Michelles L2J Dropcalc 4 - SQL Injection

============================================================================================== Title: Michelle's L2J Dropcalc Version: = v4 Web Site: http://www.msknight.com/comps/lineage2/myl2jdropcalc.htm Discovered By: Codebreak [email protected] | www.codebreak.tk...

Oreon lang/index.php file Parameter Remote File Inclusion

The remote host is running Oreon, a web-based network supervision program based on Nagios. The installation of Oreon on the remote host fails to sanitize input to the 'file' parameter of the 'lang/index.php' script before using it to include PHP code. Regardless of PHP's 'registerglobals' setting...

WoltLab Burning Board search.php Multiple Parameter SQL Injection

The version of Burning Board / Burning Board Lite on the remote host fails to sanitize user input to the 'boardids' parameter of the 'search.php' script before using it in database queries. Regardless of PHP's 'registerglobals' and 'magicquotesgpc' settings, an unauthenticated, remote attacker ca...

Re: Jax Petition Book (languagepack) Remote File Include Vulnerabilities

Actually, this can be pretty serious depending on server settings, but an improper example was given. Better one: jaxpetitionbook.php?languagepack=../../someotherallowedfileuploads/myfile.php.gif00 Many servers will have magic quotes on to defeat the null byte, but by no means all. John...

Article System 0.1 - 'INCLUDE_DIR' Remote File Inclusion

Script:Article System Affected Version:1.0 Download:http://kent.dl.sourceforge.net/sourceforge/artsys/artsys-0.1-20020705.tar.gz Author:Dr Max Virus Bug in:/path/include Vul Code; requireonce "$INCLUDEDIR/classes/class.formitem.php"; POC:...

CVE-2007-0082

This entry covers CVE-2007-0082 affecting IMGallery 2.5 and earlier. The vulnerability occurs in users_adm/start1.php where files with multiple extensions are not properly handled, allowing remote authenticated users to upload and execute arbitrary PHP scripts. The documented impact is partial co...

Nuked Klan <= 1.7 Remote Cookie Disclosure Exploit

Nuked Klan = 1.7 Remote Cookie Disclosure Exploit - Vendor : www.nuked-klan.org/ - Found by NeoSSJ & Kad' - Full disclosure on 31 December 2006 - Notice : you only have to create a .swf file, and you put on :...

WebText 0.4.5.2 - Remote Code Execution

DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] cod3d by Kacper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-...

TYPO3 'spell-check-logic.php' 'userUid' Parameter Arbitrary Command Execution

The remote host is running TYPO3, an open source content management system written in PHP. The version of TYPO3 installed on the remote host fails to sanitize user-supplied input to the 'userUid' parameter before using it in the 'spell-check-logic.php' script to execute a command. An...

Serv-U steal the administrator password novice section-Vulnerability warning-the black bar safety net

Sometimes we get the WebShell is very pleased with the Serv-U local privilege escalation vulnerability to achieve complete control of broiler purposes, but will always go wrong. We at WebShell input of a command is generally like this: D:\WEB\su.exe “net user 1 1 /add” Many cases can not be...

Filezilla FTP Server 0.9.20 beta / 0.9.21 "LIST", "NLST" and "NLST -al" Denial Of Service

No description provided by source. ?php Filezilla FTP Server 0.9.20 beta / 0.9.21 "LIST", "NLST" and "NLST -al" Denial Of Service by shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org special thanks to rgod for his first advisory about "STOR" Denial of service, see:...

FileZilla FTP Server 0.9.21 - LISTNLST Denial of Service

FileZilla FTP Server 0.9.21 - LISTNLST Denial of Service ?php Filezilla FTP Server 0.9.20 beta / 0.9.21 "LIST", "NLST" and "NLST -al" Denial Of Service by shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org special thanks to rgod for his first advisory about "STOR" Denial o...

ThinClientServer Admin Account Creation Privilege Escalation

The remote host is running ThinClientServer, an application to convert existing PCs into thin clients. The version of ThinClientServer installed on the remote host allows an unauthenticated, remote attacker to create administrative accounts. %NASLMINLEVEL 70300 C Tenable Network Security...

CVE-2006-6255

The CVE-2006-6255 entry concerns the NukeAI 0.0.3 Beta module for PHP-Nuke, where a vulnerability in util.php allows remote code execution. An attacker can upload and execute arbitrary PHP code by supplying a filename with a .php extension in the filename parameter and code in the moreinfo parame...

Speedwiki 2.0 Arbitrary File Upload Vulnerability

product :Speedwiki 2.0 vendor site: http://speedywiki.sourceforge.net/ risk:critical a user logged in , can upload a PHP script on the server , by the upload script , there's actually no upload filter on this cms path : /speedywiki/index.php?upload=1 xss get :...

iPrimal Forums - '/admin/index.php' Remote File Inclusion

iPrimal Forums Remote File Inclusion Download:http://ipigroup.org/downloads/forums.zip Found by Bl0od3r Vulnerable Code: line 126-129 ..... if$GET'p' == '' echo 'Please select an item from the menu above.'; else include$GET'p'.'.php'; ..... Affected File: /admin/index.php = Vulnerability:...

Free Image Hosting <= 1.0 (forgot_pass.php) File Include Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' | \\ | \\ | \ . . |\ \ \ /\ \ / /| || | | | | \ | \ Y / | || | | \ | \ \ / | || | |/ // / / ||| \ | / / \ / \ |\ /\ / / \ / \ | | | | / /\ \ / \ / \ | | | | / | / Y \ || / /| /| /...

N/X WCMS <= 4.1 (nxheader.inc.php) Remote File Include Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' | \\ | \\ | \ . . |\ \ \ /\ \ / /| || | | | | \ | \ Y / | || | | \ | \ \ / | || | |/ // / / ||| \ | / / \ / \ |\ /\ / / \ / \ | | | | / /\ \ / \ / \ | | | | / | / Y \ || / /| /| /...

Coppermine Photo Gallery 1.4.9 - SQL Injection

!/usr/bin/php ?php / Coppermine Photo Gallery 1.4.9 Remote SQL Injection Vulnerability Note: Requires a valid user account. Usage: php script.php host path table prefix user id username password Usage Example: php script.php domain.com /coppermine/ cpg149 1 john secret Googledork" "Powered by...

Coppermine Photo Gallery 1.4.9 Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================= Coppermine Photo Gallery 1.4.9 Remote SQL Injection Vulnerability ================================================================= !/usr/bin/php ?php / Coppermine Photo...