Dotclear 2.6.2 Multiple Vulnerability

Dotclear versions 2.6.2 and below suffer from a remote SQL injection, remote shell upload Dotclear 2.6.2 SQL Injection Vulnerability - Affected Versions: Version 2.6.2 and probably prior versions. - Vulnerability Description: The vulnerable code is located in /admin/categories.php: 70. Update ord...

MediaWiki thumb.php page Parameter Remote Shell Command Injection

MediaWiki contains a flaw that is due to the program failing to properly sanitize input passed via the "page" parameter in the thumb.php script. This may allow a remote attack to inject arbitrary shell commands. Vulnerability Type: Remote Command Execution For the exploit source code contact...

plexusCMS 0.5 - Cross-Site Scripting Remote Shell Credentials Leak

plexusCMS 0.5 - Cross-Site Scripting Remote Shell Credentials Leak Exploit Title: plexusCMS 0.5 XSS Remote Shell Exploit Google Dork: allinurl: plx-storage Date: 22.02.2013 Exploit Author: neglomaniac Vendor Homepage: http://plexus-cms.org/ Version: 0.5 --- FILES backdoor.php simple commend execu...

plexusCMS 0.5 - Cross-Site Scripting / Remote Shell / Credentials Leak

Exploit Title: plexusCMS 0.5 XSS Remote Shell Exploit Google Dork: allinurl: plx-storage Date: 22.02.2013 Exploit Author: neglomaniac Vendor Homepage: http://plexus-cms.org/ Version: 0.5 --- FILES backdoor.php simple commend execute backdoor commands.txt list of useful commands for owning remote...

WordPress Amerisale-Re Remote Shell Upload

Exploit Title : Wordpress amerisale-re Remote Shell Upload Exploit Author : T3rm!nat0r5 Vendor Homepage : http://wordpress.org/ Google Dork : inurl:/wp-content/plugins/amerisale-re Date : 2014/01/30 Tested on : Windows 8 , Linux This module requires Metasploit: http//metasploit.com/download Curre...

haneWIN DNS Server 1.5.3 - Remote Buffer Overflow (SEH)

!/usr/bin/python Exploit Title: haneWIN DNS Server SEH Author: Dario Estrada dash https://intrusionlabs.org Date: 2014-01-29 Version: haneWIN DNS Server 1.5.3 Vendor Homepage: http://www.hanewin.net/ Vulnerable app link:http://www.hanewin.net/dns-e.htm Tested on: Windows XP SP3 Thanks to God, to ...

Two-year-old vulnerability in JBoss Application Servers enables Remote Shell for Hackers

Cyber security of many organizations being attacked at an extremely high rate this month, well another alarming cyber crime report become public today. A widely unpatched and two years old critical vulnerability in JBoss Application Server AS that enable an attacker to remotely get a shell on a...

Two-year-old vulnerability in JBoss Application Servers enables Remote Shell for Hackers

Cyber security of many organizations being attacked at an extremely high rate this month, well another alarming cyber crime report become public today. A widely unpatched and two years old critical vulnerability in JBoss Application Server AS that enable an attacker to remotely get a shell on a...

JBoss AS Attacks Up Since Exploit Code Disclosed

Attackers are exploiting a two-year-old vulnerability in JBoss Application Servers that enables a hacker to remotely get a shell on a vulnerable webserver. The number of infections has surged since exploit code called pwn.jsp was publicly disclosed Oct. 4. Researchers at Imperva said that a numbe...

w-CMS 2.0.1 - Remote Code Execution

Exploit Title: w-CMS 2.0.1 Remote Code Execution Vulnerability Google Dork: intext:"Powered by w-CMS" Date: 15/08/2013 Exploit Author: ICheerNo0M - http://icheernoom.blogspot.com/ Vendor Homepage: http://w-cms.org/ Software Link: - Version: 2.0.1 Tested on: Windows 7 + PHP 5.2.6 --- Vuln Code :...

FunGamez Remote Shell Upload

FunGamez Remote File Upload Vulnerability Brought to you by cr4wl3r http://bastardlabs.info Software Link: http://sourceforge.net/projects/fg-gsm/?source=dlp Tested: Linux, Windows ----------------------------------------------- Source FunGamez/admin/modules/game.php .......... 135 And your shell...

Atomymaxsite Shell Upload

Exploit Title: ATOMYMAXSITE CMS Remote Shell Upload Vulnerability + Google Dork: "Powered by ATOMYMAXSITE" + Date: 30/06/2013 + Exploit Author: IranianDarkCodersTeam + Vendor Homepage: http://board.maxsitepro.com + Version: All Version 1.50 - 2.5 + Tested on: Windows 7 + Exploit: +...

Plesk hosting management software remote get shell 0day-vulnerability warning-the black bar safety net

6 month 5 days late, the Great God king cope in foreign countries well-known mailing list seclists burst Plesk latest remote exploit 0day and gives a perl version of the exp. On Plesk with: Plesk is a cross-platform host Management Control Panel software, is a server virtualization and automation...

IBM QRadar SIEM command injection vulnerability

Overview IBM QRadar SIEM software contains a command injection vulnerability that allows an authenticated user to execute operating system commands on the QRadar device. Description The IBM security bulletin for CVE-2013-2970 states:A command injection vulnerability has been discovered within the...

EasyPHP Webserver PHP Command Execution

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Belkin Wemo Arbitrary Firmware Upload

Exploit Title: Belkin Wemo Arbitrary Firmware Vulnerability Date: 4/3/13 Exploit Author: Daniel Buentello Vendor Homepage: http://www.belkin.com/us/wemo Version: Any version prior to WeMoUS2.00.2176.PVT CVE : CVE-2013-2748 Hello Im independently working with Mitre and Belkin on this matter so...

EasyPHP WebServer v.(all) <= Multiple Vulnerabilities

EasyPHP is Suffer from : + Auth Bypass + Remote Shell Injection / Remote Code Execute The Bug in EasyPHP WebServer Manager found because the PORTAL of Administration doesn't protected ! so just when you found the Admin-Portal - you can bypass the auth directly and remote attacker can get some...

Jieqi(Jackie)CMS V1. 6 PHP code execution 0day vulnerabilities EXP-vulnerability warning-the black bar safety net

Jackie website management system, referred to as the JIEQI CMS, China National copyright Bureau copyright registration number: 2006SR03382 is a modular site erected system with simple, flexible, superior performance, safe and reliable and other characteristics. We provide you with the current mos...

OpenEMR 4.1.1 Shell Upload

Exploit for php platform in category web applications ?php / OpenEMR 4.1.1 ofcuploadimage.php Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical...

OpenEMR 4.1.1 Shell Upload

?php / OpenEMR 4.1.1 ofcuploadimage.php Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical practice management application that can run on Windows,...