2611 matches found
phpMyBackupPro 2.2 - Local File Inclusion
:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2012-07-03 phpMyBackupPro = 2.2 Local File Inclusion Vulnerability Script: "phpMyBackupPro is a very easy to use, free, web-base...
Agora-Project 2.12.11 - Arbitrary File Upload
Exploit Title: agora-project2.12.1112-2011 Remote Shell Upload Google Dork: n0 N0obs Date: 10/06/2012 Exploit Author: Misa3l Vendor Homepage: http://sourceforge.net/projects/agora-project/ Software Link: http://sourceforge.net/projects/agora-project/files/latest/download Version: 2.12.1112-2011...
Pro Clan Manager v0.4.2 (roster.php) Sql Injection Vulnerability
Exploit for php platform in category web applications Pro Clan Manager v0.4.2 roster.php Sql Injection Vulnerability ======================================================================= .:. Author : AtT4CKxT3rR0r1ST email protected .:. Script : http://sourceforge.net/projects/autoweb/ .:. Dork...
PHP Volunteer Management System v 1.0.2 multiple SQLi Vulnerabilities
Exploit for php platform in category web applications Title: PHP Volunteer Management System v 1.0.2 multiple SQLi Vulnerabilities Version: 1.0.2 Author/Found by: loneferret Software Site: https://sourceforge.net/projects/phpvolunteer/ Other vulnerabilities:...
PHP Address Book 7.0.0 - Multiple Vulnerabilities
PHP Address Book 7.0.0 - Multiple Vulnerabilities Advisory: PHP Address Book 7.0.0 Multiple security vulnerabilities Advisory ID: SSCHADV2012-013 Author: Stefan Schurtz Affected Software: Successfully tested on PHP Address Book 7.0.0 Vendor URL: http://sourceforge.net/projects/php-addressbook/...
PHP Agenda 2.2.8 - SQL Injection
PHP Agenda 2.2.8 - SQL Injection Title:Simple PHP Agenda 2.2.8 SQLi Vulnerability Version: php-agenda 2.2.8 Author/Found by: loneferret Manifacturer/Software link: http://sourceforge.net/projects/php-agenda/files/latest/download Other vulnerability: http://www.exploit-db.com/exploits/18694/ Date...
PHP Agenda 2.2.8 - SQL Injection
Title:Simple PHP Agenda 2.2.8 SQLi Vulnerability Version: php-agenda 2.2.8 Author/Found by: loneferret Manifacturer/Software link: http://sourceforge.net/projects/php-agenda/files/latest/download Other vulnerability: http://www.exploit-db.com/exploits/18694/ Date found: May 7th 2012 Tested on:...
mysqldumper1.24.4_LFI_XSS_CSRF_PHPEXEC_TRAVERSAL_INFO_DISCLOS
================================================================================================ Vulnerable Software: MySQLDumper Version 1.24.4 Downloaded from: http://sourceforge.net/projects/mysqldumper/files/ MD5 SUM: b62357a0d5bbb43779d16427c30966a1 MySQLDumper1.24.4.zip...
PHP Volunteer Management (get_messages.php) SQL Injection Vulnerabilities
Title: PHP Volunteer Management getmessages.php SQL Injection Vulnerabilities Author: eidelweiss Twitter: @AriosRandy Website: www.eidelweiss.info Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Category: webapp php Greetz: Devilzc0de, exploit-db, G13 first vuln...
WebCalendar 1.2.4 Remote Code Execution
?php / ----------------------------------------------------------------------- WebCalendar = 1.2.4 install/index.php Remote Code Executionn Exploit ----------------------------------------------------------------------- author..........: Egidio Romano aka EgiX mail............:...
PHP Volunteer Management 1.0.2 Cross Site Scripting / SQL Injection
Exploit Title: PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities Date: 04/21/12 Author: G13 Twitter: @g13net Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Category: webapp php ToC 0x01 Description 0x02 XSS 0x03 SQL Injection 0x04 Vendor Notification 0x01...
PHP Volunteer Management 1.0.2 Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities Date: 04/21/12 Author: G13 Twitter: @g13net Software Site: https://sourceforge.net/projects/phpvolunteer/ Version: 1.0.2 Category: webapp php ToC 0x01 Description 0x02...
PHP Ticket System Beta 1 - index.php?p SQL Injection
PHP Ticket System Beta 1 - index.php?p SQL Injection Exploit Title: PHP Ticket System Beta 1 'p' SQL Injection Date: 04/16/12 Author: G13 Twitter: @g13net Software Site: http://sourceforge.net/projects/phpticketsystem/ Version: Beta 1 Category: webapp php Description PHP Ticket System is a small...
WebCalendar 1.2.4 - Remote Code Execution
WebCalendar 1.2.4 - Remote Code Execution ?php / ----------------------------------------------------------------------- WebCalendar = 1.2.4 install/index.php Remote Code Executionn Exploit ----------------------------------------------------------------------- author..........: Egidio Romano aka...
vTiger CRM 5.1.0 - Local File Inclusion
Exploit Title: VTiger CRM Google Dork: None Date: 20/03/2012 Author: Pi3rrot Software Link: http://sourceforge.net/projects/vtigercrm/files/vtiger%20CRM%205.1.0/ Version: 5.1.0 Tested on: CentOS 6 CVE : none We have find this vulnerabilitie in VTiger 5.1.0 In this example, you can see a Local fil...
PHPWPOS Change Admin User And Password ( All Version )
Exploit for php platform in category web applications author : L3b-r1'z Title : PHPWPOS Change Admin User And Password All Version Dork : allintext: "2006 © Moisés Sequeira http://www.ptwebserve.com/phpwpos" Download : http://sourceforge.net/projects/phpwpos/files/phpwpos/ Contact : email protect...
Adobe releases open source malware classification tool
Adobe releases open source malware classification tool Adobe Systems has released a malware classification tool in order to help security incident first responders, malware analysts and security researchers more easily identify malicious binary files. The 'Adobe Malware Classifier' tool uses...
e-ticketing - SQL Injection
e-ticketing - SQL Injection 'e-ticketing' SQL Injection CVE-2012-1673 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in loginscript.php that allows for SQL injection of the 'username' and 'password' POST parameters. II. TEST...
Hotel Booking Portal - SQL Injection
Hotel Booking Portal - SQL Injection 'Hotel Booking Portal' SQL Injection CVE-2012-1672 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in getcity.php that allows for SQL injection of the 'country' POST parameter. II. TESTED...
phpPaleo - Local File Inclusion
phpPaleo - Local File Inclusion 'phpPaleo' Local File Inclusion CVE-2012-1671 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for language handling that allows for local file inclusion using a null-byte attack on...