, 2015 Public Disclosure: December 16, 2015...

Zen Cart 1.5.4 - Local File Inclusion

Advisory ID: HTB23282 Product: Zen Cart Vendor: Zen Ventures, LLC Vulnerable Versions: 1.5.4 Tested Version: 1.5.4 Advisory Publication: November 25, 2015 without technical details Vendor Notification: November 25, 2015 Vendor Patch: November 26, 2015 Public Disclosure: December 16, 2015...

Zen Cart Arbitrary File Inclusion Vulnerability

Zen Cart is open source shopping cart software. An arbitrary file inclusion vulnerability exists in Zen Cart. Due to a lack of filtering in the "/ajax.php" script directory traversal sequence in the "act" HTTP GET parameter, an attacker can exploit the vulnerability to execute arbitrary PHP code...

DMarket 1.0 Remote PHP Code Injection

| Title : DMarket 1.0 Remote PHP Code Injection Exploit | Author : indoushka | email : [email protected] | Dork : Copy right © 2010 . All right reserved Powered By : DMarket تمامی حقوق برای فروشگاه Print Art محفوظ است | Tested on: windows 8.1 Français V.Pro | Download :...

Switch 4.68 - Code Execution Vulnerability

Exploit for windows platform in category remote exploits Convert the audio data stream 3. Paste malicious url in input "Enter url of the audio stream" 4. Click start the audio stream 5. PHP code executed successfully Code Execution Calculator By ZwX - Vulnerability Lab.com...

POP Peeper 4.0.1 - Persistent Code Execution Vulnerability

Exploit for windows platform in category remote exploits Title : POP Peeper 4.0.1 - Persistent Code Execution Vulnerability Author : ZwX Vendor : http://www.esumsoft.com/ Download : http://data.esumsoft.com/download/POPPeeperPro.zip Tested On : Windows 7 Description Vulnerability :...

Bastian Allgeier Kirby Arbitrary File Upload Vulnerability

Bastian Allgeier Kirby is a content management system CMS from Bastian llgeiergs, Germany. An arbitrary file upload vulnerability exists in the Panel component of Bastian Allgeier Kirby 2.1.1 and earlier versions, which can be exploited by a remote attacker to execute arbitrary PHP code by...

RCE in Zen Cart via Arbitrary File Inclusion

High-Tech Bridge Security Research Lab discovered critical vulnerability in a popular e-commerce software Zen Cart, which can be exploited by remote non-authenticated attackers to compromise vulnerable system. A remote unauthenticated attacker might be able to execute arbitrary PHP code on the...

Google AdWords API 'WSDLInterpreter/WSDLInterpreter.php'任意PHP代码执行漏洞

No description provided by source...