QuickDev 4 (download.php file) File Disclosure Vulnerability

Exploit for unknown platform in category web applications ============================================================ QuickDev 4 download.php file File Disclosure Vulnerability ============================================================ + QuickDev 4 Php download.php file Arbitrary File Download...

Unfixed XSS vulnerability at www.clickindia.com

Security researcher austinator, has submitted on 08/03/2009 a cross-site-scripting XSS vulnerability affecting www.clickindia.com, which at the time of submission ranked 1160 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 07/07/2009. It is...

Arab Portal 2.2 - mod.php Local File Inclusion

Arab Portal 2.2 - mod.php Local File Inclusion || || | || o,7 || . o7 || q||| o\, : / / . /QQQQQQQQQQQQQQQQQQQ\ /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait, PEACE... |QQQQ| |QQQQ| |QQQQ| |QQQQ\ iqaahotmail.fr /QQQQ| \QQQQ...

URA 3.0 SQL Injection

--------------------------------------------------- URA 3.0 cat remote SQL injection Vulnerability --------------------------------------------------- + Author : Chip D3 Bi0s + Email : chipdebiosalt+64gmail.com + Group : LatinHackTeam + Vulnerability : SQL injection ---------info...

Limny 1.01 - Authentication Bypass

Limny 1.01 Auth Bypass SQL Injection Vulnerability + Discovered By SirGod + http://insecurity-ro.org + http://h4cky0u.org + Script Homepage : http://www.limny-project.com/ + SQL Injection Vulnerability - Notes : magicquotesgpc = off - Vulnerable code in includes/functions.php...

Scripteen Free Image Hosting Script 2.3 - SQL Injection

Scripteen Free Image Hosting Script 2.3 - SQL Injection =================== Scripteen Free Image Hosting Script v2.3 SQL Injection vulnerable =================== The vulnerable: header.php line 53-62 $userid=$SESSION'userid'; $usergid=$SESSION'usergid'; if !$userid || empty$userid || $userid==""...

ZenPhoto 1.2.5 Blind SQL Injection

/ ZenPhoto 1.2.5 Completly Blind SQL Injection Exploit Requirements: magicquotes = ANY zenpage disables it anyway, ZenPage needs to be activated and have at least one news category What does this exploit let you do: The precoded functions I provided will allow you to extract the username and...

Mobilelib Gold 3.0 - Local File Disclosure

|| || | || o,7 || . o7 || q||| o\, : / / . /QQQQQQQQQQQQQQQQQQQ\ /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait, PEACE... |QQQQ| |QQQQ| |QQQQ| |QQQQ\ iqaahotmail.fr /QQQQ| \QQQQ\ /QQQQ/ \QQQQ\ /QQ\QQQQ/ \QQQQ\ \QQQQQQQ/ \QQQQQ...

Pirch IRC 98 Client (response) Remote BOF Exploit (SEH)

Exploit for windows platform in category remote exploits ======================================================= Pirch IRC 98 Client response Remote BOF Exploit SEH ======================================================= !/usr/bin/python Usage : python pirch.py | || | / \ | | | | | | | | | - | | ...

DB Top Sites 1.0 (index.php u) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================= DB Top Sites 1.0 index.php u Local File Inclusion Vulnerability ================================================================= + DB Top Sites v1.0 index.php u Local File...

DB Top Sites 1.0 Local File Inclusion

DB Top Sites v1.0 index.php u Local File Inclusion Vulnerability + Discovered By SirGod + www.mortal-team.org + Local File Inclusion - Vulnerable code is everywhere ------------------------------------------------------------------------------------------------------- if $u != "" if fileexists...

impleo music Collection 2.0 - SQL Injection / Cross-Site Scripting

Impleo Music Collection 2.0 SQL/XSS Multiple Remote Vulnerabilities + Download: http://sappy.dk/impleo/download-impleo + Discovered By SirGod + www.mortal-team.org + SQL Injection Auth Bypass - Requirements : magicquotesgpc = off - Vulnerable code in /admin/login.php...

impleo music Collection 2.0 - SQL Injection Cross-Site Scripting

impleo music Collection 2.0 - SQL Injection Cross-Site Scripting + Impleo Music Collection 2.0 SQL/XSS Multiple Remote Vulnerabilities + Download: http://sappy.dk/impleo/download-impleo + Discovered By SirGod + www.mortal-team.org + SQL Injection Auth Bypass - Requirements : magicquotesgpc = off ...

4images 1.7.7 Bypass / Cross Site Scripting

|| || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: 4images = 1.7.7 - filter bypass HTML injection/XSS =INFO: =BUY: =DORK: -=/:Conditions:=- --------------------------------------------------------------------------------- ; Magic quotes...

4Images 1.7.7 - Filter Bypass HTML Injection Cross-Site Scripting

4Images 1.7.7 - Filter Bypass HTML Injection Cross-Site Scripting || || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: 4images = 1.7.7 - filter bypass HTML injection/XSS =INFO: =BUY: =DORK: -=/:Conditions:=-...

EgyPlus 7ml 1.0.1 SQL Injection

|| || | || o,7 || . o7 || q||| o\, : / / . =By: Qabandi =Email: iqaahotmail.fr From Kuwait, PEACE... =Vuln: EgyPlus 7ml query"select name,pass from admin where name = '$username' and pass = '$password' "; $AdminInfo=$hazemali-numrows$sql; if$AdminInfo==1 ---- Checks if MySQL statement is true...

Movie PHP Script 2.0 Code Execution

Movie PHP Script v2.0 Remote PHP Code Execution + Discovered By SirGod + www.mortal-team.org + Remote PHP Code Execution - Vulnerable code in system/services/init.php : --------------------------------------------------------------------------------- Line 84 : @evalstripslashes$REQUEST'anticode';...

Movie PHP Script 2.0 - init.php?anticode Code Execution

Movie PHP Script 2.0 - init.php?anticode Code Execution + Movie PHP Script v2.0 Remote PHP Code Execution + Discovered By SirGod + www.mortal-team.org + Remote PHP Code Execution - Vulnerable code in system/services/init.php :...

Movie PHP Script 2.0 - 'init.php?anticode' Code Execution

Movie PHP Script v2.0 Remote PHP Code Execution + Discovered By SirGod + www.mortal-team.org + Remote PHP Code Execution - Vulnerable code in system/services/init.php : --------------------------------------------------------------------------------- Line 84 : @evalstripslashes$REQUEST'anticode';...

Movie PHP Script 2.0 (init.php anticode) Code Execution Vulnerability

Exploit for unknown platform in category web applications ===================================================================== Movie PHP Script 2.0 init.php anticode Code Execution Vulnerability ===================================================================== + Movie PHP Script v2.0 Remote...