11 matches found
PHP-Nuke Top Module SQL Injection
Exploit Title: PHP-Nuke SQL injection Top Module + protection Bypass Google Dork: intext: Powered by PHP-Nuke Date: 2024-10-07 Exploit Author: Emiliano Febbi Vendor Homepage: https://phpnuke.org/ Software Link: https://sourceforge.net/projects/phpnuke/files/phpnuke/ Version: 6.x New concept of...
Mozilla: Alert dialog could have been spoofed on another site
The Mozilla Foundation Security Advisory describes this flaw as: Through a series of API calls and redirects, an attacker-controlled alert dialog could have been displayed on another website with the victim website's URL shown...
webkitgtk: Integer overflow leading to arbitrary code execution
A flaw was found in the webkitgtk package. Affected versions of this package could allow a remote attacker to execute arbitrary code on the system caused by an integer overflow in the WebKit component. An attacker can execute arbitrary code on the system by persuading a victim to visit a speciall...
CS-Cart 1.3.3 - authenticated RCE
Exploit Title: CS-Cart authenticated RCE Date: 2020-09-22 Exploit Author: 0xmmnbassel Vendor Homepage: https://www.cs-cart.com/e-commerce-platform.html Tested at: ver. 1.3.3 Vulnerability Type: authenticated RCE get PHP shells from http://pentestmonkey.net/tools/web-shells/php-reverse-shell edit ...
Automattic: Denial of service to WP-JSON API by cache poisoning the CORS allow origin header
The WP-JSON implementation on some wordpress.com websites I've tested is vulnerable to denial of service where by an attacker can provide an arbitrary Origin header in the request, which is then echoed back in the response via the Access-Control-Allow-Origin header, which is cached and served to...
YourTube <= 2.0 Arbitrary Database Disclosure Exploit
No description provided by source. ? //= exploit : YourTube = 2.0 Remote SQL Database Disclosure //= info : http://www.ac4p.com //= DORK: powered by yourtube //= found by: Security Code Team - thanks for sniper code and Qabandi -- //= our home: WwW.Sec-Code.com //= greats 4 our members in our hom...
Oxygen2PHP 1.1.3 - 'forumdisplay.php' Blind SQL Injection
!/usr/bin/perl 0-Day Oxygen2PHP newGET = $Host; my $HTTP = new LWP::UserAgent; my $Referrer = "http://warwolfz.altervista.org/"; my $DefaultTime = request$Referrer; sub BlindSQLJnjection my $dec,$hex = @; return "./forumdisplay.php?fid=-1'+OR+1!=SELECT...
SAS Hotel Management System Authentication Bypass
--------------------------------------------------------- Portal Name: SAS Hotel Management System Author : PouyaServer , [email protected] mailto:[email protected] Vulnerability : Auth Bypass SQL Injection Vulnerability --------------------------------------------------------- Auth...
Flatnuke 3 Cookie Grabber Exploit
titolo" name="name" type="text" / Immagine File -- "alert69%3B...
MyCMS <= 0.9.8 Remote Command Execution Exploit
Exploit for unknown platform in category web applications =============================================== MyCMS 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0;...
Frame spoofing using document.open() — Mozilla
shutdown demonstrated a way to inject content into a sub-frame of another site using targetWindow.framesn.document.open, making the attackers content look like it was part of the victim site. Similar in effect to MFSA 2005-51...