PHPWebGallery 1.3.4 - Cross-Site Scripting / Local File Inclusion

---------------------------------------------------------------- Script : PhpWebGallery 1.3.4 Type : Multiple Vulnerabilities XSS/LFI Rist : High Google Dork : inurl:"picture.php?cat=" "Powered by PhpWebGallery 1.3.4" ---------------------------------------------------------------- Download From ...

Sports Clubs Web Panel 0.0.1 (p) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications =================================================================== Sports Clubs Web Panel 0.0.1 p Local File Inclusion Vulnerability ===================================================================...

nooms-xss.txt

---------------------------------------------------------------- Script : Nooms 1.1 Type : Multiple Vulnerabilities Cross Site Scripting/Redirect/Mysql Brute Force Local Access Risk : Medium ---------------------------------------------------------------- Download From :...

phpwebgallery-xsslfi.txt

---------------------------------------------------------------- Script : PhpWebGallery 1.3.4 Type : Multiple Vulnerabilities XSS/LFI Rist : High Google Dork : inurl:"picture.php?cat=" "Powered by PhpWebGallery 1.3.4" ---------------------------------------------------------------- Download From ...

Stash 1.0.3 Multiple SQL Injection Vulnerabilities

No description provided by source. Stash v1.0.3 Admin bypass / Remote File Disclosure AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr Download :...

myPHPNuke 'printfeature.php' SQL注入漏洞

BUGTRAQ ID: 30959 CNCAN ID：CNCAN-2008090304 myPHPNuke是一款基于PHP的WEB应用程序。 myPHPNuke不正确处理用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，可能获得敏感信息或操作数据库。 问题由于'printfeature.php'脚本对用户提交给'artid'参数缺少过滤，构建恶意SQL查询作为参数数据，可更改原来的SQL逻辑，获得敏感信息或操作数据库。 poc http://example.com/printfeature.php?artid=-1 union select...

Stash 1.0.3 - Multiple SQL Injections

Stash 1.0.3 - Multiple SQL Injections Stash v1.0.3 Admin bypass / Remote File Disclosure AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr Download :...

Stash 1.0.3 - Multiple SQL Injections

Stash v1.0.3 Admin bypass / Remote File Disclosure AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr Download :...

stash-bypass.txt

Stash v1.0.3 Admin bypass / Remote File Disclosure AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr Download :...

Devalcms 1.4a - Cross-Site Scripting / Remote Code Execution

!/usr/bin/python devalcms v1.4a Remote Code Execution Exploit / Xss AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr Download :...

Devalcms 1.4a - Cross-Site Scripting Remote Code Execution

Devalcms 1.4a - Cross-Site Scripting Remote Code Execution !/usr/bin/python devalcms v1.4a Remote Code Execution Exploit / Xss AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina...

FreeBSD Ports: smbftpd

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: phpmyadmin, phpMyAdmin

The remote host is missing an update to the system as announced in the referenced advisory. VID 6192ae3d-9595-11d9-a9e0-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: leafnode

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

webid054-sql.txt

Application :: WeBid v0.5.4 sql injection vuln Download :: http://www.sourceforge.net/projects/simpleauction Found By ::Stack http://www.site.il/item.php?id=-1//UNION//SELECT//1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32/...

Brim 2.0.0 (SQL/XSS) Multiple Remote Vulnerabilities

No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...

WeBid 0.5.4 - 'item.php' SQL Injection

Application :: WeBid v0.5.4 sql injection vuln Download :: http://www.sourceforge.net/projects/simpleauction Found By ::Stack http://www.site.il/item.php?id=-1//UNION//SELECT//1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32/ milw0rm.com 2008-09-01...

brim-sqlxss.txt

|| || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

Brim 2.0.0 - SQL Injection Cross-Site Scripting

Brim 2.0.0 - SQL Injection Cross-Site Scripting || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ Kings of injection | | // | | |...

NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection

NewsHOWLER 1.03 Beta Cookie Handling Via Sql injection AUTHOR : IRCRASH R3d.W0rm Sina Yazdanmehr Discovered by : IRCRASH R3d.W0rm Sina Yazdanmehr Our Site : Http://IRCRASH.COM IRCRASH Team Members : Dr.Crash - R3d.w0rm Sina Yazdanmehr Download :...