Online store PHP script - Multiple Cross-Site Scripting / SQL Injections

source: https://www.securityfocus.com/bid/46960/info Online store php script is prone to multiple cross-site scripting and SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues could allow an attacker to steal cookie-based authenticati...

Online Store PHP Script By Goran Cross Site Scripting

f0und by: kurdish hackers team group: kurd-team c0ntact: [email protected] site: www.kurdteam.org ================================= ==============script=============== ================================= script: Online Store d0rk:Copyrights © 2009 - Online Store. All rights reserved. Powered by:...

Automne 4.1.0 Race Condition

// ------------------------------------------------------------------------ // Software................Automne 4.1.0 // Vulnerability...........Race Condition // Threat Level............Very Critical 5/5 // Download................http://en.automne-cms.org/ // Release Date............3/2/2011 //...

Raja Natarajan Guestbook 1.0 - Local File Inclusion

Raja Natarajan GUestbook 1.0 Local File Inclusion Exploit App: http://sourceforge.net/projects/phpscript/files/phpscript/Raja%20Guestbook/guestbook1.0.zip/download Author: h0rd Vuln: http://127.0.0.1/guestbook/add.php?lang=../../../../../../../../../../../../../../../etc/passwd%00 Thx: cr4wl3r,...

NetLink Shell Upload

====================================== NetLink Remote Arbitrary File Upload Vulnerability Download: http://sourceforge.net/projects/kp-netlink/ by lumut-- Homepage: lumutcherenza.biz ====================================== upload.php "; echo ""; echo "Filename: ".$filename; echo "File Type:...

NetLink - Arbitrary File Upload

====================================== NetLink Remote Arbitrary File Upload Vulnerability Download: http://sourceforge.net/projects/kp-netlink/ by lumut-- Homepage: lumutcherenza.biz ====================================== upload.php "; echo ""; echo "Filename: ".$filename; echo "File Type:...

PHP Script Directory Software (sbcat_id) SQL Injection Vulnerability

Exploit for php platform in category web applications == Author: BorN To K!LL - h4ck3r Contact: email protected == Script: PHP script directory software Version: n/a Link: http://www.softbizsolutions.com/script-directory-software.php == 3xploit: path/showcats.php?sbcatid=SQL-Injection 3xample:...

PHP Script Directory Software SQL Injection

== Author: BorN To K!LL - h4ck3r Contact: [email protected] == Script: PHP script directory software Version: n/a Link: http://www.softbizsolutions.com/script-directory-software.php == 3xploit: path/showcats.php?sbcatid=SQL-Injection 3xample:...

PHP Script Directory Software - sbcat_id SQL Injection

PHP Script Directory Software - sbcatid SQL Injection == Author: BorN To K!LL - h4ck3r Contact: [email protected] == Script: PHP script directory software Version: n/a Link: http://www.softbizsolutions.com/script-directory-software.php == 3xploit: path/showcats.php?sbcatid=SQL-Injection 3xample:...

PHP Script Directory Software - 'sbcat_id' SQL Injection

== Author: BorN To K!LL - h4ck3r Contact: [email protected] == Script: PHP script directory software Version: n/a Link: http://www.softbizsolutions.com/script-directory-software.php == 3xploit: path/showcats.php?sbcatid=SQL-Injection 3xample:...

[SECURITY] Fedora 14 Update: php-eaccelerator-0.9.6.1-4.fc14

eAccelerator is a further development of the MMCache PHP Accelerator & Enco der. It increases performance of PHP scripts by caching them in compiled state, so that the overhead of compiling is almost completely eliminated...

Hexjector 1.0.7.5 Rev34 Latest Version Download !

"Hexjector is an open-source, multi-platform PHP script to automate site penetration tests for SQL Injection Vulnerabilities." This is the updated change log: ErrorCheck, HexDorker, HexaFind, HexDumper, HexaCurD, Hexdumpfile, Hexoutfile, Hexloader, and WAFDetector have all been updated. HexaFind ...

Projekt Shop - 'details.php' Multiple SQL Injections

+Name : Projekt Shop details.php www.cyber-warrior.org +Greetz to All System-Hacker, BlackApple , F0RTYS3V3N and All KinqSqlZCrew Members --------------------------------------------------------------------------------------- Bize kafa tutarmış büyük hacker, Kimlik yaşı 18 akıl yaşı 1 sen giderke...

Orbis CMS 1.0.2 Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications =================================================== Orbis CMS 1.0.2 Arbitrary File Upload Vulnerability =================================================== 'Orbis CMS' Arbitrary Script Execution Vulnerability CVE-2010-4313 Mark Stanislav -...

'Orbis CMS' Arbitrary Script Execution Vulnerability (CVE-2010-4313)

'Orbis CMS' Arbitrary Script Execution Vulnerability CVE-2010-4313 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Orbis CMS' filemanfileupload.php script that allows any authenticated user to upload a PHP script and...

Orbis CMS 1.0.2 - Arbitrary File Upload

Orbis CMS 1.0.2 - Arbitrary File Upload 'Orbis CMS' Arbitrary Script Execution Vulnerability CVE-2010-4313 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Orbis CMS' filemanfileupload.php script that allows any...

Orbis CMS 1.0.2 - Arbitrary File Upload

'Orbis CMS' Arbitrary Script Execution Vulnerability CVE-2010-4313 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Orbis CMS' filemanfileupload.php script that allows any authenticated user to upload a PHP script and...

D-Link DIR-300 Authentication Bypass

\n"; exit; $ch=curlinit; curlsetopt$ch, CURLOPTURL, "http://".$argv1."/toolsadmin.php"; curlsetopt$ch, CURLOPTRETURNTRANSFER, true; curlsetopt$ch, CURLOPTPORT, $argv2; curlsetopt$ch, CURLOPTPOST, 1; curlsetopt$ch,...

TFTgallery 0.13.1 - Local File Inclusion

TFTgallery 0.13.1 - Local File Inclusion TFTgallery gmailcom registerglobals=On Who said "what a useless vulnerability!" = "includeonce "language/" . $adminlangfile;" @thumbnailformpost.inc.php line 3 for the win ;...

Ubuntu Drupal Theme - Brown images/layout/gradient.php File Disclosure

The version of the Ubuntu Drupal Theme - Brown installed on the Drupal install on the remote host does not properly sanitize user-supplied input to the 'start' and 'end' parameters of the 'images/layout/gradient.php' script before using it to return the contents of a file. A remote, unauthenticat...