Lucene search
+L

104 matches found

Kitploit
Kitploit
added 2015/04/04 11:6 p.m.24 views

Commix - Automated All-in-One OS Command Injection and Exploitation Tool

Commix short for command injection exploiter has a simple environment and it can be used, from web developers, penetration testers or even security researchers to test web applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, ...

8.4AI score
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

VHCS <= 2.4.7.1 (Add User) Authentication Bypass Exploit

No description provided by source. html head titleVHCS version = 2.4.7.1 PoC. By RoMaNSoFt/title script language=JavaScript function submitform if document.adminadduser.username.value=='admin' alert'Learn to read before launching an exploit, script-kiddie!'; exit;...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.32 views

Joomla Component joomlaXplorer <= 1.6.2 - Remote Vulnerabilities

No description provided by source. ------------------------------------------------------------- ----- H-T Team HouSSaMix + ToXiC350 from MoroCCo -------- ------------------------------------------------------------- = Author : HouSSaMix = Script : Joomla and Mambo Component joomlaxplorer = versi...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.555 views

Oracle Forms and Reports 11.1 - Remote Exploit

No description provided by source. !/usr/bin/env ruby Exploit Title: Oracle Reports 11.1 About: Automated exploit for CVE-2012-3153/CVE-2012-3152 Google Dork: inurl:/reports/rwservlet/ Date: 01/28/2014 Exploit Author: Mekanismen [email protected] Credits to: @misssudo for initial disclosure...

6.4CVSS9.3AI score0.98695EPSS
Exploits11
Exploit DB
Exploit DB
added 2012/06/06 12:0 a.m.35 views

SN News 1.2 - &#039;visualiza.php&#039; SQL Injection

\n"; echo "Example:\n"; echo "php $argv0 http://www.website.com/snnews\n"; exit; $target = $argv1; ifsubstr$target, strlen$target-1!="/" $target .= "/"; $inject = $target . "visualiza.php?id=-0'%20"; $token = uniqid; $tokenhex = hex$token; echo " Trying to get informations...\n"; $infos =...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2011/08/14 12:0 a.m.40 views

Contrexx ShopSystem 2.2 SP3 - Blind SQL Injection

Exploit title: Contrexx Shopsystem Blind SQL Injection Exploit Exploit PoC: index.php?section=shop&productId=VALID productid and YOUR BLIND SQL CODE Exploit tested on: Debian 6, Ubuntu Linux 11.04 Exploit found and written by: Penguin Version: = [email protected] !/usr/bin/php...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2010/02/18 6:0 p.m.31 views

CVE-2010-0648

Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets0.href property value, relate...

4.3CVSS5.9AI score0.01245EPSS
Exploits1References2
NVD
NVD
added 2010/01/14 7:30 p.m.21 views

CVE-2010-0315

WebKit before r53607, as used in Google Chrome before 4.0.249.89, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the...

5CVSS8.5AI score0.06894EPSS
Exploits2References16
UbuntuCve
UbuntuCve
added 2010/01/14 7:30 p.m.19 views

CVE-2010-0314

Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets0.href property value...

5CVSS5.9AI score0.07462EPSS
Exploits2References3
Cvelist
Cvelist
added 2010/01/14 7:0 p.m.25 views

CVE-2010-0314

Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets0.href property value...

8.8AI score0.07462EPSS
Exploits2References6
CVE
CVE
added 2010/01/14 7:0 p.m.52 views

CVE-2010-0314

The connected SSV entry (SSV:19008) documents CVE-2010-0314 as a redirect-target disclosure in Apple Safari: if a site URL is placed in the HREF of a stylesheet LINK element, a user’s session can read document.styleSheets[0].href to reveal the redirect URL. It notes Safari 4.0.4 and describes the...

5CVSS8.5AI score0.07462EPSS
Exploits2References6Affected Software1
Packet Storm
Packet Storm
added 2009/08/18 12:0 a.m.29 views

BaBB 2.8 Code Injection

!usr/bin/python BaBB 2.8 Full Code Injection Exploit AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://IrCrash.com My Official WebSite : http://R3dW0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Download :...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2009/05/04 12:0 a.m.19 views

Winn ASP Guestbook 1.01b Remote Database Disclosure Exploit

No description provided by source. !/usr/bin/perl -w Winn ASP Guestbook 1.01 Beta Database Disclosure Exploit Found By : ZoRLu Home: yildirimordulari.com , dafgamers.com , z0rlu.blogspot.com Not: Bana Bug BulamIyorum, YapamIyorum Demeyin a.q Elin Gavuru YapIyor Sizler Niye YapamIyorsunuz...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/10/07 12:0 a.m.30 views

TorrentTrader Classic 1.04 - Blind SQL Injection

TorrentTrader Classic 1.04 - Blind SQL Injection ====================================================== == TorrentTrader Classic NamE : TorrentTrader Classic == version : 1.04 == Download : www.torrenttrader.org ====================================================== == AuThOr : BazOka-HaCkEr ==...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2008/07/01 12:0 a.m.57 views

PHP-Nuke Platinium 7.6.b.5 - Remote Code Execution

Date: 02/07/08 Note I modified a bit phpsploit for this exploit, because PHP Nuke plays with REQUESTURI var ... Requirements registerglobals=On phpreter phpreter is really easy to use: You can change mode using "mode=", with = sql, php or cmd If you want to understand how it work ... read the cod...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/26 12:0 a.m.32 views

dbhcms-rfi.txt

!/usr/bin/perl DBHcms $shellurl = "http://localhost/s.txt"; print " DBHcms ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .= "/"; print "PHP code to evaluate? "; chomp$code=; $code = s/|new; $ua-timeout10; $ua-envproxy; $response = $ua-post$target,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/11 12:0 a.m.27 views

openrealty-exec.txt

!/usr/bin/perl Vendor url: www.open-realty.org note: exploit requires Registerglobals = On in php.ini Iron http://www.randombase.com require LWP::UserAgent; print " Open-Realty ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .= "/"; print "PHP code to evaluate? ";...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/02/11 12:0 a.m.31 views

journalness-exec.txt

!/usr/bin/perl Vendor url: journalness.sourceforge.net note: exploit requires Registerglobals = On in php.ini Iron http://www.randombase.com require LWP::UserAgent; print " Journalness ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .= "/"; print "PHP code to...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/02/09 12:0 a.m.20 views

Journalness 4.1 - last_module Remote Code Execution

Journalness 4.1 - lastmodule Remote Code Execution !/usr/bin/perl Vendor url: journalness.sourceforge.net note: exploit requires Registerglobals = On in php.ini Iron http://www.randombase.com require LWP::UserAgent; print " Journalness ; if$target ! /^http:/// $target = "http://".$target;...

0.4AI score
Exploits0
seebug.org
seebug.org
added 2007/07/04 12:0 a.m.22 views

phpEventCalendar &lt;= 0.2.3 (eventdisplay.php) SQL Injection Exploit

No description provided by source. !/usr/bin/perl Vendor url: www.ikemcg.com require LWP::UserAgent; print " phpEventCalendar = v0.2.3 SQL Injection Exploit By Iron - ironwarez.info Thanks to Silentz for the help : Greets to everyone at RootShell Security Group & dHack Example target url:...

7.1AI score
Exploits0
Rows per page
Query Builder