737 matches found
AzDGDatingMedium 1.9.3 XSS / CSRF / SQL Injection / Directory Traversal
Exploit for php platform in category web applications ================================================= Vulnerable Software: AzDGDatingMedium Version 1.9.3 Official Site: http://www.azdg.com/ ================================================= ================================================= Teste...
b2ePMS 1.0 multiple SQLi Vulnerabilities
Exploit for php platform in category web applications Title: b2ePMS 1.0 multiple SQLi Vulnerabilities Version: 1.0 Author/Found by: loneferret Manifacturer/Software link: https://developer.berlios.de/projects/b2epms/ Other vulnerability: http://www.exploit-db.com/exploits/18882/ Date found: May...
AzDGDatingMedium 1.9.3 XSS / CSRF / SQL Injection / Directory Traversal
================================================= Vulnerable Software: AzDGDatingMedium Version 1.9.3 Official Site: http://www.azdg.com/ ================================================= ================================================= Tested: php.ini MAGICQUOTESGPC OFF Safe mode off / OS:...
Feifei television systems PHP version v1. 9 injection exploit-vulnerability warning-the black bar safety net
Article author: honglousy Yesterday the whole hacking Forum next station on the program, found that people also really many. Simply write the exp. Boring as... ? php / Fly fly video management system SQL injection Feifei television systems PHP version v1. 9 injection exploit by:www.08sec.com fans...
PHPCollab 2.5 Unauthenticated Access
Date: 3/5/2012 Author: team ' and 1=1-- Software Link: http://www.phpcollab.com/ Version: 2.5 Vulnerability was found during the AthCon IT Security Conference CTF CTF organizer: echothrust We identified that the PhpCollab application installed under http://192.0.0.2/phpcollab/ allows the...
PHP version 5.4.3 code execution exploit for Win32
No description provided by source. // Exploit Title: PHP 5.4 5.4.3 Code Execution 0day Win32 // Exploit author: 0in Maksymilian Motyl // Email: 0indotemailatgmail.com // Bug with Variant type parsing originally discovered by Condis // Tested on Windows XP SP3 fully patched Polish...
PHP 5.3.x < 5.3.13 CGI Query String Code Execution
According to its banner, the version of PHP installed on the remote host is 5.3.x earlier than 5.3.13 and, as such, is potentially affected by a remote code execution and information disclosure vulnerability. The fix for CVE-2012-1823 does not completely correct the CGI query vulnerability...
opencart 1.5.2.1 - Multiple Vulnerabilities
opencart 1.5.2.1 - Multiple Vulnerabilities Author: Janek Vind "waraxe" Date: 06. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-84.html Description of vulnerable software: OpenCart is a turn-key ready "out of the box" shopping cart solution. You simply install, select you...
opencart 1.5.2.1 - Multiple Vulnerabilities
Author: Janek Vind "waraxe" Date: 06. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-84.html Description of vulnerable software: OpenCart is a turn-key ready "out of the box" shopping cart solution. You simply install, select your template, add products and your ready to...
MySQLDumper 1.24.4 Multiple Vulnerabilities
Exploit for php platform in category web applications ================================================================================================ Vulnerable Software: MySQLDumper Version 1.24.4 Downloaded from: http://sourceforge.net/projects/mysqldumper/files/ MD5 SUM:...
Seditio Build 161 Cross Site Scripting / Information Disclosure
========================================================== Vulnerable Software: seditio-build161 ========================================================== Downloaded from:http://neocrome.net/page.php?id=2447&a=dl md5sum sed.rar aad96010a15f0c38e5cc321f8a91dd1b seditio-build161.rar...
phpMoneyBooks 1.0.2 Local File Inclusion
Exploit for php platform in category web applications 'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - email protected I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a...
Toenda CMS 1.6.2 Osaka Stable Local File Inclusion
============TOENDA CMS 1.6.2 OSAKA "STABLE" MULTIPLE VULNERABILITIES============ Vulnerable Software: toendaCMS1.6.2OsakaStable Developed by: http://www.toendacms.org/index.php/en/open/download.html toenda.com http://www.toendacms.org/index.php/en/open/download.html Downloaded from:...
PHP 5.3.9 'php_register_variable_ex()' Code Execution (intrusive check)
The remote host is running a version of PHP that is affected by an arbitrary code execution vulnerability. Specifically, the fix for the hash collision denial of service vulnerability CVE-2011-4885 introduces a remote code execution vulnerability in the function 'phpregistervariableex' in the fil...
CVE-2012-0057
PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension...
PHP < 5.3.9 Multiple Vulnerabilities
Binary data 6263.prm...
PHP Version 5 Hash Collision Form Parameter Parsing Remote DoS
Binary data php5hashcollisiondos.nbin...
Code injection
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service CPU consumption by sending many crafted parameters...
PHP 5.1.x < 5.1.5 Multiple Vulnerabilities
According to its banner, the version of PHP 5.x installed on the remote host is older than 5.1.5. Such versions may be affected by the following vulnerabilities : - The c-client library 2000, 2001, or 2004 for PHP does not check the safemode or openbasedir functions. CVE-2006-1017 - A buffer...
UBUNTU-CVE-2011-4078
include/iniset.php in Roundcube Webmail 0.5.4 and earlier, when PHP 5.3.7 or 5.3.8 is used, allows remote attackers to trigger a GET request for an arbitrary URL, and cause a denial of service resource consumption and inbox outage, via a Subject header containing only a URL, a related issue to...