Netsweeper 4.0.9 - Arbitrary File Upload Execution

Netsweeper 4.0.9 - Arbitrary File Upload Execution +--------------------------------------------------------+ + Netsweeper 4.0.9 - Arbitrary File Upload and Execution + +--------------------------------------------------------+ Affected Product: Netsweeper Vendor Homepage : www.netsweeper.com...

up.time 7.5.0 Upload And Execute File Exploit

Exploit for php platform in category web applications up.time 7.5.0 Upload And Execute File Exploit Vendor: Idera Inc. Product web page: http://www.uptimesoftware.com Affected version: 7.5.0 build 16 and 7.4.0 build 13 Summary: The next-generation of IT monitoring software. Desc: up.time suffers...

Seagate Central Remote Root

!/usr/bin/python seagateftpremoteroot.py Seagate Central Remote Root Exploit Jeremy Brown jbrown3264/gmail May 2015 -Synopsis- Seagate Central by default has a passwordless root account and no option to change it. One way to exploit this is to log into it's ftp server and upload a php shell to th...

Seagate Central Remote Root Exploit

Seagate Central by default has a passwordless root account and no option to change it. This exploit logs into the ftp server and uploads a php shell to the webroot. From there, the uploaded shell can execute commands with root privileges as lighttpd. !/usr/bin/python seagateftpremoteroot.py Seaga...

Seagate Central 2014.0410.0026-F - Remote Command Execution

!/usr/bin/python seagateftpremoteroot.py Seagate Central Remote Root Exploit Jeremy Brown jbrown3264/gmail May 2015 -Synopsis- Seagate Central by default has a passwordless root account and no option to change it. One way to exploit this is to log into it's ftp server and upload a php shell to th...

Wolf CMS 0.8.2 - Arbitrary File Upload

Wolf CMS 0.8.2 - Arbitrary File Upload ?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : Wolf CMS...

WordPress Windows Desktop And iPhone Photo Uploader File Upload

Exploit Title : Wordpress plugin Windows Desktop and iPhone Photo Uploader arbitrary file upload vulnerbility Author : Manish Kishan Tanwar AKA error1046 Home Page : https://wordpress.org/plugins/i-dump-iphone-to-wordpress-photo-uploader/ Download Link :...

WordPress Plugin Windows Desktop and iPhone Photo Uploader - Arbitrary File Upload

Exploit Title : Wordpress plugin Windows Desktop and iPhone Photo Uploader arbitrary file upload vulnerbility Author : Manish Kishan Tanwar AKA error1046 Home Page : https://wordpress.org/plugins/i-dump-iphone-to-wordpress-photo-uploader/ Download Link :...

帝友P2C借贷系统前台getshell#1

简要描述： 帝友P2C借贷系统前台getshell1 详细说明： 这次是帝友公司旗下出的另一套电子商务cms 不是帝友p2p！ 官方最新版本是 帝友P2C借贷系统V1.01 上传头像处存在getshell 已官方演示站做演示 已注册账号，账号密码都是test1a 访问 http://p2c.diyou.cc/?user&m=approve/safe 上传头像，抓包 修改数据包，插入一句话木马，修改后缀为php后缀 虽然回显500，但是phpshell已经上传了 dyupfiles/avatar/diyou/用户id.php 得到...

Incom CMS SQL Injection

Exploit Title: Incom Cms Admin Bypass Vulnerability Google Dork: intext:"incom cms" . intext:"site by overron" . intitle:"INCOM CMS" Date: 2014-12-29 Exploit Author: Xodiak Vendor Homepage: http://facebook.com/xodiakbalckhat Software Link: http://incomcms.com Version: All Version Tested on: Kali ...

IceHrm 7.1 LFI / CSRF / XSS / Shell Upload

IceHrm =7.1 Multiple Vulnerabilities Vendor: IceHRM Product web page: http://www.icehrm.com Affected version: = 7.1 Summary: IceHrm is Human Resource Management web software for small and medium sized organizations. The software is written in PHP. It has community free, commercial and hosted...

Slider Revolution/Showbiz Pro Shell Upload Exploit

Exploit for php platform in category web applications !/usr/bin/perl Title: Slider Revolution/Showbiz Pro shell upload exploit Author: Simo Ben youssef Contact: SimoatMorxploitcom Discovered: 15 October 2014 Coded: 15 October 2014 Updated: 25 November 2014 Published: 25 November 2014 MorXploit...

Immunity Canvas: CVE_2014_5460

Name| CVE20145460 ---|--- CVE| CVE-2014-5460 Exploit Pack| CANVAS Description| CVE-2014-5460 Notes| CVE Name: CVE-2014-5460 VENDOR: Tribulant Changelog: https://wordpress.org/plugins/slideshow-gallery/changelog/ Notes: If the Suhosin-Patch is installed typically announced in the PHP banner the...

Ukora CMS Shell Upload vulnerability

Ukora CMS suffers from a remote shell upload vulnerability. Exploit Title : Ukora CMS Shell Upload vulnerability Author : Jagriti Sahu AKA incredible Vendor : http://ukora.com Download Link : https://github.com/baskuis/ukoracms version affected : all Date : 23/07/2014 Discovered at : IndiShell La...

WordPress CopySafe PDF Protection 0.6 Shell Upload

Exploit Title : Wordpress Plugin CopySafe PDF Protection Shell Upload vulnerability Author : Jagriti Sahu Download Link : http://wordpress.org/support/plugin/wp-copysafe-pdf version affected : 0.6 and below Date : 14/07/2014 Discovered at : IndiShell Lab Love to : Surbhi, Mradula and Harry...

C99Shell (Web Shell) - 'c99.php' Authentication Bypass

Exploit Title: C99 Shell Authentication Bypass via Backdoor Google Dork: inurl:c99.php Date: June 23, 2014 Exploit Author: mandatory Matthew Bryant Vendor Homepage: http://ccteam.ru/ Software Link: https://www.google.com/ Version: ", " ", $donatedhtml; header"WWW-Authenticate: Basic...

C99Shell (Web Shell) - c99.php Authentication Bypass

C99Shell Web Shell - c99.php Authentication Bypass Exploit Title: C99 Shell Authentication Bypass via Backdoor Google Dork: inurl:c99.php Date: June 23, 2014 Exploit Author: mandatory Matthew Bryant Vendor Homepage: http://ccteam.ru/ Software Link: https://www.google.com/ Version: ", " ",...

C99.php Shell Authentication Bypass

Exploit Title: C99 Shell Authentication Bypass via Backdoor Google Dork: inurl:c99.php Date: June 23, 2014 Exploit Author: mandatory Matthew Bryant Vendor Homepage: http://ccteam.ru/ Software Link: https://www.google.com/ Version: ", " ", $donatedhtml; header"WWW-Authenticate: Basic...

Atom CMS Shell Upload / SQL Injection / Bypass Vulnerabilities

Atom CMS suffers from remote shell upload and remote SQL injection vulnerabilities. Exploit Title : Atom CMS SQL Injection and file upload vulnerability Author : Jagriti Sahu Vendor : https://github.com/thedigicraft/Atom.CMS Date : 07/07/2014 Discovered at : IndiShell Lab Love to : Surbhi, Mradul...

Atom CMS Shell Upload / SQL Injection

Exploit Title : Atom CMS SQL Injection and file upload vulnerability Author : Jagriti Sahu Vendor : https://github.com/thedigicraft/Atom.CMS Date : 07/07/2014 Discovered at : IndiShell Lab Love to : Surbhi, Mradula and Harry //////////////////////// /// Overview: //////////////////////// Atom CMS...