Easy Banner Pro (index.php page) Local File Inclusion

Exploit for php platform in category web applications ----------------------------------------------------------- Easy Banner Pro index.php page Local file inclusion Bug discovered by Yakir Wizman Date 24/08/2012 Vendor Homepage - http://www.phpwebscripts.com/easybannerpro/ Demo -...

Text Exchange Pro - index.php Local File Inclusion

Text Exchange Pro - index.php Local File Inclusion ----------------------------------------------------------- Text Exchange Pro index.php page Local file inclusion Bug discovered by Yakir Wizman Date 24/08/2012 Vendor Homepage - http://www.phpwebscripts.com/text-exchange-pro/ Demo -...

Symantec Web Gateway Management Console Remote Shell Command Execution (CVE-2012-0297)

A remote command execution vulnerability has been reported in Symantec Web Gateway. The vulnerability is due to improper input validation by the web server. A remote attacker can exploit this issue by sending a specially crafted HTTP request to the affected server. Successful exploitation could...

Classified Ads Script PHP - admin.php Multiple SQL Injections

Classified Ads Script PHP - admin.php Multiple SQL Injections source: https://www.securityfocus.com/bid/54299/info Classified Ads Script PHP is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. A...

Commentics 2.0 <= Multiple Vulnerabilities

Commentics 2.0 = Multiple Vulnerabilities Discovered by: Jean Pascal Pereira [email protected] Vendor information: "Commentics is a free, advanced PHP comment script with many features. Professionally written and with open source code, its main aims are to be integrable, customizable and secure."...

Arbitrary File Upload/Execution in Collabtive

TITLE: Arbitrary File Upload/Execution in Collabtive DATE: 06-04-2012 PRODUCT: Collabtive Web-Based Project Management Software http://collabtive.o-dyn.de/ VERSIONS: 0.7.5, 0.6.1 confirmed. All versions = 0.7.5 probable RESEARCHER: Mark Hoopes [email protected]/ ADDITIONAL INFORMATION:...

QuickBlog v0.8 CMS - Multiple Web Vulnerabilities

Title: ====== QuickBlog v0.8 CMS - Multiple Web Vulnerabilities Date: ===== 2012-05-12 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=567 VL-ID: ===== 567 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= QuickBlo...

WordPress Foxypress Plugin 'uploadify.php' Arbitrary File Upload Vulnerability

WordPress Foxypress Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

SN News 1.2 - 'visualiza.php' SQL Injection

\n"; echo "Example:\n"; echo "php $argv0 http://www.website.com/snnews\n"; exit; $target = $argv1; ifsubstr$target, strlen$target-1!="/" $target .= "/"; $inject = $target . "visualiza.php?id=-0'%20"; $token = uniqid; $tokenhex = hex$token; echo " Trying to get informations...\n"; $infos =...

Mnews 1.1 SQL injection

\n"; echo "Example:\n"; echo "php $argv0 http://www.website.com/mnews\n"; exit; $target = $argv1; ifsubstr$target, strlen$target-1!="/" $target .= "/"; $inject = $target . "view.php?id=-0'%20"; $token = uniqid; $tokenhex = hex$token; echo " Trying to get informations...\n"; $infos =...

Cells Blog CMS v1.1 - Multiple Web Vulnerabilities

Document Title: =============== Cells Blog CMS v1.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=591 Release Date: ============= 2012-06-04 Vulnerability Laboratory ID VL-ID: ==================================== 591 Comm...

Cells Blog CMS v1.1 - Multiple Web Vulnerabilities

Document Title: =============== Cells Blog CMS v1.1 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=591 Release Date: ============= 2012-06-04 Vulnerability Laboratory ID VL-ID: ==================================== 591 Comm...

Cryptographp Local File Inclusion / HTTP Response Splitting

Exploit for php platform in category web applications During a security assessment, I’ve found that my target was using Cryptographp which is a PHP script used for generate « captchas ». It was easily noticeable when I’ve found the following URL: http://WWWW/cryptographp.inc.php?cfg=XX&sn=YYYY&ZZ...

Cryptographp Local File Inclusion / HTTP Response Splitting

During a security assessment, I’ve found that my target was using Cryptographp which is a PHP script used for generate « captchas ». It was easily noticeable when I’ve found the following URL: http://WWWW/cryptographp.inc.php?cfg=XX&sn=YYYY&ZZZZ So I've decided to take a look at the source code a...

backupDB() v1.2.7a (onlyDB) Remote XSS Vulnerability

Summary backupDB is a PHP script that backs up MySQL tables and databases to a file uncompressed, gzip, bzip2 for easy daily backup. Description backupDB is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to...

backupDB() v1.2.7a (onlyDB) Remote XSS Vulnerability

Exploit for php platform in category web applications backupDB v1.2.7a onlyDB Remote XSS Vulnerability Vendor: SiliSoftware Product web page: http://www.silisoftware.com Affected version: 1.2.7a-201108021626 Summary: backupDB is a PHP script that backs up MySQL tables and databases to a file...

Coupon Script v6.0 - SQL Injection Vulnerability

Document Title: =============== Coupon Script v6.0 - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=572 Release Date: ============= 2012-05-15 Vulnerability Laboratory ID VL-ID: ==================================== 572 Common...

Kerio WinRoute Firewall Web Server < 6 - Source Code Disclosure

Exploit Title: Kerio WinRoute Firewall Embedded Web ServerVersion: Source Code Disclosure Google Dork: Date: 10.05.2012 Author: Eugene Salov, Andrey Komarov Group-IB, http://group-ib.ru Software Link: http://winroute.ru/keriowinroutefirewall.htm Version: prior to 6 Tested on: Microsoft Windows CV...

. the svn directory does not have permissions to restrict the use of loopholes in the summary(including the repair program)-vulnerability warning-the black bar safety net

The existing site use. svn to do a production environment version control, however. the svn directory does not have to do the access restrictions, you can through the. svn/entries to traverse the file and directory list. In order to save energy, I wrote a php scripthttp://rains.im/?q=node/18to do...

CVE-2011-5083

Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows remote attackers to execute arbitrary code by uploading a file with an executable PHP extension, then accessing it via a direct request to the file in an unspecified directory...