OpenClinic GA (Update B)

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are available Vendor: OpenClinic GA is a product of open-source collaboration on Source Forge Equipment: OpenClinic GA Vulnerabilities: Authentication Bypass Using an Alternate Path or...

phpWebAdmin 1.0 SQL Injection Vulnerability

phpWebAdmin version 1.0 suffers from a remote SQL injection vulnerability. !/usr/bin/perl -w phpWebAdmin Version 1.0 SQL Injection Proof Of Concept Exploit =============================================================== Discovered by NA , NAattutanota.com ========================================...

Tiny Server <= 1.1.9 HTTP HEAD DoS

No description provided by source. !/usr/bin/python Overflow exploiting a vulnerability in Tiny Server =1.1.9 HTTP HEAD request. Date of Discovery: 3/19/2012 0 Day Author: Brock Haun Vulnerable Software Download: http://tinyserver.sourceforge.net/tinyserverfull.zip Software Version: =1.1.9 Target...

[MobiSec] Mobile Security Testing Live Environment

The MobiSec Live Environment Mobile Testing open source project is a live environment for testing mobile environments, including devices, applications, and supporting infrastructure. The purpose is to provide attackers and defenders the ability to test their mobile environments to identify design...

MBB CMS 004 Local File Inclusion / SQL Injection

MBB CMS = 004 LFI/SQLi Multiple Vulnerability By cr4wl3r http://bastardlabs.info Script http://sourceforge.net/projects/phpmbbcms/ Tested : Windows / Linux Dork : N/A LFI MBBCMS/index.php ....... 22 ifisset$GET'mod' 23 $a=$GET'mod'; 24 switch$a 25 case $a: 26 iffileexists"modul/$a/$a.php" 27...

FunGamez - Arbitrary File Upload

FunGamez - Arbitrary File Upload FunGamez Remote File Upload Vulnerability Brought to you by cr4wl3r http://bastardlabs.info Software Link: http://sourceforge.net/projects/fg-gsm/?source=dlp ----------------------------------------------- Source FunGamez/admin/modules/game.php .......... 135 And...

OpenDocMan 1.2.5 - Cross-Site Scripting / SQL Injection

Security Advisory : Multiple vulnerabilities in OpenDocMan Discovered by == Amol Naik amolnaik4atgmail.com Overview -------------- OpenDocMan is a free document management system DMS designed to comply with ISO 17025 and OIE standard for document management. It features web based access, fine...

Phoenix View CMS Pre Alpha2 - SQL Injection / Local File Inclusion / Cross-Site Scripting

Phoenix View CMS = Pre Alpha2 Multiple Vulnerabilities LFISQLIXSS Found by : tw8 Date : 8.05.2008 Website && Forum : http://rstzone.org && http://rstzone.org/forum/ Bug type : LFI, SQLI & XSS Affected software description: Application : Phoenix View CMS Version : = Pre Alpha2 Vendor :...

cb075-rfi.txt

Content Builder 0.7.5 RFI Bug Script Home Page : http://www.content-builder.de/ Source Forge Script Link : http://sourceforge.net/projects/content-builder/ Script Download URL : http://www.content-builder.de/modules/download/download.php?id=821 The Content Builder is a powerful German...