Link Request Contact Form 3.4 - Remote Code Execution Vulnerability

No description provided by source. -=--------------------ADVISORY-------------------=- Link Request Contact Form v3.4 Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: Link Request Contact Form -=+ Version: 3.4 -=+ Vendor's URL:...

FusionPHP Fusion News 3.3/3.6 X-ForwordedFor PHP Script Code Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13661/info FusionPHP Fusion News is prone to a remote PHP code injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. This may facilitate unauthorized access. ...

Tiki Wiki CMS Groupware <= 8.2 (snarf_ajax.php) Remote PHP Code Injection

No description provided by source. ------------------------------------------------------------------------- Tiki Wiki CMS Groupware = 8.2 snarfajax.php Remote PHP Code Injection ------------------------------------------------------------------------- author...........: Egidio Romano aka EgiX...

PAJAX <= 0.5.1 - Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; print PAJAX Remote Code Injection - code by: Stoney - exploit found by: RedTeam\n; if $ARGV0 && $ARGV1 $host = $ARGV0; $path = $ARGV1; $sock = IO::Socket::INET-new Proto = tcp, PeerAddr = $host, PeerPort = 80 || die connecterror\n;...

XML-RPC Library <= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit

No description provided by source. tested and working /str0ke !/usr/bin/perl ilo-- This program is no GPL or has nothing to do with FSF, but some code was ripped from romansoft.. sorry, too lazy! xmlrpc bug by James from GulfTech Security Research. http://pear.php.net/bugs/bug.php?id=4692 xmlrpc...

Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit4...

Dolphin <= 7.0.7 (member_menu_queries.php) Remote PHP Code Injection

No description provided by source. ?php / ---------------------------------------------------------------------------- Dolphin = 7.0.7 membermenuqueries.php Remote PHP Code Injection Exploit ---------------------------------------------------------------------------- author...............: EgiX...

CiviCRM for Joomla 4.2.2 - Remote Code Injection

No description provided by source. Exploit Title: joomla component comcivicrm remode code injection exploit Google Dork:Index of /joomla/administrator/components/comcivicrm/civicrm/packages/OpenFlashChart Date: 20/04/2013 Exploit Author: iskorpitx Vendor Homepage: http://civicrm.org Software Link...

txtForum 1.0.3/1.0.4 - Remote PHP Script Code Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17061/info txtForum is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to facilitate a compromise of the application and the underlying system; other attacks are also possible. form...

Trixbox (endpoint_aastra.php, mac param) - Remote Code Injection

No description provided by source. App : Trixbox all versions vendor : trixbox.com Author : i-Hmx mail : [email protected] Home : security arrays inc , sec4ever.com ,exploit4arab.net Well well well , we decided to give schmoozecom a break and have a look @ fonality products do you think they have...

Eaton Network Shutdown Module <= 3.21 - Remote PHP Code Injection

No description provided by source. !/usr/bin/env python Quick 'n' Dirty - Metasploit module didn't do it for me 2013 - Filip Waeytens - http://www.wsec.be Usage Example: $ python eaton.py 192.168.1.9 net user User accounts for \...

phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection

No description provided by source. $Id: phpldapadminqueryengine.rb 14060 2011-10-25 05:25:39Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

HostBill App 2.3 - Remote Code Injection Vulnerability

No description provided by source. =-=-=-=-=-=-=-=-=-=-=-=-=-=-In The Name Of Allah, The Most Beneficent, The Most Merciful-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tybe: suffering from RemotE injection php code Vendor:hostbillapp.com + Software:HostBill + Version : v2.3 + author:Dr.DaShE TEAM: Team...

123 Flash Chat 5.0 - Remote Code Injection Weakness

No description provided by source. source: http://www.securityfocus.com/bid/16360/info 123 Flash Chat is prone to an arbitrary code injection weakness. An attacker can influence the value of a variable that is insecurely passed to an 'eval' call. Successful exploitation may allow attackers to tak...

phpMyAdmin 2.5.7 - Remote code injection Exploit

No description provided by source. / phpmy-explt.c written by Nasir Simbolon nasir kecapi com eagle kecapi com Jakarta, Indonesia June, 10 2004 A phpMyAdmin-2.5.7 exploite program. This is a kind of mysql server wrapper acts like a proxy except that it will sends a fake table name, when client...

ShoutPro <= 1.5.2 (shout.php) Remote Code Injection Exploit

No description provided by source. ?/ File: shoutbox.php Affects: ShoutPro 1.5.2 may affect earlier versions Date: 17th April 2007 Issue Description: =========================================================================== ShoutPro 1.5.2 fails to fully sanitize user input $shout that it writes...

WebCalendar 1.2.4 Pre-Auth Remote Code Injection

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Maxwebportal <= 1.36 password.asp Change Password Exploit (1 - html)

No description provided by source. !-- Hi, I'm Soroush Dalili from Grayhatz Security Group GSG . I found dangerous sql injection in Maxwebportal version 1.35,1.36,2.0, 20050418 Next Remote user can inject his/her code in memKey var. and change other users password in password.asp Exploit codes to...

Yarssr 0.2.2 GUI.PM Remote Code Injection Vulnerability

No description provided by source. source: www.securityfocus.com/bid/26273/info Yarssr is prone to a remote code-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to inject and execute arbitrary malicious Perl code with the...

PhpTax pfilez Parameter Exec Remote Code Injection

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...