Netref 4.0 Multiple Remote SQL Injection Vulnerabilities

Exploit for unknown platform in category web applications ======================================================== Netref 4.0 Multiple Remote SQL Injection Vulnerabilities ======================================================== Netref 4.0 Remote SQL Injection Vulnerability...

Netref 4.0 - Multiple SQL Injections

Netref 4.0 - Multiple SQL Injections SuB-ZeRo Dz-hackers Netref 4.0 Remote SQL Injection Vulnerability ----------------------------------------------------------------------------------------------------------- +Discovred by : SuB-ZeRo +Vendor URL : www.netref.net +downloader :...

fuzzylime303-lfi.txt

/ --+---=+--==+++++ -- FuzzyLime 3.03 Local File Iclude PoC -0- -======+++++---'''' -- Vuln - code/track.php $m = $GETm; $p = $GETp; //1 include "settings.inc.php"; if!isset$POSTurl || !isset$POSTtitle || !isset$POSTexcerpt //2 header"Location: $rooturlindex.php?s=news&p=$p&m=$m"; else...

ToursManager (tourview.php tourid) Blind SQL Injection Vulnerability

No description provided by source. Name:-- ToursManager PhP Script = Blind Sql Injection Discovered by:-- XaDoS ContacT m&:-- xadosathotmail.it Site:-- http://www.toursmanager.com ■ £XpLoIT: |: http://www.demosite.com/tourview.php?tourid=2%20and%201=1-- true |:...

toursmanager-blindsql.txt

Name:-- ToursManager PhP Script Discovered by:-- XaDoS ContacT m&:-- xadosathotmail.it Site:-- http://www.toursmanager.com ■ £XpLoIT: |: http://www.demosite.com/tourview.php?tourid=2%20and%201=1-- true |: http://www.demosite.com/tourview.php?tourid=2%20and%201=0-- false Version: |:...

Aj Classifieds - Authentication Bypass

Aj Classifieds - Authentication Bypass ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...

YourFreeWorld Short Url & Url Tracker - SQL Injection

Short Url & Url Tracker id Remote SQL Injection Vulnerability Author: Hussin X Home : www.IQ-TY.com & www.TrYaG.cc script : http://www.yourfreeworld.com/script/shorturl.php DorK : inurl:"tr.php?id=" Short Url & Url Tracker Exploit :...

elkagroup-sql.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= elkagroup Image Gallery v1.0 view.php cid Remote SQL Injection Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Script: Image Gallery v1.0 Language: PHP...

zubrag-upload.txt

//Title - Zubrag Uploader 1.0 Arbitrary Shell Upload Vulnerability //Vendor - zubrag.com/scripts/file-upload-form.php //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. The script attempts to hide the...

NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability

No description provided by source. //Title - NEPT Image Uploader shell upload //Vendor - newearthpt.freehostia.com //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. 1. Select a php file for upload 2...

CuteNews search.php Cross-Site Scripting Vulnerability

The remote web server contains a PHP script that is affected by a cross-site scripting issue. The version of Cutenews installed on the remote host fails to sanitize input to the SPDX-FileCopyrightText: 2008 Justin Seitz Some text descriptions might be excerpted from a referenced sources, and are...

nept-upload.txt

//Title - NEPT Image Uploader shell upload //Vendor - newearthpt.freehostia.com //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. 1. Select a php file for upload 2. Select it for upload, and tamperdata t...

Cutenews search.php Cross-Site Scripting Vulnerability

The remote web server contains a PHP script that is affected by a cross-site scripting issue. Description: The version of Cutenews installed on the remote host fails to sanitize input to the 'search.php' script before using it to generate dynamic HTML to be returned to the user. An unauthenticate...

NEPT Image Uploader 1.0 - Arbitrary File Upload

//Title - NEPT Image Uploader shell upload //Vendor - newearthpt.freehostia.com //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. 1. Select a php file for upload 2. Select it for upload, and tamperdata t...

Etomite CMS id Parameter SQL Injection

The remote web server contains a PHP script that is affected by a SQL injection vulnerability. Description: The remote web server is running Etomite CMS, a PHP-based content management system. The version of Etomite CMS installed on the remote host fails to sanitize input to the...

NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability

Exploit for unknown platform in category web applications ============================================================ NEPT Image Uploader 1.0 Arbitrary Shell Upload Vulnerability ============================================================ //Title - NEPT Image Uploader shell upload //Vendor -...

NEPT Image Uploader 1.0 - Arbitrary File Upload

NEPT Image Uploader 1.0 - Arbitrary File Upload //Title - NEPT Image Uploader shell upload //Vendor - newearthpt.freehostia.com //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. 1. Select a php file for...

Admbook PHP Code Injection Flaw

The remote web server contains a PHP script that allows arbitrary code injection. Description : The remote host is running AdmBook, a PHP-based guestbook. The remote version of this software is prone to remote PHP code injection due to a lack of sanitization of the HTTP header 'X-Forwarded-For'...

Segue CMS themesdir Parameter Remote File Include Vulnerability

The remote web server contains a PHP script that is affected by a remote file include issue. Description: The remote web server is running Segue CMS, an open source content management system tailored for educational institutions. The version of Segue CMS installed on the remote host fails to...

Full PHP Emlak Script (arsaprint.php id) SQL Injection Vulnerability

No description provided by source. || | | Full PHP Emlak Script arsaprint.php id Remote SQL Injection Vulnerability | | |-------------------- Hussin X -------------------| | | Author: Hussin X | | Home : WwW.IQ-ty.CoM | | email: darkangelg85atYahooDoTcom | | | | | | | | script :...