Family CMS 2.7.2 - Multiple Persistent Cross-Site Scripting Vulnerabilities

FCMS2.7.2 cms and earlier multiple stored XSS Vulnerability =================================================================================== Exploit Title: FCMS2.7.2 cms multiple stored XSS Vulnerability Download link...

Traq 'authenticate()'函数远程代码执行漏洞

Bugtraq ID: 50961 Traq是一款基于PHP/MySQL的项目管理软件 定义在/admincp/common.php中的authenticate函数存在错误： 27. function authenticate 28. 29. global $user; 30. 31. if!$user-group'isadmin' 32. header"Location: login.php"; 33...

Family Connections 'argv[1]' Parameter Remote Arbitrary Command Execution Vulnerability

Family Connections is prone to a remote arbitrary command- execution vulnerability because it fails to properly validate user-supplied input. An attacker can exploit this issue to execute arbitrary commands within the context of the vulnerable application. OpenVAS Vulnerability Test $Id:...

Freelancer calendar <= 1.01 SQL Injection Vulnerability

Dear all, I have found multiple a SQL injection vulnerability in Freelancer calendar = 1.01. It seems to be version 1.01 as you can see in the 'Files' section of the Sourceforge page. I reported the vulnerability to the vendor but no response as stated in the advisory. Best, muuratsalo -- ADVISOR...

Valid tiny-erp <= 1.6 SQL Injection Vulnerability

Dear all, I have found a SQL injection vulnerability in Valid tiny-erp = 1.6. It seems to be version 1.6 as you can see in the 'project' section of www.valid.gr. Anyway there is not any specific number version in the sourceforge page. I reported the vulnerability to the vendor but no response as...

Valid Tiny-Erp 1.6 SQL Injection

------------------------------------------------------------------------ Valid tiny-erp = 1.6 SQL Injection Vulnerability ------------------------------------------------------------------------ author............: muuratsalo Revshell.com contact...........: muuratsaloatgmaildotcom...

Freelancer calendar <= 1.01 SQL Injection Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------ Freelancer calendar = 1.01 SQL Injection Vulnerability ------------------------------------------------------------------------ author............: muuratsalo Revshell.co...

phpLDAPadmin &lt;= 1.2.1.1 &#40;query_engine&#41; Remote PHP Code Injection Exploit

phpLDAPadmin = 1.2.1.1 queryengine Remote PHP Code Injection Exploit author...............: EgiX mail.................: n0b0d13satgmaildotcom software link........: http://phpldapadmin.sourceforge.net/ affected versions....: from 1.2.0 to 1.2.1.1 - vulnerable code in /lib/functions.php 1002...

jara 1.6 sql injection vulnerability

jara 1.6 sql injection vulnerability download http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip author muuratsalo contact muuratsaloatgmail.com exploit http://localhost/jara/view.php?id=SQL Injection...

Jara 1.6 - Multiple Vulnerabilities

!/Mohammed/bin/YahYa Jara v1.6 Multiple Vulnerabilities -------------------------------------------+ download : http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip AutHOr : Or4nG.M4n cOntAct : priv8teathotmail.com versiOn : v1.6 Tested : My Mind :...

Jara v1.6 Multiple Vulnerabilities

Exploit for php platform in category web applications !/Mohammed/bin/YahYa Jara v1.6 Multiple Vulnerabilities -------------------------------------------+ download : http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip AutHOr : Or4nG.M4n cOntAct : priv8teathotmail.com versiOn : v1.6 Tested...

Jara 1.6 SQL Injection

jara 1.6 sql injection vulnerability download http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip author muuratsalo contact muuratsaloatgmail.com exploit http://localhost/jara/view.php?id=SQL Injection...

Jara 1.6 - SQL Injection

jara 1.6 sql injection vulnerability download http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip author muuratsalo contact muuratsaloatgmail.com exploit http://localhost/jara/view.php?id=SQL Injection...

SportsPHool 1.0 - Remote File Inclusion

" ."target:" ."evil:" ."cmd:" ."" .""; if !isset$POST'submit' echo $form; else $file = fopen "test.txt", "w+"; fwrite$file, ""; fclose$file; $file = fopen $target.$evil, "r"; if !$file echo "Unable to get output.\n"; exit; echo $form; while !feof $file $line .= fgets $file, 1024.""; $tpos1 =...

SportsPHool 1.0 - Remote File Inclusion

SportsPHool 1.0 - Remote File Inclusion " ."target:" ."evil:" ."cmd:" ."" .""; if !isset$POST'submit' echo $form; else $file = fopen "test.txt", "w+"; fwrite$file, ""; fclose$file; $file = fopen $target.$evil, "r"; if !$file echo "Unable to get output.\n"; exit; echo $form; while !feof $file $lin...

CMS mini 0.2.2 - Local File Inclusion

Exploit Title: CMSmini 0.2.2 Local File Inclusion Date: 2011.10.20 Author: I2Sec5-BSK Software Link: http://sourceforge.net/projects/cmsmini/ Version: CMSmini 0.2.2 Tested on: Windows XP -------------------------------------------------- /admin/edit.php 30 $name = $GET'name'; 73 $filename =...

jara 1.6 sql injection vulnerability

Exploit for php platform in category web applications jara 1.6 sql injection vulnerability download http://sourceforge.net/projects/jara/files/v1.6/jarav16.zip author muuratsalo contact muuratsaloatgmail.com exploit http://localhost/jara/view.php?id=SQL Injection 0day.today 2018-01-03...

CMSmini 0.2.2 Local File Inclusion

Exploit Title: CMSmini 0.2.2 Local File Inclusion Date: 2011.10.20 Author: I2Sec5-BSK Software Link: http://sourceforge.net/projects/cmsmini/ Version: CMSmini 0.2.2 Tested on: Windows XP -------------------------------------------------- /admin/edit.php 30 $name = $GET'name'; 73 $filename =...

CMS mini 0.2.2 - Local File Inclusion

CMS mini 0.2.2 - Local File Inclusion Exploit Title: CMSmini 0.2.2 Local File Inclusion Date: 2011.10.20 Author: I2Sec5-BSK Software Link: http://sourceforge.net/projects/cmsmini/ Version: CMSmini 0.2.2 Tested on: Windows XP -------------------------------------------------- /admin/edit.php 30...

Sports PHool <= 1.0 Remote File Include Exploit

Exploit for php platform in category web applications " ."target:" ."evil:" ."cmd:" ."" .""; if !isset$POST'submit' echo $form; else $file = fopen "test.txt", "w+"; fwrite$file, ""; fclose$file; $file = fopen $target.$evil, "r"; if !$file echo "Unable to get output.\n"; exit; echo $form; while...