669 matches found
Escort und Begleitservice Agentur Script SQL Injection Vunerability
No description provided by source...
Brian Stanback bsguest.cgi 1.0 - Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2159/info An input validation vulnerability exists in Brian Stanback's bsguest.cgi, a script designed to coordinate guestbook submissions from website visitors. The script fails to properly filter ';' characters from the...
Job Site 1.0 - Multiple Vulnerabilities
Jobsite logo - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script : http://sourceforge.net/projects/jobfinder/...
CVE-2013-5587
Cross-site scripting XSS vulnerability in Request Tracker RT 4.x before 4.0.13, when MakeClicky is configured, allows remote attackers to inject arbitrary web script or HTML via a URL in a ticket. NOTE: this issue has been SPLIT from CVE-2013-3371 due to different affected versions...
Haraj Script Stored XSS and File Upload Vulnerability
You Can Upload file And make come Xss code ! at Once ,, in famous arabic scripth php Haraj script . ============================= 1: first enter to site of our target , and signup in the target site . 2: go to HTTP://TARGET.COM/home/add/ or HTTP://TARGET.COM/homeadd.html or or...
Kloxo 6.1.6 - Local Privilege Escalation
Exploit for linux platform in category local exploits LXLABS=cat /etc/passwd | grep lxlabs | cut -d: -f3 export MUID=$LXLABS export GID=$LXLABS export TARGET=/bin/sh export CHECKGID=0 export NONRESIDENT=1 echo "unset HISTFILE HISTSAVE PROMPTCOMMAND TMOUT" /tmp/w00trc echo "/usr/sbin/lxrestart...
CVE-2012-3327
CVE-2012-3327 describes a cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management (versions 6.2–7.5), Maximo Asset Management Essentials (6.2–7.5), Tivoli Asset Management for IT (6.2–7.2), Tivoli Service Request Manager (7.1–7.2), Maximo Service Desk (6.2), CCMDB (7.1–7.2), and S...
E Sms Script - Multiple SQL Injections
E SMS Script Multiple SQL Injection Vulnerability By cr4wl3r http://bastardlabs.info http://bastardlabs.info/exploits/ESMSScript.txt Good Music: http://goo.gl/TLkEs : Script: http://www.esmsscript.com/index.php?option=comcontent&view=article&id=22&Itemid=41 Dork: inurl:"smscollection.php?catid="...
Perl script jsupload.cgi.pl 0.6.4 Directory Traversal
jsupload.cgi.pl versions 0.6.4 and below suffer from a directory traversal vulnerability. ------------------------------------------------------------------------------------------------------------- Directory traversal vulnerabilities in jsupload.cgi.pl version 0.6.4 and before 29 November 2012...
Sava’s Simple Upload Script / Delete Arbitrary File
Exploit for php platform in category web applications Exploit Title: Sava’s Simple Upload Script / Delete Arbitrary File Date: 03/07/2012 Author: Daniel Godoy Author Mail: DanielGodoyatGobiernoFederaldotcom Author Web: www.delincuentedigital.com.ar Sofware web:...
Wordpress custom-background plugin file upload vulnerability
Exploit for php platform in category web applications +----------------------------------------------------------------------+ Exploit Title: wordpress custom-background plugin file upload vulnerability Google Dork: inurl:/wp-content/plugins/custom-background Date: 10/06/2012 Author: Tunisian...
CVE-2010-4955
SQL injection vulnerability in board/board.php in APBoard Developers APBoard 2.1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2006-3078...
CVE-2011-3864
Cross-site scripting XSS vulnerability in the The Erudite theme before 2.7.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cpage parameter...
bash security update
CentOS Errata and Security Advisory CESA-2011:1073 An updated bash package that fixes one security issue, several bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common...
Persian Sharetronix Portal Source Code Disclosure
=========================================================== Persian Sharetronix portal Remote Source Code Disclosure Vulnerability ----------------------------------------------------------- foun by :kurdish hackers team group : kurd-team contact : [email protected] site : kurdteam.org...
RHEL 5 : bash (RHSA-2011:1073)
An updated bash package that fixes one security issue, several bugs, and adds one enhancement is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives...
CVE-2011-2754
Cross-site scripting XSS vulnerability in the PageBuilder2 aka Page Builder theme in IBM WebSphere Portal 7.x before 7.0.0.1 CF006, as used in IBM Web Content Manager WCM and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Arbitrary file deletion
The configure script in D-Bus aka DBus 1.2.x before 1.2.28 allows local users to overwrite arbitrary files via a symlink attack on an unspecified file in /tmp/...
Built2Go PHP Shopping - SQL Injection
Script Name: Built2Go PHP Shopping version = 1.7 Site: http://built2go.com/ Script Demo: http://demos.built2go.com/shopping/1/ Found: Br0ly Google Dork: "Powered by Built2Go PHP Shopping" p0c: http://server.com/product.php?cat=16'%20UNION%20ALL%20SELECT%201,@@version,3/ xPloit:...
Microsoft Internet Explorer local file reading and detection vulnerability-vulnerability warning-the black bar safety net
Microsoft IE in the handling of local file access when there are some problems, combined with the Microsoft windows characteristics may be able to read the local of certain special files that may have other use. As the browser is inevitable to deal with cross-domain resource access issues, then t...