PHP Script Directory Software (sbcat_id) SQL Injection Vulnerability

Exploit for php platform in category web applications == Author: BorN To K!LL - h4ck3r Contact: email protected == Script: PHP script directory software Version: n/a Link: http://www.softbizsolutions.com/script-directory-software.php == 3xploit: path/showcats.php?sbcatid=SQL-Injection 3xample:...

PHP Script Directory Software - sbcat_id SQL Injection

PHP Script Directory Software - sbcatid SQL Injection == Author: BorN To K!LL - h4ck3r Contact: [email protected] == Script: PHP script directory software Version: n/a Link: http://www.softbizsolutions.com/script-directory-software.php == 3xploit: path/showcats.php?sbcatid=SQL-Injection 3xample:...

PHP Script Directory Software SQL Injection

== Author: BorN To K!LL - h4ck3r Contact: [email protected] == Script: PHP script directory software Version: n/a Link: http://www.softbizsolutions.com/script-directory-software.php == 3xploit: path/showcats.php?sbcatid=SQL-Injection 3xample:...

PHP Script Directory Software - 'sbcat_id' SQL Injection

== Author: BorN To K!LL - h4ck3r Contact: [email protected] == Script: PHP script directory software Version: n/a Link: http://www.softbizsolutions.com/script-directory-software.php == 3xploit: path/showcats.php?sbcatid=SQL-Injection 3xample:...

[SECURITY] Fedora 14 Update: php-eaccelerator-0.9.6.1-4.fc14

eAccelerator is a further development of the MMCache PHP Accelerator & Enco der. It increases performance of PHP scripts by caching them in compiled state, so that the overhead of compiling is almost completely eliminated...

Hexjector 1.0.7.5 Rev34 Latest Version Download !

"Hexjector is an open-source, multi-platform PHP script to automate site penetration tests for SQL Injection Vulnerabilities." This is the updated change log: ErrorCheck, HexDorker, HexaFind, HexDumper, HexaCurD, Hexdumpfile, Hexoutfile, Hexloader, and WAFDetector have all been updated. HexaFind ...

Projekt Shop - 'details.php' Multiple SQL Injections

+Name : Projekt Shop details.php www.cyber-warrior.org +Greetz to All System-Hacker, BlackApple , F0RTYS3V3N and All KinqSqlZCrew Members --------------------------------------------------------------------------------------- Bize kafa tutarmış büyük hacker, Kimlik yaşı 18 akıl yaşı 1 sen giderke...

Orbis CMS 1.0.2 Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications =================================================== Orbis CMS 1.0.2 Arbitrary File Upload Vulnerability =================================================== 'Orbis CMS' Arbitrary Script Execution Vulnerability CVE-2010-4313 Mark Stanislav -...

'Orbis CMS' Arbitrary Script Execution Vulnerability (CVE-2010-4313)

'Orbis CMS' Arbitrary Script Execution Vulnerability CVE-2010-4313 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Orbis CMS' filemanfileupload.php script that allows any authenticated user to upload a PHP script and...

Orbis CMS 1.0.2 - Arbitrary File Upload

'Orbis CMS' Arbitrary Script Execution Vulnerability CVE-2010-4313 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Orbis CMS' filemanfileupload.php script that allows any authenticated user to upload a PHP script and...

Orbis CMS 1.0.2 - Arbitrary File Upload

Orbis CMS 1.0.2 - Arbitrary File Upload 'Orbis CMS' Arbitrary Script Execution Vulnerability CVE-2010-4313 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Orbis CMS' filemanfileupload.php script that allows any...

D-Link DIR-300 Authentication Bypass

\n"; exit; $ch=curlinit; curlsetopt$ch, CURLOPTURL, "http://".$argv1."/toolsadmin.php"; curlsetopt$ch, CURLOPTRETURNTRANSFER, true; curlsetopt$ch, CURLOPTPORT, $argv2; curlsetopt$ch, CURLOPTPOST, 1; curlsetopt$ch,...

TFTgallery 0.13.1 - Local File Inclusion

TFTgallery 0.13.1 - Local File Inclusion TFTgallery gmailcom registerglobals=On Who said "what a useless vulnerability!" = "includeonce "language/" . $adminlangfile;" @thumbnailformpost.inc.php line 3 for the win ;...

Ubuntu Drupal Theme - Brown images/layout/gradient.php File Disclosure

The version of the Ubuntu Drupal Theme - Brown installed on the Drupal install on the remote host does not properly sanitize user-supplied input to the 'start' and 'end' parameters of the 'images/layout/gradient.php' script before using it to return the contents of a file. A remote, unauthenticat...

CVE-2010-3070

Cross-site scripting XSS vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to an arbitrary PHP script that uses NuSOAP classes...

Cross site scripting

Cross-site scripting XSS vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to an arbitrary PHP script that uses NuSOAP classes...

CVE-2010-3070

Cross-site scripting XSS vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to an arbitrary PHP script that uses NuSOAP classes...

CVE-2010-3070

Cross-site scripting XSS vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to an arbitrary PHP script that uses NuSOAP classes...

WAnewsletter v 2.1.2 SQL Injection Vulnerability

Exploit for php platform in category web applications ================================================ WAnewsletter v 2.1.2 SQL Injection Vulnerability ================================================ Exploit Title: WAnewsletter v 2.1.2 SQL Injection Vulnerabilitie Date: 23/09/2010 Author: BrOx-D...

Horde util/icon_browser.php subdir Parameter XSS

The version of the Horde application framework hosted on the remote web server fails to sanitize user input to the 'subdir' parameter of the 'util/iconbrowser.php' script before using it to generate dynamic HTML output. An attacker may be able to leverage this issue to inject arbitrary HTML or...