1414 matches found
WordPress <= 1.3.1 - Remote Code Execution
Because of this vulnerability, the authenticated users with manageoptions and uploadfiles capabilities can execute arbitrary code by uploading a PHP script. Solution Update WordPress...
Max's Guestbook (XSS) Remote Vulnerability
Discovered by: GTADarkDude Disconvered on: 10 December 2008 Name: Max's Guestbook Version: 1.0 URL: http://www.phpf1.com/product/php-guestbook-script.html URL2: http://www.hotscripts.com/Detailed/78571.html Google Search: intitle:"Max's Guestbook" powered-by-PHP-F1 File maxGuestbook.class...
Social Groupie (create_album.php) Remote File Upload Vulnerability
No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...
Netref 4.0 Multiple Remote SQL Injection Vulnerabilities
No description provided by source. SuB-ZeRo Dz-hackers Netref 4.0 Remote SQL Injection Vulnerability ----------------------------------------------------------------------------------------------------------- +Discovred by : SuB-ZeRo +Vendor URL : www.netref.net +downloader :...
Netref 4.0 - Multiple SQL Injections
Netref 4.0 - Multiple SQL Injections SuB-ZeRo Dz-hackers Netref 4.0 Remote SQL Injection Vulnerability ----------------------------------------------------------------------------------------------------------- +Discovred by : SuB-ZeRo +Vendor URL : www.netref.net +downloader :...
Netref 4.0 Multiple Remote SQL Injection Vulnerabilities
Exploit for unknown platform in category web applications ======================================================== Netref 4.0 Multiple Remote SQL Injection Vulnerabilities ======================================================== Netref 4.0 Remote SQL Injection Vulnerability...
fuzzylime303-lfi.txt
/ --+---=+--==+++++ -- FuzzyLime 3.03 Local File Iclude PoC -0- -======+++++---'''' -- Vuln - code/track.php $m = $GETm; $p = $GETp; //1 include "settings.inc.php"; if!isset$POSTurl || !isset$POSTtitle || !isset$POSTexcerpt //2 header"Location: $rooturlindex.php?s=news&p=$p&m=$m"; else...
ToursManager (tourview.php tourid) Blind SQL Injection Vulnerability
No description provided by source. Name:-- ToursManager PhP Script = Blind Sql Injection Discovered by:-- XaDoS ContacT m&:-- xadosathotmail.it Site:-- http://www.toursmanager.com ■ £XpLoIT: |: http://www.demosite.com/tourview.php?tourid=2%20and%201=1-- true |:...
toursmanager-blindsql.txt
Name:-- ToursManager PhP Script Discovered by:-- XaDoS ContacT m&:-- xadosathotmail.it Site:-- http://www.toursmanager.com ■ £XpLoIT: |: http://www.demosite.com/tourview.php?tourid=2%20and%201=1-- true |: http://www.demosite.com/tourview.php?tourid=2%20and%201=0-- false Version: |:...
Aj Classifieds - Authentication Bypass
Aj Classifieds - Authentication Bypass ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
YourFreeWorld Short Url & Url Tracker - SQL Injection
Short Url & Url Tracker id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script : http://www.yourfreeworld.com/script/shorturl.php DorK : inurl:"tr.php?id=" Short Url & Url Tracker Exploit :...
elkagroup-sql.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= elkagroup Image Gallery v1.0 view.php cid Remote SQL Injection Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Script: Image Gallery v1.0 Language: PHP...
zubrag-upload.txt
//Title - Zubrag Uploader 1.0 Arbitrary Shell Upload Vulnerability //Vendor - zubrag.com/scripts/file-upload-form.php //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. The script attempts to hide the...
NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability
No description provided by source. //Title - NEPT Image Uploader shell upload //Vendor - newearthpt.freehostia.com //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. 1. Select a php file for upload 2...
NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability
Exploit for unknown platform in category web applications ============================================================ NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability ============================================================ //Title - NEPT Image Uploader shell upload //Vendor -...
Cutenews search.php Cross-Site Scripting Vulnerability
The remote web server contains a PHP script that is affected by a cross-site scripting issue. Description: The version of Cutenews installed on the remote host fails to sanitize input to the 'search.php' script before using it to generate dynamic HTML to be returned to the user. An unauthenticate...
Segue CMS themesdir Parameter Remote File Include Vulnerability
The remote web server contains a PHP script that is affected by a remote file include issue. Description: The remote web server is running Segue CMS, an open source content management system tailored for educational institutions. The version of Segue CMS installed on the remote host fails to...
NEPT Image Uploader 1.0 - Arbitrary File Upload
NEPT Image Uploader 1.0 - Arbitrary File Upload //Title - NEPT Image Uploader shell upload //Vendor - newearthpt.freehostia.com //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. 1. Select a php file for...
nept-upload.txt
//Title - NEPT Image Uploader shell upload //Vendor - newearthpt.freehostia.com //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. 1. Select a php file for upload 2. Select it for upload, and tamperdata t...
Admbook PHP Code Injection Flaw
The remote web server contains a PHP script that allows arbitrary code injection. Description : The remote host is running AdmBook, a PHP-based guestbook. The remote version of this software is prone to remote PHP code injection due to a lack of sanitization of the HTTP header 'X-Forwarded-For'...