UGiA PHP UPLOADER V0.2 Shell Upload Vulnerability

Exploit for unknown platform in category web applications ================================================= UGiA PHP UPLOADER V0.2 Shell Upload Vulnerability ================================================= ======================================================================================== ...

UGiA PHP UPLOADER 0.2 - Arbitrary File Upload

UGiA PHP UPLOADER 0.2 - Arbitrary File Upload ======================================================================================== | Title : UGiA PHP UPLOADER V0.2 Shell Upload Vulnerability | Author : indoushka | email : [email protected] | Home : www.iq-ty.com/vb | Script Home :...

Open Media Collectors Database Multiple Local File Include Vulnerabilities

Open Media Collectors Database OpenDb is prone to multiple local file- include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and execute arbitrary local scripts in the context of...

MoME CMS 0.8.5 SQL Injection

'/ -.- --------------------oOO------OOo------------------- | MoME CMS ! Download: http://sourceforge.net/projects/mome/files/ ! Date: 16.01.2010 ! Remote: yes ! Code : //controllo user e passwd da login ifisset$POST'postedusername' && isset$POST'postedpassword' $query="SELECT FROM users WHERE...

RoseOnlineCMS 3 B1 - Remote Authentication Bypass

RoseOnlineCMS 3 B1 - Remote Authentication Bypass '/ -.- --------------------oOO------OOo------------------- | RoseOnlineCMS ! Download: http://sourceforge.net/projects/rosecms/files/ ! Date: 16.01.2010 ! Remote: yes ! Code : " method="post" Username: Password: ?php ifisset$POST'submit' //...

LetoDMS Local File Inclusion / Cross Site Request Forgery

SEC Consult Security Advisory ======================================================================== title: Local file inclusion/execution and multiple Cross-Site-Request-Forgery vulnerabilities in LetoDMS formerly MyDMS products: LetoDMS formerly MyDMS vulnerable version: LetoDMS formerly MyDM...

CiviCRM 3.1 < Beta 5 - Multiple Cross-Site Scripting Vulnerabilities

Author: h00die [email protected] & Ch3nz [email protected] Software Link: http://sourceforge.net/projects/civicrm/files/civicrm-latest/3.1.beta1/civicrm-3.1.beta1-standalone.tar.gz/download Version: and from being in the same input box. In several cases it is possible to use multiple input boxes th...

ProfitCode Shopping Cart Local File Inclusion / Remote File Inclusion

Exploit Title: ProfitCode Shopping Cart Multi Vulnerability LFI/RFI Date: 2010-01-09 Author: Zer0 Thunder Site : http://www.profitcode.net/ - http://profbiz-cart.sourceforge.net/ Software Link: http://sourceforge.net/project/platformdownload.php?groupid=258424 Tested on: Windows XP sp2 WampServer...

AWCM 2.1 Backup Vulnerability

Subject:AWCM Date: 6/1/21010 Author: alnjm33 version:2.1 Tested on: version:2.1 download: http://awcm.sourceforge.net/ar/downpro.php?id=30 Home:sec-war.com :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::exploit::::::::::::::::::::::::::::::::::::::::::::::::::::::::::...

AutoIndex PHP Script (index.php) Directory Traversal Vulnerability

Exploit for unknown platform in category web applications ================================================================== AutoIndex PHP Script index.php Directory Traversal Vulnerability ================================================================== ? Script: AutoIndex PHP Script ? Languag...

AWCM - Database Disclosure

AWCM - Database Disclosure Subject:AWCM Date: 6/1/21010 Author: alnjm33 version:2.1 Tested on: version:2.1 download: http://awcm.sourceforge.net/ar/ Home:sec-war.com :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::exploit::::::::::::::::::::::::::::::::::::::::::::::::::::::::::...

LightOpenCMS 0.1 - smarty.php Remote File Inclusion

LightOpenCMS 0.1 - smarty.php Remote File Inclusion Exploit Title: LightOpen CMS Remote File Inclusion smarty.php Date: 2010-01-05 Author: Zer0 Thunder Software Link: http://sourceforge.net/projects/lightopencms/ Version: v0.1 Tested on: Windows XP sp2 Wamp CVE : Code : Exploit :...

LightOpenCMS 0.1 - 'smarty.php' Remote File Inclusion

Exploit Title: LightOpen CMS Remote File Inclusion smarty.php Date: 2010-01-05 Author: Zer0 Thunder Software Link: http://sourceforge.net/projects/lightopencms/ Version: v0.1 Tested on: Windows XP sp2 Wamp CVE : Code : Exploit : http://site.com/path/smarty.php?cwd=shell.txt?%00 Example :...

LightOpen CMS Remote File Inclusion (smarty.php)

Exploit for unknown platform in category web applications ================================================ LightOpen CMS Remote File Inclusion smarty.php ================================================ Exploit Title: LightOpen CMS Remote File Inclusion smarty.php Date: 2010-01-05 Author: Zer0...

PHP-Addressbook 3.1.5 SQL Injection

@ php-addressbook v3.1.5edit.php SQL Injection Vulnerability @ Author: Hussin X @ Home : www.iq-ty.com, @ email: darkangelg85atYahoodotcom @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ script : http://sourceforge.net/project/showfiles.php?groupid=157964 @ DorK : php-addressbook v3.1...

php-addressbook v3.1.5(edit.php) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================ php-addressbook v3.1.5edit.php SQL Injection Vulnerability ============================================================ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ ...

Cybershade CMS 0.2 Remote File Inclusion

Author: Author: Mr.SeCreT E-mail: [email protected] From: Syria Script Information: Script: Cybershade CMS 0.2 Remote File Inclusion Vulnerability Language: PHP Download: http://sourceforge.net/projects/cybershadecms/files/cybershadecms/0.2b-DEV/cybershade0.2b-DEV.zip/download Vul Code: core.php:...

RoseOnlineCMS <= 3 B1 (admin) Local File Inclusion

No description provided by source. '/ -.- --------------------oOO------OOo------------------- | RoseOnlineCMS = 3 B1 admin Local File Inclusion | | works only with magicquotesgpc = off | ------------------------------------------------------ ! Discovered: cr4wl3r cr4wl3r!linuxmail.org ! Download:...

Stash 1.0.3 Cross Site Scripting

Author: Author: Mr.SeCreT E-mail: [email protected] From: Syria http://english.islamweb.net/ Script Information: Script: Stash 1.0.3 Remote XSS Vulnerability Language: PHP Download: http://garr.dl.sourceforge.net/project/nice-stash/Stash%20CMS/1.0.3/stash-1.0.3.zip Vul Code: footer.inc.php: "My In...

RoseOnlineCMS 3 B1 - 'admin' Local File Inclusion

'/ -.- --------------------oOO------OOo------------------- | RoseOnlineCMS ! Download: http://sourceforge.net/projects/rosecms/files/ ! Date: 30.12.2009 ! Remote: yes ! Code : Click here to go back home'; obendflush; ? ! PoC: RoseOnlineCMSpath/modules/admincp.php?admin=LFI%00...