Moderate: Red Hat Security Advisory: glib2 security update

An update for glib2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

FileBuster - An Extremely Fast And Flexible Web Fuzzer

An extremely fast and flexible web fuzzer. Why another fuzzer? My main motivation was to write a script that would allow me to fuzz a website based on a dictionary but that allowed me to filter words on that dictionary based on regex patterns. This necessity came from the frustration of trying to...

PhotoStand 1.2.0 - Remote Command Execution

PhotoStand 1.2.0 - Remote Command Execution !/usr/bin/perl App : PhotoStand 1.2.0 Site : http://www.photostand.org Remote Command Execution Exploit Credits to : Giovanni Buzzin, "Osirys" osirysatautisticidotorg Greets: drosophila, emgent, Fireshot PhotoStand is a used Image Gallery CMS. PhotoStan...

e107 Plugin EasyShop - category_id Blind SQL Injection

e107 Plugin EasyShop - categoryid Blind SQL Injection !/usr/bin/perl ------------------------------------------------------------ e107 Plugin EasyShop Remote Blind SQL Injection Exploit By StAkeRathotmaildotit Dork allinurl: e107plugins/easyshop/easyshop.php Example http://www.clan-designs.co.uk...

ADN Forum 1.0b - Blind SQL Injection

!/usr/bin/perl -------------------------------------------------- ADN Forum get$host."/index.php?fid=".$send; if$request-issuccess and $request-content = /hace clic en el boton de abajo/i $hash .= chr$ord; $uid++; ifdefined $hash print "+ MD5: $hash\n"; exit; else print "? Exploit Failed!\n"; exi...

AShop Deluxe 4.x - catalogue.php SQL Injection

AShop Deluxe 4.x - catalogue.php SQL Injection usr/bin/perl use LWP::UserAgent; use HTTP::Cookies; use Getopt::Long; use URI::Escape; -------------------------------------------------------------------------------------------------------------------------------------------------------- x AShop...

xeCMS 1.0.0 RC 2 - cookie Remote Command Execution

xeCMS 1.0.0 RC 2 - cookie Remote Command Execution !/usr/bin/perl xeCMS 1.0.0 RC 2 Remote Command Execution Exploit Copyright c 2006 cijfer All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to 'http://target.com/dir' cijfer$ greets to JagX $Id: cijfer-xecmsxpl.pl...

xeCMS 1.0.0 RC 2 (cookie) Remote Command Execution Exploit

Exploit for unknown platform in category web applications ========================================================== xeCMS 1.0.0 RC 2 cookie Remote Command Execution Exploit ========================================================== !/usr/bin/perl xeCMS 1.0.0 RC 2 Remote Command Execution Exploit...

EZDatabase 2.0 - db_id Remote Command Execution

EZDatabase 2.0 - dbid Remote Command Execution !/usr/bin/perl ezDatabase Remote Command Execution Exploit based on advisory by Pridels Team Copyright c 2006 cijfer All rights reserved. never ctrl+c again. cijfer$ http://target.com/dir host changed to 'http://target.com/dir' cijfer$ $Id:...

FlatCMS 1.01 - 'file_editor.php' Remote Command Execution

!/usr/bin/perl FlatCMS All rights reserved. An input validation flaw exists within 'admin/fileeditor.php' of FlatCMS which can lead to remote command execution. Here is where the problem is line 22 of 97: ... 1 if$savefile != "" 2 $fcontent = stripslashes"$fcontent"; if!$fw = fopen$savefile, w ec...