6 matches found
EUVD-2005-2479
Malware in sbrugna...
SilverNews 2.04 Local File Inclusion
!/usr/bin/perl -w SilverNews 2.04 Local File Inclusion Exploit Script: http://www.silver-scripts.de Vuln C0de: require "admin/header.php"; if fileexists'admin/'.$GET'section'.".php" require 'admin/'.$GET'section'.'.php'; ---LFI by d3b4g Follow me on twitter.www.twitter.com/schaba From Tiny Little...
SilverNews 2.04 - Authentication Bypass Local File Inclusion Remote Code Execution
SilverNews 2.04 - Authentication Bypass Local File Inclusion Remote Code Execution 0x01 Informations: Name : SilverNews 2.04 Download : http://www.silver-scripts.de/scripts.php?script=SilverNews&l=en Vulnerability : Auth Bypass\LFI\RCE Author : x0r Contact : [email protected] Notes : Proud to ...
SilverNews 2.04 Bypass / LFI / Code Execution
0x01 Informations: Name : SilverNews 2.04 Download : http://www.silver-scripts.de/scripts.php?script=SilverNews&l=en Vulnerability : Auth Bypass\LFI\RCE Author : x0r Contact : [email protected] Notes : Proud to be Italian 0x02 Bug: Bugged file is /path/admin.php Code // Get the user informatio...
SilverNews 2.04 (Auth Bypass/LFI/RCE) Multiple Vulnerabilities
Exploit for unknown platform in category web applications ============================================================== SilverNews 2.04 Auth Bypass/LFI/RCE Multiple Vulnerabilities ============================================================== 0x01 Informations: Name : SilverNews 2.04 Download :...
SilverNews < 2.0.4 Multiple Vulnerabilities
The remote host is running SilverNews, a free news script written in PHP. The version of SilverNews installed on the remote host suffers from several flaws : - SQL Injection Vulnerability The application does not sanitize user-supplied input to the 'username' parameter of the 'admin.php' script...