Sphider 1.4.3 Command Execution

=============================== sphider Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 + Discovered By : Inj3ct0r + Site : Inj3ct0r.com + support e-mail : submitatinj3ct0r.com Username and...

eLinks SQL Injection / XSS / LFI

===================================================================== eLinks Vulnerabilities blind sql inj / xss / LFI by Inj3ct0r.com ===================================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ ...

Remote file inclusion

PHP remote file inclusion vulnerability in admin/plugins/OnlineUsers/main.php in PageTree CMS 0.0.2 BETA 0001 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSPTConfigdirdata parameter...

CVE-2008-7067

The CVE-2008-7067 issue affects PageTree CMS 0.0.2 BETA 0001, where a PHP remote file inclusion is possible through the parameter GLOBALS[PT_Config][dir][data] in admin/plugins/Online_Users/main.php. This allows an attacker to execute arbitrary PHP code on the server. The vulnerability is evidenc...

CVE-2008-7073

PHP remote file inclusion vulnerability in lib/action/rss.php in RSS module 0.1 for Pie Web Ma,esher, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lib parameter...

GLSA-200908-09 : DokuWiki: Local file inclusion

The remote host is affected by the vulnerability described in GLSA-200908-09 DokuWiki: Local file inclusion girex reported that data from the 'configcascade' parameter in inc/init.php is not properly sanitized before being used. Impact : A remote attacker could exploit this vulnerability to execu...

CVE-2008-7005

include/modules/top/1-randomquote.php in Minb Is Not a Blog minb 0.1.0 allows remote attackers to execute arbitrary PHP code via the quotestoedit parameter. NOTE: this issue has been reported as an unrestricted file upload by some sources, but that is a potential consequence of code execution...

Code injection

modules/tool/hitcounter.php in devalcms 1.4a allows remote attackers to execute arbitrary PHP code via the HTTP Referer header with a target file specified in the gvfolderdata parameter, as demonstrated by modifying modules/tool/url2header.php...

WAP-Motor 18.0 File Inclusion

=============================================================== Wap-motor Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 + Discovered By : Inj3ct0r + Site : Inj3ct0r.com + support e-mail :...

CVE-2009-2852

WP-Syntax plugin 0.9.1 and earlier for Wordpress, with registerglobals enabled, allows remote attackers to execute arbitrary PHP code via the testfilterwphead array parameter to test/index.php, which is used in a call to the calluserfuncarray function...

CVE-2009-2852

WP-Syntax plugin 0.9.1 and earlier for Wordpress, with registerglobals enabled, allows remote attackers to execute arbitrary PHP code via the testfilterwphead array parameter to test/index.php, which is used in a call to the calluserfuncarray function...

BaBB 2.8 Code Injection

!usr/bin/python BaBB 2.8 Full Code Injection Exploit AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://IrCrash.com My Official WebSite : http://R3dW0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Download :...

WordPress WP-Syntax 0.9.1 Command Execution

============================================================ Wordpress Plugin WP-Syntax Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 + Discovered By : Inj3ct0r + Site : Inj3ct0r.com +...

Ignition 1.2 (comment) Remote Code Injection Vulnerability

Exploit for unknown platform in category web applications ========================================================== Ignition 1.2 comment Remote Code Injection Vulnerability ========================================================== Ignition Remote Code Execution AUTHOR : Sina Yazdanmehr R3d.W0rm...

Ignition 1.2 - comment Remote Code Injection

Ignition 1.2 - comment Remote Code Injection Ignition Remote Code Execution AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://IrCrash.com My Official WebSite : http://R3dW0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Downlo...

Ignition 1.2 - 'comment' Remote Code Injection

Ignition Remote Code Execution AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://IrCrash.com My Official WebSite : http://R3dW0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Download :...

Code injection

wap/index.php in Crossday Discuz! Board 6.x and 7.x allows remote authenticated users to execute arbitrary PHP code via the creditsformula parameter...

CVE-2008-6956

Static code injection vulnerability in admin/admin.php in mxCamArchive 2.2 allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description parameter, which is executed by invocation of index.php. NOTE: some of these details are obtained from...

Code injection

Static code injection vulnerability in admin/admin.php in mxCamArchive 2.2 allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description parameter, which is executed by invocation of index.php. NOTE: some of these details are obtained from...

CVE-2008-6956

CVE-2008-6956 affects mxCamArchive 2.2 in the admin/admin.php component. It is a static code injection vulnerability that allows remote authenticated administrators to inject arbitrary PHP code into an unspecified program via the description parameter, with execution triggered by index.php. The C...