Phpwiki Ploticus Remote Code Execution

The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via command injection. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Phpwiki Ploticus Remote Code...

Rejetto HTTP File Server (HFS) 2.3.x - Remote Command Execution (1)

Rejetto HTTP File Server HFS 2.3.x - Remote Command Execution 1 Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 11-09-2014 Remote: Yes Exploit Author: Daniele Linguaglossa Vendor Homepage: http://rejetto.com/ Software Link:...

HttpFileServer 2.3.x Remote Command Execution

Affected software: http://sourceforge.net/projects/hfs/ Version : 2.3x Exploit Title: HttpFileServer 2.3.x Remote Command Execution Google Dork: intext:"httpfileserver 2.3" Date: 11-09-2014 Remote: Yes Exploit Author: Daniele Linguaglossa Vendor Homepage: http://rejetto.com/ Software Link:...

PHP Stock Management System 1.02 - Multiple Persistent Cross Site Scripting Vulnerabilities

Exploit for php platform in category web applications ​ Exploit Title: Multiple Persistent Cross Site Scripting Vulnerabilities in PHP Stock Management System 1.02 Date: 25 Aug 2014 Exploit Author: ​Ragha Deepthi K R Vendor Homepage: ​http://www.posnic.com/​ Software Link:​...

DirPHP 1.0 - LFI Vulnerability

No description provided by source. !/usr/bin/env python -- coding:utf-8 -- from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class TestPOCPOCBase: vulID = '87159' version = '1' vulDate = '1406390400' createDate = '1442937600' references =...

DjVuLibre <= 3.5.25.3 - Out of Bounds Access Violation

No description provided by source. from shutil import copyfile import sys """ Exploit Title: DjVuLibre = 3.5.25 Out of Bounds Access Violation Date: 07/14/24 Exploit Author: drone @dronesec Vendor: http://djvu.sourceforge.net/ Software link:...

DjVuLibre 3.5.25.3 - Out of Bounds Access Violation

from shutil import copyfile import sys """ Exploit Title: DjVuLibre .text:004D3BC5 mov eax, eax+ecx4 .text:004D3BC8 test eax, eax .text:004D3BCA jnz short loc We overwrite 4 bytes in an FG44 chunk header with \xff\xff\xff\xff: 46 47 34 34 00 00 04 6E 00 64 01 02 FF FF FF FF 80 FF...

DjVuLibre 3.5.25.3 - Out of Bounds Access Violation

DjVuLibre 3.5.25.3 - Out of Bounds Access Violation from shutil import copyfile import sys """ Exploit Title: DjVuLibre .text:004D3BC5 mov eax, eax+ecx4 .text:004D3BC8 test eax, eax .text:004D3BCA jnz short loc We overwrite 4 bytes in an FG44 chunk header with \xff\xff\xff\xff: 46 47 34 34 00 00 ...

OL-Commerce 2.1.1 Cross Site Scripting / SQL Injection Vulnerabilities

OL-Commerce version 2.1.1 suffers from cross site scripting and remote SQL injection vulnerabilities. OL-Commerce v2.1.1 - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : email protected , email protected .:...

Time and Expense Management System Multiple Vulnerabilities

No description provided by source. ------------------------------------------------------------------------ Software................Time and Expense Management System Vulnerability...........Command Injection Threat Level............Very Critical 5/5...

NewLife Blogger <= 3.0 Insecure Cookie Handling / SQL Injection Vuln

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= NewLife Blogger = v3.0 / Insecure Cookie Handling & SQL Injection Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $ Program: NewLife...

ftp admin 0.1.0 (lfi/xss/ab) Multiple Vulnerabilities

No description provided by source. FTP Admin v0.1.0 - MULTIPLE VULNERABILITIES by Omni 1 Infos --------- Date : 2007-11-28 Product : FTP Admin Version : v0.1.0 Vendor : http://sourceforge.net/projects/ftpadmin/ Vendor Status : 2007-11-30 Informed! Description : FTP admin is a web-based user...

Audacity <= 1.2 (.gro File) Universal BOF Exploit (egg hunter)

No description provided by source. !/usr/bin/env python Audacity = 1.2 .gro universal buffer overflow exploit Author: mrme Download: http://audacity.sourceforge.net/download/ Tested on Wind0ws XP sp3 & Vist@ Greetz fly to Muts and the offensive-security team also to my wonderful partner Vanessa F...

KISGB <= (tmp_theme) 5.1.1 - Local File Inclusion Vulnerability

No description provided by source. !/usr/bin/env python -- coding:utf-8 -- from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class TestPOCPOCBase: vulID = '65284' version = '1' vulDate = '1206806400' createDate = '1442937600' references =...

php weather 2.2.2 (lfi/xss) Multiple Vulnerabilities

No description provided by source. Lfi/xss script: phpweather-2.2.2 download from:http://downloads.sourceforge.net/phpweather/phpweather-2.2.2.zip?modtime=1087430400&bigmirror=0 vul: /test.php line 48: requirePHPWEATHERBASEDIR . /output/pwtext$language.php; xpl:...

AdaptCMS_Lite_1.5 2009-07-07

No description provided by source. =========================================================================== Topic : AdaptCMSLite1.5 2009-07-07 Bug type : change admin user,passwd & add new admin user exploit Download :...

Ciamos CMS <= 0.9.6b (config.php) Remote File Include Exploit

No description provided by source. !/usr/bin/perl use LWP::UserAgent; ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+...

Yerba SACphp <= 6.3 (mod) Local File Inclusion Exploit

No description provided by source. ! /usr/bin/perl -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Yerba SACphp = 6.3 / Local File Inclusion Exploit -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Program: Yerba SACphp Version: = 6.3 File affected: index.php Download:...

FirmWorX 0.1.2 - Multiple Remote File Inclusion Vulnerabilities

No description provided by source. DeltaSecurityTEAM WwW.DeltaSecurity.iR Portal Name = FirmWorX 0.1.2 Class = Remote File Inclusion Risk = High Remote File Execution Download = http://firmworx.sourceforge.net Discoverd By = DeltahackingTEAM User In Delta Team = Dav00dCracker Conatact =...

Vikingboard <= 0.2 Beta (task) Local File Inclusion Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl Vikingboard = 0.2 Beta Local File Inclusion Vulnerability Script: Vikingboard is a PHP-based discussi...