abg-rfi.txt

================================================================= ========Africa Be Gone version 1.0a Remote File Inclusion======== ================================================================= Vendor: http://www.africabegone.com Download:...

ABG Blocking Script 1.0a (abg_path) Remote File Inclusion Vulnerability

No description provided by source. ================================================================= ========Africa Be Gone version 1.0a Remote File Inclusion======== ================================================================= Vendor: http://www.africabegone.com Download:...

Coppermine Photo Gallery <= 1.4.18 LFI / Remote Code Execution Exploit

Exploit for unknown platform in category web applications ====================================================================== Coppermine Photo Gallery authenticate; ... 301. // Process language selection if present in URI or in user profile or try 302. // autodetection if default charset is...

PHPX 3.5.16 - Cookie Poisoning / Authentication Bypass

======================================================================= = gnix = gnixmail at gmail dot com http://gnix.netsons.org Application: phpx http://www.phpx.org/project.php stable version Versions: 3.5.16 Platforms: All Bug: Cookie poisoning / Login bypass Date: 31 July 2008...

Coppermine Photo Gallery 1.4.18 - Local File Inclusion / Remote Code Execution

authenticate; ... 301. // Process language selection if present in URI or in user profile or try 302. // autodetection if default charset is utf-8 303. if !empty$GET'lang' 304. 305. $USER'lang' = ereg"^a-z0-9-$", $GET'lang' ? $GET'lang' : $CONFIG'lang'; 306. 307. 308. if isset$USER'lang' &&...

sebraccms-sql.txt

Name: SebracCMS Webiste: http://www.sebrac.netsons.org/cms/ Vulnerability type: SQL Injection Author: shinmai, 2008-06-28 Description: SebracCMS contains two major SQL injection vulnerabilities: Unsanitazed POST-variables in SQL queries when logging users in. This allows login access without prop...

Seagull PHP Framework &lt;= 0.6.4 (fckeditor) Arbitrary File Upload Exploit

No description provided by source. ?php / ------------------------------------------------------------------------ Seagull PHP Framework = 0.6.4 fckeditor Arbitrary File Upload Exploit ------------------------------------------------------------------------ author...: EgiX mail.....:...

PHPmotion &lt;= 2.0 (update_profile.php) Remote Shell Upload Exploit

No description provided by source. ?php / ----------------------------------------------------------------- PHPmotion = 2.0 updateprofile.php Remote Shell Upload Exploit ----------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

Seagull PHP Framework 0.6.4 - FCKeditor Arbitrary File Upload

Seagull PHP Framework 0.6.4 - FCKeditor Arbitrary File Upload ?php / ------------------------------------------------------------------------ Seagull PHP Framework = 0.6.4 fckeditor Arbitrary File Upload Exploit ------------------------------------------------------------------------ author...:...

PHPmotion 2.0 - &#039;update_profile.php&#039; Arbitrary File Upload

= $limitsize 269. // Display file size error 270. // /////////////////////// 271. $show = 1; 272. $messagetype = $config"notificationsuccess";//the messsage displayed at the top coner 273...

FreeCMS.us 0.2 - &#039;FCKeditor&#039; Arbitrary File Upload

?php / -------------------------------------------------------------- FreeCMS.us 0.2 fckeditor Arbitrary File Upload Exploit -------------------------------------------------------------- By : Stack Special thnx for : Egix - vulnerable code in...

achievo-upload.txt

array"zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla", with a default configuration of this script, an attacker might be able to upload arbitrary files containing malicious PHP code due to multiple file extensions isn't properly checked / errorreporting0...

Flux CMS 1.5.0 - &#039;loadsave.php&#039; Arbitrary File Overwrite

?php / ------------------------------------------------------------------------ Flux CMS = 1.5.0 loadsave.php Remote Arbitrary File Overwrite Exploit ------------------------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

CMS from Scratch <= 1.1.3 (fckeditor) Remote Shell Upload Exploit

Exploit for unknown platform in category web applications ================================================================= CMS from Scratch = 1.1.3 fckeditor Remote Shell Upload Exploit ================================================================= ?php /...

RoomPHPlanning 1.5 - Multiple SQL Injections

...::::RoomPHPlanning 1.5 SQL Injection Vulnerabilities ::::... Virangar Security Team www.virangar.net www.virangar.ir -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all hackerz greetz:to my best friend in the...

microssyscms-rfi.txt

microSSys CMS = 1.5 Remote File Inclusion Vulnerability Software site: http://wajox.com/ =============================================================== By Raz0r www.Raz0r.name =============================================================== Vulnerable code index.php@22-25,54-55: 22...

Rgboard &lt;= 3.0.12 (RFI/XSS) Multiple Remote Vulnerabilities

No description provided by source. Rgboard 3.0.x Multiple Vulnerabilities RFI/XSS // Author:: e.wiZz! // Site:: www.balcanwarez.com // Contact:: N/A :D =========================================================== // Script :: Rgboard // Vulnerable version :: 3.0.0/3.0.12 // Not vulnerable :: 4.0 /...

Power Editor LOCAL FILE INCLUSION Vulnerbility

..:::::Power Editor LOCAL FILE INCLUSION Vulnerbility ::::... Virangar Security Team www.virangar.net -------- Discoverd By :Virangar Security Team hadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all iranian hackerz greetz:to my best friend in the world...

WordPress Plugin Spreadsheet 0.6 - SQL Injection

WordPress Plugin Spreadsheet 0.6 - SQL Injection =========================================== There's standart sql-injection in Spreadsheet query"SELECT FROM $tablename WHERE id='$id'" == 0 .... == Visit us @ forum.antichat.ru milw0rm.com 2008-04-22...

phpBB Addon Fishing Cat Portal - Remote File Inclusion

phpBB Addon Fishing Cat Portal - Remote File Inclusion Fishing Cat Portal Addon functionsportal.php Remote File Inclusion Exploit //'Bug found and Exploit coded by bd0rk //'Vendor: http://www.foxymods-phpbb.com/ //'Download: http://www.foxymods-phpbb.com/download.php?id=7 //'Contact:...