950 matches found
BuyClassifiedScript - PHP Code Injection
Exploit Title: buyclassifiedscript PHP code injection vulnerability Date: 25.11.201 Exploit Author: d3b4g Vendor Homepage: http://buyclassifiedscript.com/ Tested on:Windows 7 Blog: d3b4g.me ---------------------------------------------------------------------------------- This vulnerability allow...
CVE-2012-5223
The procdeutf function in includes/functionsvbseocpabstract.php in vBSEO 3.5.0, 3.5.1, 3.5.2, 3.6.0, and earlier allows remote attackers to insert and execute arbitrary PHP code via "complex curly syntax" in the charrepl parameter, which is inserted into a regular expression that is processed by...
ecshop remote code execution vulnerability-vulnerability warning-the black bar safety net
Php code injection Target:http://www. cunlide. com/may is the author of the website ecshop version ominous seems 0 9 awvs sweep of the presence ofsql injection, php code injection, etc. a variety of vulnerabilities. Start test a variety of exp to no avail Php code injection requires a post to...
Am4ss 1.2 PHP Code Injection
10/2011 , Vulnerability discovered till now , i haven't reported the vendor , why!!! The idiot backdoored it by himself + the official site is fucked up ; 19/07/2012 , Public Disclosured C:\labphp am4ss.php localhost /lab/am4ss/ +---------------------------------------+ | Am4SS , PHP Code Injecti...
am4ss Support System 1.2 - PHP Code Injection
am4ss Support System 1.2 - PHP Code Injection 10/2011 , Vulnerability discovered till now , i haven't reported the vendor , why!!! The idiot backdoored it by himself + the official site is fucked up ; 19/07/2012 , Public Disclosured C:\labphp am4ss.php localhost /lab/am4ss/...
Log1 CMS writeInfo() PHP Code Injection
Exploit for php platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Symantec Web Gateway 5.0.2.8 Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Symantec Web...
AzDGDatingMedium 1.9.3 XSS / CSRF / SQL Injection / Directory Traversal
Exploit for php platform in category web applications ================================================= Vulnerable Software: AzDGDatingMedium Version 1.9.3 Official Site: http://www.azdg.com/ ================================================= ================================================= Teste...
AzDGDatingMedium 1.9.3 XSS / CSRF / SQL Injection / Directory Traversal
================================================= Vulnerable Software: AzDGDatingMedium Version 1.9.3 Official Site: http://www.azdg.com/ ================================================= ================================================= Tested: php.ini MAGICQUOTESGPC OFF Safe mode off / OS:...
Small-Cms - hostname Remote PHP Code Injection
Small-Cms - hostname Remote PHP Code Injection source: https://www.securityfocus.com/bid/53703/info Small-Cms is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the webserver process. This may...
phpList 2.10.9 - 'Sajax.php' PHP Code Injection
source: https://www.securityfocus.com/bid/53693/info PHPList is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may facilitate a compromise of the application and the...
WeBid converter.php Remote PHP Code Injection
This module exploits a vulnerability found in WeBid version 1.0.2. By abusing the converter.php file, a malicious user can inject PHP code in the includes/currencies.php script without any authentication, which results in arbitrary code execution. This module requires Metasploit:...
Active Collab 'chat module' < 2.3.8 - Remote PHP Code Injection (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Active Collab "chat module" %q This...
SilverStripe CMS 2.4.7 - 'install.php' PHP Code Injection
source: https://www.securityfocus.com/bid/53282/info SilverStripe is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the affected application. This may facilitate a compromise of the application and...
WebCalendar <= 1.2.4 Multiple Vulnerabilities - Active Check
WebCalendar is prone to multiple input validation vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
WebCalendar 1.2.4 - Remote Code Execution
WebCalendar 1.2.4 - Remote Code Execution ?php / ----------------------------------------------------------------------- WebCalendar = 1.2.4 install/index.php Remote Code Executionn Exploit ----------------------------------------------------------------------- author..........: Egidio Romano aka...
swDesk Multiple Input Validation Vulnerabilities
swDesk is prone to the following vulnerabilities: 1. An arbitrary file-upload vulnerability. 2. Multiple cross-site scripting vulnerabilities. 3. Multiple PHP code-injection vulnerabilities. An attacker can exploit these issues to execute arbitrary script code in the context of the affected site,...
swDesk Multiple Input Validation Vulnerabilities
swDesk is prone to the following vulnerabilities: 1. An arbitrary file-upload vulnerability. 2. Multiple cross-site scripting vulnerabilities. 3. Multiple PHP code-injection vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced...
swDesk Shell Upload / Code Injection / XSS
Title : swDesk Multi Vulnerability Author : Red Security TEAM Date : 01/02/2012 Risk : High Vendor : http://www.swdesk.com/ Demo : http://www.swdesk.com/demo/swdesk/ Tested On : Apache Contact : Info 4t RedSecurity d0t COM Home : http://RedSecurity.COM Exploit : I. Arbitrary File Upload...
swDesk Multi Vulnerability
Exploit for php platform in category web applications Title : swDesk Multi Vulnerability Author : Red Security TEAM Date : 01/02/2012 Risk : High Vendor : http://www.swdesk.com/ Tested On : Apache Contact : Info 4t RedSecurity d0t COM Home : http://RedSecurity.COM Exploit : I. Arbitrary File Uplo...