Dokeos Lms 1.8.5 - 'whoisonline.php' PHP Code Injection

striptags$el2'; 108. break; 109. case SORTSTRING : 1...

TotalCalendar 2.4 Local File Inclusion

TotalCalendar 2.4 include Local File Inclusion + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Local File Inclusion Vulnerable code in cmsdetect.php: ------------------------------------------------------------------------------- Line 26 : $include = isset$REQUEST'include' ?...

Creasito e-Commerce 1.3.16 (Auth Bypass) SQL Injection Vuln

No description provided by source. Salvatore "drosophila" Fresta + Application: creasito e-commerce content manager + Version: 1.3.16 + Website: http://creasito.bloghosteria.com + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 20 Apr 2009 + Discovered by: Salvatore "drosophila" Fres...

Creasito E-Commerce SQL Injection

Salvatore "drosophila" Fresta + Application: creasito e-commerce content manager + Version: 1.3.16 + Website: http://creasito.bloghosteria.com + Bugs: A Authentication Bypass + Exploitation: Remote + Date: 20 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila"...

DNS Tools (PHP Digger) Remote Command Execution Vuln

No description provided by source. + DNS Tools PHP Digger Remote Command Execution + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote Command Execution - Vulnerable code in dig.php ------------------------------------------ $ns = $GET'ns'; system "dig @$ns $host $querytype";...

DNS Tools (PHP Digger) Remote Command Execution Vuln

Exploit for unknown platform in category web applications ==================================================== DNS Tools PHP Digger Remote Command Execution Vuln ==================================================== + DNS Tools PHP Digger Remote Command Execution + Discovered By SirGod + Remote...

DNS Tools (PHP Digger) - Remote Command Execution

DNS Tools PHP Digger - Remote Command Execution + DNS Tools PHP Digger Remote Command Execution + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote Command Execution - Vulnerable code in dig.php ------------------------------------------ $ns = $GET'ns'; system "dig @$ns $host...

DNS Tools Remote Command Execution

DNS Tools PHP Digger Remote Command Execution + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote Command Execution - Vulnerable code in dig.php ------------------------------------------ $ns = $GET'ns'; system "dig @$ns $host $querytype";...

X10Media Mp3 Search Engine < 1.6.2 Admin Access Vulnerability

Exploit for unknown platform in category web applications ============================================================= X10Media Mp3 Search Engine isAdmin header"Location: ../main.php"; else / Administrator is viewing page, so display all forms. / ---------------------------------------- if the...

Family Connections CMS &lt;= 1.8.2 Blind SQL Injection Vulnerability

No description provided by source. Salvatore "drosophila" Fresta + Application: Family Connections + Version: = 1.8.2 + Website: http://www.familycms.com + Bugs: A Blind SQL Injection + Exploitation: Remote + Date: 1 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore...

Family Connections 1.8.2 Blind SQL Injection &#40;Correct Version&#41;

Salvatore "drosophila" Fresta + Application: Family Connection + Version: = 1.8.2 + Website: http://www.familycms.com + Bugs: A Blind SQL Injection + Exploitation: Remote + Date: 1 Apr 2009 + Discovered by: Salvatore "drosophila" Fresta + Author: Salvatore "drosophila" Fresta + Contact: e-mail:...

CVE-2008-6547

schema.py in FormEncode for Python python-formencode 1.0 does not apply the chainedvalidators feature, which allows attackers to bypass intended access restrictions via unknown vectors...

BandSite CMS 1.1.4 (members.php memid) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== BandSite CMS 1.1.4 members.php memid SQL Injection Vulnerability ================================================================== + Remote SQL Injection - The script is...

acute control panel 1.0.0 - SQL Injection / Remote File Inclusion

Acute Control Panel 1.0.0 RFI/SQL Injection Auth Bypass + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote File Inclusion Vulnerable code in container.php ----------------------------------------------------------- -----------------------------------------------------------...

PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution

PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution !/usr/bin/php ?php / Found this after getting my inet back and noticing this http://www.milw0rm.com/exploits/6085 . The only problem with the remote command execution there is that it actually requires registerglobals = on. I saw the GLOBAL...

Irokez Blog 0.7.3.2 XSS / RFI / SQL Injection

================================================================================ || Irokez Blog BLIND SQL-INJECTION, INCLUDE, ACTIVE XSS ================================================================================ Application: Irokez Blog ------------ Website: http://irokez.org --------...

Gaeste 1.6 (gastbuch.php) Remote File Disclosure Vulnerability

No description provided by source. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + Gaeste 1.6 gastbuch.php Remote File Disclosure Vulnerability + + + + bd0rk || SOH-Crew + + + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ = Vendor:...

Gaeste 1.6 File Disclosure

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + Gaeste 1.6 gastbuch.php Remote File Disclosure Vulnerability + + + + bd0rk || SOH-Crew + + + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ = Vendor: http://www.php4scripte.de/ = Download:...

Gaeste 1.6 (gastbuch.php) Remote File Disclosure Vulnerability

Exploit for unknown platform in category web applications ============================================================== Gaeste 1.6 gastbuch.php Remote File Disclosure Vulnerability ==============================================================...

Mailist 3.0 Insecure Backup/Local File Inclusion Vulnerabilities

No description provided by source. + Mailist 3.0 Insecure Backup/Local File Inclusion + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + www.hellzone.info + www.anti-intruders.org + Homepage : http://ninjadesigns.co.uk/ + Download : http://ninjadesigns.co.uk/enter/mailist.zip +...