1408 matches found
fuzzylime303-lfi.txt
/ --+---=+--==+++++ -- FuzzyLime 3.03 Local File Iclude PoC -0- -======+++++---'''' -- Vuln - code/track.php $m = $GETm; $p = $GETp; //1 include "settings.inc.php"; if!isset$POSTurl || !isset$POSTtitle || !isset$POSTexcerpt //2 header"Location: $rooturlindex.php?s=news&p=$p&m=$m"; else...
ToursManager (tourview.php tourid) Blind SQL Injection Vulnerability
No description provided by source. Name:-- ToursManager PhP Script = Blind Sql Injection Discovered by:-- XaDoS ContacT m&:-- xadosathotmail.it Site:-- http://www.toursmanager.com ■ £XpLoIT: |: http://www.demosite.com/tourview.php?tourid=2%20and%201=1-- true |:...
toursmanager-blindsql.txt
Name:-- ToursManager PhP Script Discovered by:-- XaDoS ContacT m&:-- xadosathotmail.it Site:-- http://www.toursmanager.com ■ £XpLoIT: |: http://www.demosite.com/tourview.php?tourid=2%20and%201=1-- true |: http://www.demosite.com/tourview.php?tourid=2%20and%201=0-- false Version: |:...
Aj Classifieds - Authentication Bypass
Aj Classifieds - Authentication Bypass ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
YourFreeWorld Short Url & Url Tracker - SQL Injection
Short Url & Url Tracker id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script : http://www.yourfreeworld.com/script/shorturl.php DorK : inurl:"tr.php?id=" Short Url & Url Tracker Exploit :...
elkagroup-sql.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= elkagroup Image Gallery v1.0 view.php cid Remote SQL Injection Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Script: Image Gallery v1.0 Language: PHP...
zubrag-upload.txt
//Title - Zubrag Uploader 1.0 Arbitrary Shell Upload Vulnerability //Vendor - zubrag.com/scripts/file-upload-form.php //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. The script attempts to hide the...
NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability
No description provided by source. //Title - NEPT Image Uploader shell upload //Vendor - newearthpt.freehostia.com //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. 1. Select a php file for upload 2...
CuteNews search.php Cross-Site Scripting Vulnerability
The remote web server contains a PHP script that is affected by a cross-site scripting issue. The version of Cutenews installed on the remote host fails to sanitize input to the SPDX-FileCopyrightText: 2008 Justin Seitz Some text descriptions might be excerpted from a referenced sources, and are...
Cutenews search.php Cross-Site Scripting Vulnerability
The remote web server contains a PHP script that is affected by a cross-site scripting issue. Description: The version of Cutenews installed on the remote host fails to sanitize input to the 'search.php' script before using it to generate dynamic HTML to be returned to the user. An unauthenticate...
nept-upload.txt
//Title - NEPT Image Uploader shell upload //Vendor - newearthpt.freehostia.com //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. 1. Select a php file for upload 2. Select it for upload, and tamperdata t...
NEPT Image Uploader 1.0 - Arbitrary File Upload
//Title - NEPT Image Uploader shell upload //Vendor - newearthpt.freehostia.com //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. 1. Select a php file for upload 2. Select it for upload, and tamperdata t...
NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability
Exploit for unknown platform in category web applications ============================================================ NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability ============================================================ //Title - NEPT Image Uploader shell upload //Vendor -...
Etomite CMS id Parameter SQL Injection
The remote web server contains a PHP script that is affected by a SQL injection vulnerability. Description: The remote web server is running Etomite CMS, a PHP-based content management system. The version of Etomite CMS installed on the remote host fails to sanitize input to the...
NEPT Image Uploader 1.0 - Arbitrary File Upload
NEPT Image Uploader 1.0 - Arbitrary File Upload //Title - NEPT Image Uploader shell upload //Vendor - newearthpt.freehostia.com //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. 1. Select a php file for...
Admbook PHP Code Injection Flaw
The remote web server contains a PHP script that allows arbitrary code injection. Description : The remote host is running AdmBook, a PHP-based guestbook. The remote version of this software is prone to remote PHP code injection due to a lack of sanitization of the HTTP header 'X-Forwarded-For'...
Segue CMS themesdir Parameter Remote File Include Vulnerability
The remote web server contains a PHP script that is affected by a remote file include issue. Description: The remote web server is running Segue CMS, an open source content management system tailored for educational institutions. The version of Segue CMS installed on the remote host fails to...
Full PHP Emlak Script (arsaprint.php id) SQL Injection Vulnerability
No description provided by source. || | | Full PHP Emlak Script arsaprint.php id Remote SQL Injection Vulnerability | | |-------------------- Hussin X -------------------| | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email: darkangelg85atYahooDoTcom | | | | | | | | script :...
SQL Injection in EasyRealtorPRO 2008
Original article: http://www.davidsopas.com/2008/09/sql-injection-in-easyrealtorpro/ "EasyRealtorPRO 2008 provides you with all features you need to setup your own business oriented real estate website on your own domain name. Our support team will install the script on your server and then you c...
easyrealtor-sql.txt
Original article: http://www.davidsopas.com/2008/09/sql-injection-in-easyrealtorpro/ "EasyRealtorPRO 2008 provides you with all features you need to setup your own business oriented real estate website on your own domain name. Our support team will install the script on your server and then you c...