1370 matches found
Fantastic News <= 2.1.4 - Multiple Remote File Include Vulnerabilities
No description provided by source. +------------------------------------------------------------------------------------------- + Fantastic News == 2.1.4 CONFIGscriptpath Multiple Remote File Include Vulnerabilities...
WordPress Facebook Promotions plugin <= 1.3.3 - SQL Injection Vulnerability
No description provided by source. Exploit Title: WordPress Facebook Promotions plugin = 1.3.3 SQL Injection Vulnerability Date: 2011-08-28 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/fbpromotions.1.3.3.zip Version: 1.3.3...
Nakid CMS (fckeditor) Remote Arbitrary File Upload Exploit
No description provided by source. ?php / Title: Nakid CMS fckeditor Remote Arbitrary File Upload Exploit Developers: www.nakid.org Download : https://sourceforge.net/projects/nakidcms/files/Nakid%20CMS%20v052.rar/download Version: 0.5.2 exploited by ..: eidelweiss details..: works with an Apache...
PHP Album <= 0.3.2.3 - Remote Command Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo PHP Album = 0.3.2.3 remote cmmnds xctn\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n; echo - this works with magicquotesgpc=Off & registerglobals=On\r\n; echo dork: \powered by...
SN News <= 1.2 (/admin/loger.php) Admin Bypass SQL Injection
No description provided by source. SN News = 1.2 /admin/loger.php Admin Bypass Remote SQL Injection Vulnerability Google Dork: snews/visualiza.php?id= Bug discovered by Pr0T3cT10n, [email protected] Date: 06/06/2012 Version: 1.2 Software Link: http://phpbrasil.com/script/JHnpFRmSBqlf/sn-news...
Newswriter SW <= 1.42 (editfunc.inc.php) File Include Vulnerability
No description provided by source. ============================================================================================== Newswriter SW = 1.42 NWCONFSYSTEMserverpath Remote File Inclusion Vulnerability...
Arab Portal <= 2.2 (mod.php module) Local File Inclusion Vulnerability
No description provided by source. || || | || o,7 || . o7 || q||| o\, : / / . /QQQQQQQQQQQQQQQQQQQ\ /QQQ/\QQQ\ /QQQQQ/ \QQQQQQ\ /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ |QQQQ/ By Qabandi \QQQQ| |QQQQ| |QQQQ| |QQQQ| From Kuwait, PEACE... |QQQQ| |QQQQ| |QQQQ| |QQQQ\ iqaahotmail.fr /QQQQ| \QQQQ\ /QQQQ/ \QQQQ...
IRSR <= 0.2 (_sysSessionPath) Remote File Include Vulnerability
No description provided by source. / + + - - - DEVIL TEAM THE BEST POLISH TEAM - - + + + - IRSR - Invisionix Roaming System Remote = 0.2 sysSessionPath Remote File Include Vulnerabilities + + + - Script name: IRSR - Invisionix Roaming System Remote v. 0.2 - Script site: http://www.invisionix.org ...
In-portal 5.0.3 - Remote Arbitrary File Upload Exploit
No description provided by source. ?php / ----------------------------------------------------------------- In-portal 5.0.3 Remote Arbitrary File Upload Exploit ----------------------------------------------------------------- 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-...
WordPress SCORM Cloud plugin <= 1.0.6.6 - SQL Injection Vulnerability
No description provided by source. Exploit Title: WordPress SCORM Cloud plugin = 1.0.6.6 SQL Injection Vulnerability Date: 2011-09-07 Author: Miroslav Stampar miroslav.stamparatgmail.com @stamparm Software Link: http://downloads.wordpress.org/plugin/scormcloud.1.0.6.6.zip Version: 1.0.6.6 tested...
hustoj (fckeditor) Remote Arbitrary File Upload Exploit
No description provided by source. ?php / ----------------------------------------------------------------- hustoj fckeditor Remote Arbitrary File Upload Exploit ----------------------------------------------------------------- Hustoj is HUST ACM OnlineJudge with GNU/GPL v2 License Download :...
QuickTicket <= 1.5 (qti_usr.php id) SQL Injection Vulnerability
No description provided by source. Script name: QuickTicket Site: http://www.qt-cute.org Vulnerability: remote sql injection at qtiusr.php Download: v 1.4: http://www.qt-cute.org/download/qti14.zip v 1.5.0.3: http://www.qt-cute.org/download/qti15.zip Vulnerable code: 1.4 ; 1.5 is pretty the same ...
WORK System E-Commerce <= 3.0.1 - Remote Include Vulnerability
No description provided by source. ============================================================================================ WORK System E-Commerce ginclude Remote File Inclusion Vulnerability ============================================================================================...
PhpMyLogon 2.0 - SQL Injection Vulnerability
No description provided by source. Exploit Title: PhpMyLogon SQL Injection Date: March 14, 2010 Author: Blake Software Link: http://sourceforge.net/projects/phpmylogon/files/PhpMyLogon/PhpMyLogon%202/phpmylogon2.zip/download Version: 2 Tested on: Windows XP SP3 Proof of Concept: Enter the followi...
Nucleus CMS <= 3.22 (DIR_LIBS) Arbitrary Remote Inclusion Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo Nucleus = 3.22 arbitrary remote inclusion exploit\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; echo this is called the \deadly eyes of Sun-tzu\r\n; echo dork: Copyright...
N`CMS 1.1E Pre-Auth Local File Inclusion Remote Code Exploit
No description provided by source. !/usr/bin/python INFORMATION Exploit Title: NCMS 1.1E Pre-Auth Local File Inclusion Remote Code Exploit Date: 11/3/2011 Software link: http://bit.ly/eJAyw5 Tested on: Linux bt Version: 1.1E PHP.ini Settings: gpcmagicquotes = Off Note: The web application was luc...
dotProject 2.1.5 - SQL Injection Vulnerability
No description provided by source. Exploit Title: dotProject 2.1.5 SQL Injection Vulnerability Google Dork: intitle:dotproject Date: 2011-12-09 Author: sherl0ck sherl0ckatalligatorteamdotorg @AlligatorTeam Software Link: http://www.dotproject.net/ Version: 2.1.5 tested Tested on: Debian GNU/Linux...
EQdkp <= 1.3.2 (listmembers.php rank) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl -w EQdkp = 1.3.2 SQL Injection Exploit Discovered by: Silentz Payload: Admin Username & Hash Retrieval Website: http://www.w4ck1ng.com Vulnerable Code listmembers.php: $sql = 'SELECT m., m.memberearned-m.memberspent+m.memberadjustment AS...
php recommend <= 1.3 (ab/rfi/ci) Multiple Vulnerabilities
No description provided by source. Php Recommend =1.3 Authentication Bypass/Remote File Include/Code Injection Exploits Author: scriptjunkie scriptjunkie.1 nospam googlemail nospam com Condition: RFI: allowurlfopen = On code injection: magicquotesgpc = Off Exploits: Authentication Bypass: change...
Azucar CMS <= 1.3 (admin/index_sitios.php) File Inclusion Vulnerability
No description provided by source. +------------------------------------------------------------------------------------------- + Azucar CMS = 1.3 VIEW Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Affected Softwar...