80 matches found
EUVD-2005-3024
Malware in sbrugna...
EUVD-2017-5630
Malware in sbrugna...
Malicious code in limit-order-validation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a7ad6cba9faf323fb0ffae19f703ba40944f39673b2e8803037d19ff0990671f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2021-37608 Arbitrary file upload vulnerability in OFBiz
Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz allows an attacker to execute remote commands. This issue affects Apache OFBiz version 17.12.07 and prior versions. Upgrade to at least 17.12.08 or apply patches at https://issues.apache.org/jira/browse/OFBIZ-12297...
PHP-Stats <= 0.1.9.1 - Remote Commands Execution Exploit
No description provided by source. ?php ---phpstats0191xpl.php 04/03/2006 4.53.41 PHP-Stats = 0.1.9.1 optionadminpass overwrite / / remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works regardless of magicquotesgpc settings... usage: launch from Apache, fill...
Zen Cart <= 1.2.6d (password_forgotten.php) SQL Injection Exploit
No description provided by source. ?php ---zencart126dxpl.php 19.42 02/12/2005 Zen-Cart = 1.2.6d blind SQL injection / remote commands execution coded by rgod site: http://rgod.altervista.org - this works with magicquotesgpc both on & off usage: launch from Apache, fill in requested fields, then...
CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit
No description provided by source. ?php ---dragonfly9.0.6.1inclxpl.php 20.15 07/02/2006 CPGNuke Dragonfly 9.0.6.1 remote commands execution through arbitrary local inclusion - Sun-Tzu Drangonfly killing - coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc...
PHPX 3.5.x Admin Login.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15680/info PHPX is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could result ...
PHPWebThings <= 1.4 (msg/forum) SQL Injection Exploit
No description provided by source. ?php ---phpwebth14xpl.php 10.47 16/11/2005 PHPWebThings 1.4 msg and forum SQL injection / Administrative credentials disclosure and remote commands execution coded by rgod site: http://rgod.altervista.org based on http://secunia.com/advisories/17410/, but here w...
EnterpriseGS <= 1.0 rc4 Remote Commands Execution Exploit
No description provided by source. ?php ---egs10rc4php5inclxpl.php 17.57 13/02/2006 EGS Enterprise Groupware System =1.0 rc4 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5 usage: launch from Apache, fill in requested fields, then go!...
phpDocumentor <= 1.3.0 rc4 Remote Commands Execution Exploit
No description provided by source. ?php ---phpdocu130rc4inclxpl.php 13.06 29/12/2005 PhpDocumentor = 1.3.0 rc4 remote commands execution coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: Confront your soldiers with the deed itsel...
Moodle <= 1.6dev SQL Injection / Command Execution Exploit
No description provided by source. ?php moodle16devxpl.php 4.19 10/11/2005 Moodle = 1.6dev get record SQL injection / / remote commands execution by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in requested fields, then go! make these changes in php.ini if you have troubl...
DocMGR <= 0.54.2 (file_exists) Remote Commands Execution Exploit
No description provided by source. ?php ---docmgr0542inclxpl.php 0.30 12/02/2006 DocMGR = 0.54.2 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested...
GuppY <= 4.5.16 Remote Commands Execution Exploit
No description provided by source...
Guppy <= 4.5.9 (REMOTE_ADDR) Remote Commands Execution Exploit
No description provided by source. ?php if magicquotesgpc is off you can inject arbitrary php code from rgod /str0ke ---guppy459xpl.php 17.30 28/11/2005 Guppy =4.5.9 SERVERREMOTEADDR overwrite / remote commands xctn coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in...
X7 Chat <= 2.0 (help_file) Remote Commands Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo X7 Chat =2.0 \helpfile\ arbitrary local inclusion\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n; echo - works regardless of magicquotesgpc settings\r\n; echo if avatar uploads a...
PHP 4.x/5.0.x File Upload GLOBAL Variable Overwrite Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15250/info PHP is prone to a vulnerability that allows attackers to overwrite the GLOBAL variable via HTTP POST requests. By exploiting this issue, remote attackers may be able to overwrite the GLOBAL variable. This may...
phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo PHPWebSite = 0.10.2 remote cmmnds xctn\r\n; echo - arbitrary local inclusion, works with magicquotesgpc = Off\r\n; echo by rgod, mail: [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; if $argc4...
PHPKIT <= 1.6.1R2 (filecheck) Remote Commands Execution Exploit
No description provided by source. ?php ---PHPKIT161r2inclxpl.php 4.27 16/02/2006 PHPKIT = 1.6.1R2 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works with allowurlfopen = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: All men ca...
CVE-2010-5026
SQL injection vulnerability in winners.php in Science Fair In A Box SFIAB 2.0.6 and 2.2.0 allows remote attackers to execute arbitrary SQL commands via the type parameter. NOTE: some of these details are obtained from third party information...