b2evolution 4.1.6 - Multiple Vulnerabilities

No description provided by source...

Kayako eSupport 3.04.10 - XSS/CSRF Vulnerabilities

No description provided by source. + Exploit Title : kayako xss/xsrf Remote Vulnerabilities + Author : By D3V!L FUCKER + Script Link : http://www.kayako.com/solutions/esupport/ + Version : Kayako eSupport v3.04.10 + Tested on : linux ubuntu 9.10 + Code : +++++++++++++++++++++++++...

Invision Gallery 2.0.7 Index.PHP IMG Parameter SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21388/info Invision Gallery is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker t...

doorGets CMS - CSRF Vulnerability

No description provided by source. Title: Doorgets CSRF Vulnerability Author: n0pe Software Link: http://www.doorgets.com/ Download: http://www.doorgets.com/?sourcescms Tested: BackBox Linux 3 With this vulnerability you can change the configuration of the site. Proof of concept: html body form...

Kolibri+ Webserver 2 - (GET Request) Remote SEH Overwrite Exploit

No description provided by source. !/usr/bin/python Could not get this to work on XP SP3. php5ts.dll is the only module with safe seh off but could not get the pop pop ret to work correctly despite the large number of usable addresses that were tested. $ ./kolibri.py 192.168.1.146 8080 Kolibri+...

ezcms <= 1.2 (bsql/admin byapss) Multiple Vulnerabilities

No description provided by source. -+================================================================================+- -+ EZCMS = 1.2 Multiple Remote Vulnerabilitys +- -+================================================================================+- Discovered By: t0pP8uZz Discovered On: 19 M...

FaName 1.0 index.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/30019/info FaName is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser ...

Net Clubs Pro 4.0 imessage.cgi username Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17622/info Net Clubs Pro is prone to multiple cross-site scripting vulnerabilities. These issues are due to the application's failure to properly sanitize user-supplied input. An attacker may leverage these issues to have...

Horde <= 3.3.5 Administration Interface admin/cmdshell.php PATH_INFO Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/37351/info Horde Framework is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser...

Pixel8 Web Photo Album 3.0 - Remote SQL Injection Vulnerability

No description provided by source. -------------------------------AlpHaNiX---------------------------------- Found By : AlpHaNiX website : www.nullarea.net contact : AlpHaATHACKERDOTBZ script : Pixel8 Web Photo Album v3.0 download : null Demo : http://www.jayeshp.com/Pixel8/Files/Demo.asp Exploit...

RuubikCMS 1.0.3 - Multiple Vulnerabilities

No description provided by source...

AIOCP 1.3.x cp_forum_view.php Multiple Parameter XSS

No description provided by source...

D.R. Software Audio Converter 8.1 - DEP Bypass Exploit

No description provided by source...

33 bytes unlink "/etc/shadow" x86 linux shellcode

No description provided by source. / Name : 33 bytes unlink /etc/shadow x86 linux shellcode Date : Wed Jun 2 18:01:44 2010 Author : gunslinger yudha.gunslingeratgmail.com Web : http://devilzc0de.org blog : http://gunslingerc0de.wordpress.com tested on : linux debian / include stdio.h char...

Disk Pulse Server 2.2.34 - Remote Buffer Overflow Exploit

No description provided by source. !/usr/bin/python Exploit Title: Disk Pulse Server v2.2.34 Remote Buffer Overflow Exploit Date: 10/11/2010 Author: xsploited security URL: http://www.x-sploited.com/ Contact: xsploitedsecurity at gmail.com Software Link:...

NovaPlayer 1.0 (.mp3) Local Denial of Service (DoS) #

No description provided by source. !/usr/bin/perl print qq NovaPlayer 1.0 .mp3 Local Denial of Service DoS by Mr.tro0oqy ; author: Mr.tro0oqy email : [email protected]:[email protected] greetz : Red-D3v1L , virushima , Stack system color e; my $bb=tro0oqy.mp3; my $fk=\x41 x 10000; open...

Bloo <= 1.00 Multiple Remote SQL Injection Vulnerabilities

No description provided by source...

Havalite CMS 1.1.7 - Unrestricted File Upload Exploit

No description provided by source. ?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : Havalite CMS...

Safari 4.0.3 & 4.0.4 Stack Exhaustion

No description provided by source. script //Written by: Fredrik Nordberg Almroth //URL: http://h.ackack.net/ //Affected: Safari 4.0.3 & 4.0.4 - Other versions might be vulnerable aswell. a=scriptvar b=\iframe src='javascript:window.location=\boom'/iframe;while1b=b+b;document.writeb;/scr+ipt;...

Pyrophobia 2.1.3.1 admin/index.php Multiple Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/22667/info Pyrophobia is prone to multiple input-validation vulnerabilities, including multiple local file-include issues and multiple cross-site scripting issues. An attacker can exploit these issues to steal cookie-base...