BPSwoopo CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: BPSwoopo CSRF Author: Jonturk75 Vendor or Software Link: http://www.scripts.com/viewscript/bpswoopo-penny-auction-script-like-swoopo/27766/ Category:: webapps Demo : http://www.icloudcenter.net/demos/ICPenny/ Greetz: Inj3ct0r...

BlueSoft Auction CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: BlueSoft Auction CSRF Author: Jonturk75 Vendor or Software Link: http://www.scripts.com/viewscript/bluesoft-auction-site-script/31334/ Category:: webapps Demo : http://shopbluesoft.com/demo4/control/login.php Greetz: Inj3ct0r...

BPowerItaliano CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: BPowerItaliano CSRF Author: Jonturk75 Vendor or Software Link: http://www.scripts.com/viewscript/bpoweritaliano-unique-low-bid-auction-italian-ver/27150/ Category:: webapps Demo :...

AV Arcade Pro 5.4.3 Cookie Manipulation

========================================== AV Arcade Pro 5.4.3 By pass Seting Exploit ========================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0 0 . .--. .--. .---. . 1 1 .'| / | 0 0 | --: --: / .-.| .-. . . 1 1 | / | | | 0 0 '---' --' --' ' -'--'---| 1 1 ;...

Ignition 1.3 (comment.php) Local File Inclusion Vulnerability

Exploit for php platform in category web applications Ignition 1.3 ========================================= Greetz: all member | manadocoding.org - sekuritiOnline.net friends: angky.tatoki, EA ngel, bL4Ck3n91n3, 0pa, x0r0n, teamelite, thama, devilbat, cr4wl3r, cyberl0g, lumut-, AntiHack, DskyMC,...

Ignition 1.3 - Remote Code Execution

?php / Ignition 1.3 Remote Code Execution Exploit by cOndemned download: http://launchpad.net/ignition/trunk/1.3/+download/ignition-1.3.tar.gz source of i-options.php 1. ?php 2. sessionstart; 3. if $POST'submit' 4. if $FH = @fopen'data/settings.php', 'w' 5. @fwrite$FH, '?php $pass =...

Ignition 1.3 - 'page.php' Local File Inclusion

Ignition 1.3 page Local File Inclusion Vulnerability disclosed by cOndemned download: http://launchpad.net/ignition/trunk/1.3/+download/ignition-1.3.tar.gz note: 1. Magicquotesgpc should be turned off in order to exploit this vulnerability 2. LFI bugs found by me in previous version 1.2 are still...

Ignition 1.3 Code Execution

?php / Ignition 1.3 Remote Code Execution Exploit by cOndemned download: http://launchpad.net/ignition/trunk/1.3/+download/ignition-1.3.tar.gz source of i-options.php 1. ?php 2. sessionstart; 3. if $POST'submit' 4. if $FH = @fopen'data/settings.php', 'w' 5. @fwrite$FH, '?php $pass =...

Kandidat CMS 1.4.2 - Persistent Cross-Site Scripting

Vulnerability ID: HTB22648 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityinkandidatcms.html Product: Kandidat CMS Vendor: Kan-Studio http://www.kan-studio.ru/ Vulnerable Version: 1.4.2 and probably prior versions Vendor Notification: 19 October 2010 Vulnerability Type: Stored XSS Cro...

Haudenschilt Family Connections CMS (FCMS) Multiple PHP remote file inclusion vulnerabilities

This host is running Haudenschilt Family Connections CMS FCMS and is prone to multiple remote file inclusion vulnerabilities. OpenVAS Vulnerability Test $Id: secpodfcmsmultrfivuln.nasl 5394 2017-02-22 09:22:42Z teissa $ Haudenschilt Family Connections CMS FCMS Multiple PHP remote file inclusion...

fcms 2.2.3 - Remote File Inclusion

fcms 2.2.3 - Remote File Inclusion x Exploit Title: FCMS2.2.3 Remote File Inclusion x Date: 10-9-2010 x Author: LoSt.HaCkEr aDaMTRoJaN x Software Link: http://www.familycms.com/getstarted.php x Version: v 2.2.3 xTested on: Windows XP x CVE : x My E-MaIl:LoSt.HaCkEratHaCkErdotPs xExploit:...

fcms 2.2.3 - Remote File Inclusion

x Exploit Title: FCMS2.2.3 Remote File Inclusion x Date: 10-9-2010 x Author: LoSt.HaCkEr aDaMTRoJaN x Software Link: http://www.familycms.com/getstarted.php x Version: v 2.2.3 xTested on: Windows XP x CVE : x My E-MaIl:LoSt.HaCkEratHaCkErdotPs xExploit:...

SMA-DB 0.3.14 (pfad_z) Local File Inclusion Vulnerability

Exploit for php platform in category web applications ========================================================= SMA-DB 0.3.14 pfadz Local File Inclusion Vulnerability ========================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0...

Ignition 1.2 Multiple Local File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ========================================================== Ignition 1.2 Multiple Local File Inclusion Vulnerabilities ========================================================== Ignition 1.2 Multiple Local File Inclusion Vulnerabilities...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.7e allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 graph.php, 2 include/topgraphheader.php, 3 lib/htmlform.php, and 4 lib/timespansettings.php, as demonstrated by the a graphend or b graphstart...

Cross site scripting

Cross-site scripting XSS vulnerability in settings.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the sample parameter...

CVE-2009-3911

TFTgallery 0.13 is vulnerable to a cross-site scripting (XSS) flaw in settings.php via the sample parameter, allowing remote injection of script/HTML. OpenVAS notes TFTgallery

CVE-2009-3911

Cross-site scripting XSS vulnerability in settings.php in TFTgallery 0.13 allows remote attackers to inject arbitrary web script or HTML via the sample parameter...

CVE-2009-2432

WordPress and WordPress MU before 2.8.1 allow remote attackers to obtain sensitive information via a direct request to wp-settings.php, which reveals the installation path in an error message...

DEBIAN-CVE-2009-2432

WordPress and WordPress MU before 2.8.1 allow remote attackers to obtain sensitive information via a direct request to wp-settings.php, which reveals the installation path in an error message...