257 matches found
phpShop <= 0.8.1 - Remote SQL injection / Filter Bypass Vulnerabilities
No description provided by source. Vendor : PHPShop Webiste : http://www.phpshop.org Version : v0.8.1 Author: the redc0ders / theredc0dersatgmaildotcom Condition: magicquotegpc = off , in php.ini setting Details : ========== Vulnerable Code in index.php near lines 98 - 128 code // basic SQL injec...
Pre News Manager <= 1.0 (index.php id) SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV97$2008 ----------------------------------------------------------------------------------------- ECHOADV97$2008 Pre News Manager = 1.0 index.php id Sql Injection...
Crux Gallery <= 1.32 (index.php theme) Local File Inclusion Vulnerability
========================================================= ? Crux Gallery Osirys and darkjoker 14. $m = $GET'm'; 15. $p = $GET'p'; 16. $dir = $GET'dir'; 17. requireonce"main.php"; 18. requireonce"themes/".$theme."/theme.php"; $theme isn't declared, so you can include any file...
unclassified newsboard 1.6.4 - Multiple Vulnerabilities
No description provided by source. Author girex Homepage girex.altervista.org Date 31/05/2009 CMS Unclassified NewsBoard 1.6.4 and maybe lower Dork This board is powered by the Unclassified NewsBoard software, 1.6.4 Multiple remote vulnerabilities 1 Remote SQL Injection php.ini regardless 2 Logs...
flatnux 2009-03-27 (upload/id) Multiple Vulnerabilities
No description provided by source. Author: girex Homepage: girex.altervista.org Date: 17/04/2009 CMS: flatnux-2009-03-27 site: flatnux.altervista.org Bugs: Multiple remote vulnerabilities Flatnux suffers of multiple local file inclusions: output of my scanner Line: 10 File:...
ProfileCMS <= 1.0 (id) Remote SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV84$2007 ----------------------------------------------------------------------------------------- ECHOADV84$2007 ProfileCMS = 1.0 Remote SQL Injection Vulnerability...
Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV94$2008 ----------------------------------------------------------------------------------------- ECHOADV94$2008 Kmita Mail = 3.0 file Remote File Inclusion Vulnerability...
PHP CGI Argument Injection
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit...
Online Rental Property Script <= 4.5 (pid) SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV91$2008 ----------------------------------------------------------------------------------------- ECHOADV91$2008 Online Rental Property Script = 4.5 pid Blind Sql Injection...
Webfwlog <= 0.92 (debug.php) Remote File Disclosure Vulnerability
No description provided by source. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + D.Script:ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-stable/All/webfwlog-0.92.tbz + D.Scrpit:http://webfwlog.sourceforge.net/...
N`CMS 1.1E Pre-Auth Local File Inclusion Remote Code Exploit
No description provided by source. !/usr/bin/python INFORMATION Exploit Title: NCMS 1.1E Pre-Auth Local File Inclusion Remote Code Exploit Date: 11/3/2011 Software link: http://bit.ly/eJAyw5 Tested on: Linux bt Version: 1.1E PHP.ini Settings: gpcmagicquotes = Off Note: The web application was luc...
NetRisk <= 2.0 (XSS/SQL Injection) Remote Vulnerabilities
No description provided by source. ----------------------------------------------------------------- NetRisk = 2.0 XSS/SQL Injection Remote Vulnerabilities ----------------------------------------------------------------- Discovered By StAkeR aka athos Download On...
Jieqi CMS <= 1.5 - Remote Code Execution Exploit
No description provided by source. ?php printr' +---------------------------------------------------------------------------+ Jieqi cms = 1.5 remote code execution exploit by Securitylab.ir mail: [email protected] +---------------------------------------------------------------------------+ '; ...
Prozilla Hosting Index (directory.php cat_id) - SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV88$2008 ----------------------------------------------------------------------------------------- ECHOADV88$2008 Prozilla Hosting Index directory.php catid Blind Sql...
PostNuke Module pnEncyclopedia <= 0.2.0 - SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV90$2008 ----------------------------------------------------------------------------------------- ECHOADV90$2008 PostNuke Module pnEncyclopedia = 0.2.0 id Blind Sql Injection...
My Little Forum <= 1.5 (searchstring) SQL Injection Exploit
No description provided by source. ?php mlfexpl.php My Little Forum 1.5 possibly prior versions SQL Injection / MD5 password hash disclosure poc exploit with proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script:...
Family Connections CMS 2.5.0 & 2.7.1 - (less.php) Remote Command Execution
No description provided by source. ?php / Family connections CMS v2.5.0-v2.7.1 remote command execution exploit vendor: https://www.familycms.com/ software link: https://www.familycms.com/download.php author: mrme::rwx kru email: steventhomasseeley!gmail!com ----------------------------------...
PHP Director <= 0.21 (sql into outfile) eval() Injection Exploit
No description provided by source. include stdio.h include stdlib.h include string.h include netinet/in.h include arpa/inet.h include netdb.h / Dork Powered by PHP Director 0.2 | PHP Director 0.2.1 sql into outfile eval Injection Exploit | Exploit-...
Kmita Tellfriend <= 2.0 (file) Remote File Inclusion Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV93$2008 ----------------------------------------------------------------------------------------- ECHOADV93$2008 Kmita Tellfriend = 2.0 file Remote File Inclusion...
AzDGDatingLite <= 2.1.3 - Remote Code Execution Exploit
No description provided by source. ?php azdgexpl.php AzDGDatingLite V 2.1.3 possibly prior versions remote code execution with generic http proxy support by rgod site: http://rgod.altervista.org make these changes in php.ini if you have troubles to launch this script: allowcalltimepassreference =...