Fhimage 1.2.1 Command Execution

!/usr/bin/perl ----------------------------------------------------------------------------------------------- INFORMATIONS ----------------------------------------------------------------------------------------------- Fhimage 1.2.1 http://www.flash-here.com/downloads/download.php?id=9 Remote...

Fhimage 1.2.1 Remote Command Execution Exploit (mq = off)

No description provided by source. !/usr/bin/perl ----------------------------------------------------------------------------------------------- INFORMATIONS ----------------------------------------------------------------------------------------------- Fhimage 1.2.1...

ESPG (Enhanced Simple PHP Gallery) 1.72 File Disclosure Vulnerability

No description provided by source. .::ESPG 1.72 File Disclosure Vulnerability::. = Scriptname: ESPG Enhanced Simple PHP Gallery 1.72 = Vendor: http://quirm.net = Download: http://quirm.net/download/21/ = Bugfounder: bd0rk = Contact: bd0rkathackermail.com = Greetings: str0ke, TheJT, Maria, Alucard...

ESPG (Enhanced Simple PHP Gallery) 1.72 - File Disclosure

.::ESPG 1.72 File Disclosure Vulnerability::. = Scriptname: ESPG Enhanced Simple PHP Gallery 1.72 = Vendor: http://quirm.net = Download: http://quirm.net/download/21/ = Bugfounder: bd0rk = Contact: bd0rkathackermail.com = Greetings: str0ke, TheJT, Maria, Alucard, x0r32 = Vulnerable Code in...

CMScout 2.06 SQL Injection/Local File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications =============================================================== CMScout 2.06 SQL Injection/Local File Inclusion Vulnerabilities =============================================================== + CMScout 2.06 Remote SQL Injection/Local File...

FLDS 1.2a report.php (linkida) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =========================================================== FLDS 1.2a report.php linkida Remote SQL Injection Exploit =========================================================== !/usr/bin/perl -w Free Links Directory Script V1.2a Remote SQ...

phpAddEdit 1.3 Local File Inclusion

phpaddedit-1.3 LFI Author: nuclear script:http://sourceforge.net/projects/phpaddedit/ vuln:http://target.com/addedit-render.php?editform=../../../../../../../etc/passwd%00 vulnerable code: if !$formname && $GET"editform" $formname = $GET"editform"; ... if $errormessage || $error ||...

phpAddEdit 1.3 (editform) Local File Inclusion Vulnerability

No description provided by source. phpaddedit-1.3 LFI Author: nuclear script:http://sourceforge.net/projects/phpaddedit/ vuln:http://target.com/addedit-render.php?editform=../../../../../../../etc/passwd%00 vulnerable code: if !$formname && $GET"editform" $formname = $GET"editform"; ... if...

wbstreet-sqldisclose.txt

=================================================================== Wbstreet v.1.0 show.php id Remote SQL Injection Vulnerability =================================================================== ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team...

ClamAV 0.94.2 - JPEG Parsing Recursive Stack Overflow (PoC)

ClamAV 0.94.2 - JPEG Parsing Recursive Stack Overflow PoC / There is a recursive stack overflow in clamav 0.93.3 and 0.94 and probably older versions in the jpeg parsing code. it scan's the jpeg file, and if there is a thumbnail, it'll scan that too. the thumbnail itself is just another jpeg file...

ClamAV < 0.94.2 - JPEG Parsing Recursive Stack Overflow (PoC)

/ There is a recursive stack overflow in clamav 0.93.3 and 0.94 and probably older versions in the jpeg parsing code. it scan's the jpeg file, and if there is a thumbnail, it'll scan that too. the thumbnail itself is just another jpeg file and the same jpeg scanning function gets called without...

MySQL Quick Admin 1.5.5 Local File Inclusion Vulnerability

No description provided by source. Author: Vinod Sharma Email: [email protected] Date: 05th Nov, 2008 Note: This information is only for educational purpose, author will not bear responsibility for any damages. Directory traversal vulnerability in MySQL Quick Admin 1.5.5 allows remote...

CVE-2008-4866

Multiple buffer overflows in libavformat/utils.c in FFmpeg 0.4.9 before r14715, as used by MPlayer, allow context-dependent attackers to have an unknown impact via vectors related to execution of DTS generation code with a delay greater than MAXREORDERDELAY...

lightblog98-lfi.txt

LightBlog 9.8 GET,POST,COOKIE Multiple Local File Inclusion Vulnerabilies url: http://www.publicwarehouse.co.uk/phpscripts/lightblog.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose. Use it...

Nuke ET <= 3.4 (fckeditor) Remote Arbitrary File Upload Exploit

No description provided by source. ?php / --------------------------------------------------------------- Nuke ET = 3.4 fckeditor Remote Arbitrary File Upload Exploit --------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

mantis-exec.txt

?php / -------------------------------------------------------------------------------- Mantis Bug Tracker = 1.1.3 manageprojpage.php Remote Code Execution Exploit -------------------------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom...

phpwebgallery-hijackexec.txt

$b'.$sort.';' 64. ; An attacker could be able to inject and execute PHP code through $GET'sort', that is passed to createfunction at line 63 see http://www.securityfocus.com/bid/31398. Only admin can access to the plugins management interface, but the attacker might be able to retrieve a valid...

PhpWebGallery <= 1.7.2 Session Hijacking / Code Execution Exploit

No description provided by source. ?php / ------------------------------------------------------------------------ PhpWebGallery = 1.7.2 Remote Session Hijacking / Code Execution Exploit ------------------------------------------------------------------------ author...: EgiX mail.....:...

PhpWebGallery <= 1.7.2 Session Hijacking / Code Execution Exploit

Exploit for unknown platform in category web applications ================================================================= PhpWebGallery $b'.$sort.';' 64. ; An attacker could be able to inject and execute PHP code through $GET'sort', that is passed to createfunction at line 63 see...

a4deskphp-rfi.txt

================================================================= ========A4Desk PHP Event Calendar Remote File Inclusion======== ================================================================= Vendor: WebUnion Media Ltd Vendor Site: http://php.a4desk.com/calendar/ Date Discovered: 9-29-08...