MODx CMS 0.9.6.1 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ================================================ MODx CMS 0.9.6.1 Multiple Remote Vulnerabilities ================================================ AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com...

MODx CMS 0.9.6.1 - Multiple Vulnerabilities

MODx CMS 0.9.6.1 - Multiple Vulnerabilities WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with...

MODx CMS 0.9.6.1 - Multiple Vulnerabilities

WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! - Description: quote...

modxcms-lfi.txt

WwW.BugReport.ir AmnPardaz Security Research Team Title: MODx CMS Vulnerabilities Vendor: http://modxcms.com Bugs: Source code disclosure, local file inclusion Vulnerable Version: 0.9.6.1 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! - Description: quote...

MODx 0.9.6.1 - htcmime.php Source Code Information Disclosure

MODx 0.9.6.1 - htcmime.php Source Code Information Disclosure source: https://www.securityfocus.com/bid/27096/info MODx is prone to a vulnerability that allows attackers to access source code because the application fails to properly sanitize user-supplied input. An attacker can exploit this...

Bitweaver source code disclosure, arbitrary file upload

WwW.BugReport.ir AmnPardaz Security Research Team Title: Bitweaver R2 CMS Vendor: http://www.bitweaver.org Bugs: source code disclosure, arbitrary file upload Vulnerable Version: 2 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! - Description: Bitweaver is...

bitweaver-disclose.txt

WwW.BugReport.ir AmnPardaz Security Research Team Title: Bitweaver R2 CMS Vendor: http://www.bitweaver.org Bugs: source code disclosure, arbitrary file upload Vulnerable Version: 2 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! - Description: Bitweaver is...

Bitweaver R2 CMS Remote File Upload / Disclosure Vulnerabilities

No description provided by source. WwW.BugReport.ir AmnPardaz Security Research Team Title: Bitweaver R2 CMS Vendor: http://www.bitweaver.org Bugs: source code disclosure, arbitrary file upload Vulnerable Version: 2 prior versions also may be affected Exploitation: Remote with browser Fix...

Bitweaver R2 CMS - Arbitrary File Upload Disclosure

Bitweaver R2 CMS - Arbitrary File Upload Disclosure WwW.BugReport.ir AmnPardaz Security Research Team Title: Bitweaver R2 CMS Vendor: http://www.bitweaver.org Bugs: source code disclosure, arbitrary file upload Vulnerable Version: 2 prior versions also may be affected Exploitation: Remote with...

Bitweaver R2 CMS - Arbitrary File Upload / Disclosure

WwW.BugReport.ir AmnPardaz Security Research Team Title: Bitweaver R2 CMS Vendor: http://www.bitweaver.org Bugs: source code disclosure, arbitrary file upload Vulnerable Version: 2 prior versions also may be affected Exploitation: Remote with browser Fix Available: No! - Description: Bitweaver is...

smbfs and apache+php source code disclosure

Because of different filename handling in Posix and Windows there is an issue with resolving filenames with a backslash "" character appended on a windows share. Consider you have a windows share mounted on a linux box with a php script on it - let's say info.php. Executing find info.php and find...

CVE-2007-6314

BarracudaDrive Web Server before 3.8 allows remote attackers to read the source code for web scripts by appending a 1 + plus, 2 . dot, or 3 %80 and similar characters to the file name in the URL...

CVE-2007-6314

BarracudaDrive Web Server before 3.8 allows remote attackers to read the source code for web scripts by appending a 1 + plus, 2 . dot, or 3 %80 and similar characters to the file name in the URL...

LiteSpeed Web Server <= 3.2.3 Remote Source Code Disclosure Vuln

No description provided by source. | | |--.-----.| .-----.' |.---.-.----.-----.--| | | | | | -|| -- | -| || | | -| | || |||||/||| |.||||...

LiteSpeed Web Server <= 3.2.3 Remote Source Code Disclosure Vuln

Exploit for multiple platform in category remote exploits ================================================================ LiteSpeed Web Server = 3.2.3 Remote Source Code Disclosure Vuln ================================================================ | | |--.-----.| .-----.'...

Litespeed Web Server 3.2.3 - Source Code Disclosure

Litespeed Web Server 3.2.3 - Source Code Disclosure | | |--.-----.| .-----.' |.---.-.----.-----.--| | | | | | -|| -- | -| || | | -| | || |||||/||| |.|||| TheDefaced.org TheDefaced Security Team Presents An 0-day. LiteSpeed Remote Mime Type Injection Discovered by:Tr3mbl3r Shouts to his kitty kats...

Design/Logic Flaw

StaticFileHandler.cs in System.Web in Mono before 1.2.5.2, when running on Windows, allows remote attackers to obtain source code of sensitive files via a request containing a trailing 1 space or 2 dot, which is not properly handled by XSP...

SHTTPD V1.38 server source code disclosure

SHTTPD V1.38 server source code disclosure ------------------------------------ link:http://shttpd.sourceforge.net/ info: The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files...

MyServer-0.8.9 - source code disclosure

The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files. Found By:Shay Priel aka Prili site: http://www.myserverproject.net/ poc: ---- http://localhost/cgi-bin/post.mscgI I -...

PHP 4.4.6 cpdf_open() Local Source Code Discslosure PoC

Exploit for multiple platform in category local exploits ======================================================= PHP 4.4.6 cpdfopen Local Source Code Discslosure PoC ======================================================= ?php / PHP 4.4.6 cpdfopen source code disclosure poc by rgod site:...