Cross site scripting

Cross-site scripting XSS vulnerability in the Commerce extension before 0.9.9 for TYPO3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

Good subtle Bo system upload vulnerability-vulnerability warning-the black bar safety net

Good subtle Bo system using the upload program when it is submitted to verify the local path, causing the file name to determine the error upload 1. asp;xxx. jpg the special file name. Caused by IIS6. 0 parse error, thereby executing the asp script vulnerability. There is vulnerability file:...

Photo Sharing Script SQL Injection

Exploit Title: photo sharing script SQL injection Vulnerability Date: 24/06/2010 Author: JaMbA Script url: http://www.2daybiz.com/photosharingscript.html Version: N/A Tested on: Windows CVE : ::::::::::::::::::::::::: ::::::::::::::::::::::::: =================Exploit====== ============ EXPL0!T...

PenPals Authentication Bypass

Exploit for asp platform in category web applications ============================= PenPals Authentication Bypass ============================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /...

EgO v0.7b (fckeditor) Remote File Upload

Exploit for php platform in category web applications ======================================== EgO v0.7b fckeditor Remote File Upload ======================================== Title: EgO v0.7b fckeditor Remote File Upload Download: http://sourceforge.net/projects/vairux-ego/ AUTHOR: ITSecTeam Emai...

gitWeb 1.5.2 - Remote Command Execution

gitWeb 1.5.2 - Remote Command Execution Exploit Title: gitWeb remote command execution Date: 2009.06.19 Author: S2 Crew Hungary Software Link: - Version: GIT 1.5.2 Tested on: debian linux, GIT 1.5.2 CVE: CVE-2008-5516 - CVE-2008-5517 Code: The cgi script doesn't show the command output blind...

Read Excel Script v1.1 Shell Upload Vulnerability

Exploit for unknown platform in category web applications ================================================= Read Excel Script v1.1 Shell Upload Vulnerability ================================================= ======================================= Script : Read Excel v1.1 Shell Upload Vendor :...

Simplicity oF Upload (1.3.2) Remote File Upload Vulnerability

No description provided by source. Exploit Title: Simplicity oF Upload 1.3.2 Remote File Upload Vulnerability Date: 20-12-2009 Author: Master Mind Software Link: http://www.phpsimplicity.com/scripts.php?id=3 Version: 1.3.2 CVE : N/A Tested on: Windows 2003 Server...

Cyrus IMAPd buffer overflow vulnerability

Overview The Cyrus IMAP server contains a vulnerability that may allow an authenticated attacker to execute code. Description The Cyrus IMAP mail server supports the SIEVE mail filtering language. Cyrus IMAP versions 2.2 through 2.3.14 contain a buffer overflow vulnerability that may be triggered...

CVE-2009-2632

Buffer overflow in the SIEVE script component sieve/script.c, as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to...

Auction RSS Content Script 3.0 XSS

/ | | \ \ / / | | \ \ / / | |\ \ /\ / / | | | | | | \ V /| | | \ V V / | | || | || / ||| // ,|, | |/ | | | |/ / | ' \ | | / | | | | | | | |||,|| || || Auction RSS Content Script V3.0 Remote XSS Vulnerabilities Discovered By : Moudi Contact : Download : http://www.jce-tech.com/auction.php...

Shorty 0.7.1b Insecure Cookie

Vulnerable Software -------------------------------------------------------------------------------- Script: Shorty v0.7.1 Beta maybe other versions URL:http://get-shorty.com/ Download:http://get-shorty.com/beta?force=download Google dork: intitle:"Shorty Beta" Bug...

Infinity 2.0.5 - Arbitrary Create Admin

?php printr' || || | || o,7 || . o7 || q||| o///, : / / . /QQQQQQQQQQQQQQQQQQQ\ q Infinity = 2.0.5 Create Admin /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ q POST 3 /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ q Owned : |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait, PEACE... |QQQQ| |QQQQ| |QQQQ| |QQQQ\ iqaahotmail.fr...

TalkBack 2.3.14 Execution / Local File Inclusion

JIKO No-exploit.Com Download:http://scripts.oldguy.us/talkback/downloads2/talkback2.3.14.zip Script : talkback V 2.3.14 Dork:inurl:test.php Powered by TalkBack -------------------------------------------- Edit Comment + talkback/comments.php?edit=1&editid=2& Command +...

DB Top Sites 1.0 - Remote Command Execution

DB Top Sites 1.0 - Remote Command Execution ?php / ------------------------------------------------------------ + About DB Top Sites v1.0 Remote Command Execution Exploit Script homepage : http://www.jnmsolutions.co.uk/topsites/ Author : SirGod Thanks to : Nytro Website : www.mortal-team.org...

PHP Article Publisher - Remote Change Admin Password

=-=-remote change password and add admin xpl-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-= script:phparticlepublisher ------------------------------------------------- Author: ahmadbady my site :Coming Soon =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= download...

CVE-2009-1652

admin/adminaddeditdetails.php in Business Community Script does not properly restrict access, which allows remote attackers to gain privileges and add administrators via a direct request...

Apache Tiles Multiple XSS Vulnerability

This host has Apache Tiles installed and is prone to Cross-Site Script Vulnerability OpenVAS Vulnerability Test $Id: secpodapachetilesxssvuln.nasl 8695 2018-02-06 16:42:37Z cfischer $ Apache Tiles Multiple XSS Vulnerability Authors: Sujit Ghosal Copyright: Copyright c 2009 SecPod,...

Job2C 4.2 - 'adtype' Local File Inclusion

Job2C version 4.2 adtype MulTiple LFi Script: http://www.w2b.ru/download/Job2C.zip ---------------------------------------------------------- Discovered By: ZoRLu Date: 15.04.2009 Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com contact: [email protected] N0T: Herkes Hecker Olmu...

CVE-2008-6683

Cross-site scripting XSS vulnerability in listtest.php in Apartment Search Script allows remote attackers to inject arbitrary web script or HTML via the r parameter...