8155 matches found
sirang web-based d-control - Multiple Vulnerabilities
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | "" then txt10 ="select from "+ cstrtblname +" where del='false' and id='"+ id +"'" set xx = conn.executetxt10 if not xx.eof then ... lots of files those will have to do input validation from user input are...
Sirang Web-Based D-Control Multiple Remote Vulnerabilities
Exploit for php platform in category web applications ========================================================== Sirang Web-Based D-Control Multiple Remote Vulnerabilities ========================================================== - Title : Sirang Web-Based D-Control Multiple Remote Vulnerabiliti...
sirang web-based d-control - Multiple Vulnerabilities
sirang web-based d-control - Multiple Vulnerabilities ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | "" then txt10 ="select from "+ cstrtblname +" where del='false' and id='"+ id +"'" set xx = conn.executetxt10 if not xx.eof then ... lots of files those will...
Potential attack vector using attachments
Suspicious handling of attachment uploads with filenames containing quotes the quoted ended up being repeated and semicolons semicolon and all subsequent characters were stripped from filename...
Potential attack vector using attachments
Suspicious handling of attachment uploads with filenames containing quotes the quoted ended up being repeated and semicolons semicolon and all subsequent characters were stripped from filename...
Novell Teaming ajaxUploadImageFile Remote Code Execution (CVE-2010-2773)
Novell Teaming is a team workspace and real-time collaboration tool. It enables users to create, share, discuss, and manage information. A remote code execution vulnerability has been reported in Novell Teaming. The flaw is due to an input validation when parsing image uploads. A remote attacker...
Code injection
Opera before 10.60 does not properly restrict certain interaction between plug-ins, file inputs, and the clipboard, which allows user-assisted remote attackers to trigger the uploading of arbitrary files via a crafted web site...
20/20 DataShed SQL Injection Vulnerability
Exploit for php platform in category web applications ========================================== 20/20 DataShed SQL Injection Vulnerability ========================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ ...
Opera < 10.60 Multiple Vulnerabilities
The version of Opera installed on the remote host is earlier than 10.60. Such versions are potentially affected by the following issues : - A delay, inserted after a user clicks on a link, is not functioning correctly and allows a user's double-click to interact with the download dialog...
Malicious File Upload
The application server accepted a vbscript file, an HTML file containing JavaScript, and the EICAR test virus as allowed attachments. This means that an attacker could submit a malicious file to the backend, where the file might be launched by another internal RIM employee if they click and open...
Joomla Component com_eportfolio Upload Vulnerability
No description provided by source. Name : Joomla comeportfolio Upload Vulnerability Date : june, 20 2010 Critical Level : HIGH Vendor Url : http://www.joomplace.com/e-portfolio/e-portfolio-description.html Google Dork:inurl:comeportfolio Author : Sid3^effects aKa HaRi shellc99atyahoo.com special...
Active Auction Pro SQL Injection
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...
E-book Store - Multiple Vulnerabilities
E-book Store - Multiple Vulnerabilities ======================================================================================== | Title : E-book Store Mullti Vulnerability | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com | Web Site : http://dl.p30vel.ir/ | Tested...
Joomla! Component com_jesectionfinder - Arbitrary File Upload
-------------------------------------------------------------------------------------- Sid3^effects aKa HaRi Greetz to all Andhra Hackers and ICW MemebersIndian Cyber Warriors Thanks:L0rd ÇrusAdêr,d4rk-blu™®,R45C4L idi0th4ck3r,CR4C| 008,M4n0j,MaYuR ShouTZ:kedar,dec0d3r Catch us at...
GarageSales Remote Shell Upload
Exploit Title: GarageSales Remote Upload Vulnerability Date: 06/04/2010 Author: saidinh0 Software Link: N/A Version: 2004/2008 Tested on: Linux/unix CVE : if exists Code : N/A Email : [email protected] | Intorduction :| Hi everybody , This my first bug Remote Upload Vulnerability and I wish you lik...
Denapars Shop Script - Multiple Vulnerabilities
======================================================================================== | Title : Denapars Shop Script Mullti Vulnerability | Author : indoushka | email : [email protected] | Home : www.iqs3cur1ty.com | Web Site :...
CVE-2010-1097
include/userlogin.class.php in DeDeCMS 5.5 GBK, when session.autostart is enabled, allows remote attackers to bypass authentication and gain administrative access via a value of 1 for the SESSIONdedeadminid parameter, as demonstrated by a request to uploads/include/dialog/selectsoftpost.php...
PHP Advanced Transfer Manager 1.10 - Arbitrary File Upload
======================================================================================== | Title : PHP Advanced Transfer Manager v1.10 Shell Upload Vulnerability | Author : indoushka | email : [email protected] | Dork : Powered by PHP Advanced Transfer Manager v1.10 - @2002 Bugada Andrea |...
Max's Photo Album - Arbitrary File Upload
======================================================================================== | Title : Max's Photo Album Shell Upload Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | Web Site : www.iq-ty.com ...
Limny Remote Shell Upload
----------exploit Debut Remote File Upload Vulnerability ----------Script Info Moi : JIKO Site : No-exploit.Com Email : : ----------Script Info Site:http : limny.org Download : http://limny.googlecode.com/files/limny-1.01.zip ----------exploit Info 13 Action the first setup register if the regist...