Travelon Express CMS 6.2.2 - Multiple Vulnerabilities

Travelon Express CMS 6.2.2 - Multiple Vulnerabilities Title: ====== Travelon Express CMS v6.2.2 - Multiple Web Vulnerabilities Date: ===== 2012-05-10 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=530 VL-ID: ===== 530 Common Vulnerability Scoring System:...

WHMCS Simple Scanner (submitticket.php) Based [CVE-2012-0693]

Exploit for php platform in category web applications !/bin/bash BETA 0.01 clear cont=0 total=$1 total2=expr $total \ 10 PAGES=echo $total2| sed 's/.$//' dork=$2 seconds=$3 $ -eq 0 && echo "Usage: $0 $1 example: 10 submitticket.php 0 "; exit 1; function scan echo "" grep -o 'http://^".php'...

Car Portal CMS v3.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications Title: ====== Car Portal CMS v3.0 - Multiple Web Vulnerabilities Introduction: ============= Car Portal is a php software product for running auto classifieds websites. It provides functionality for the private sellers to sign up, list their c...

Car Portal CMS 3.0 - Multiple Vulnerabilities

Title: ====== Car Portal CMS v3.0 - Multiple Web Vulnerabilities Date: ===== 2012-04-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=502 VL-ID: ===== 502 Introduction: ============= Car Portal is a php software product for running auto classifieds websites. It provid...

Car Portal CMS 3.0 - Multiple Vulnerabilities

Car Portal CMS 3.0 - Multiple Vulnerabilities Title: ====== Car Portal CMS v3.0 - Multiple Web Vulnerabilities Date: ===== 2012-04-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=502 VL-ID: ===== 502 Introduction: ============= Car Portal is a php software product fo...

Car Portal CMS v3.0 - Multiple Web Vulnerabilities

Document Title: =============== Car Portal CMS v3.0 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=502 Release Date: ============= 2012-04-23 Vulnerability Laboratory ID VL-ID: ==================================== 502...

tty from web shell

эмулятор nc -l -s ADDR -p PORT ввод/вывод которого управляется через файлы in/out написан для получения tty из под веб-шелла tty from web shell с ним из веб шела можно юзать su, запускать эксплоиты и получать рута пример работы: Код: ./ttyServer.pl Server is ready at 127.0.0.1:43157 ./ttyClient.p...

Docebo LMS 4.0.4 SQL Injection / Code Execution

if$GLOBALS'modname' != '' $modulecfg =& createModu...

P.A.S. (php web-shell)

P.A.S. v.3.0.x Возможности : - Авторизация по кукам. - Шифрование шелла по вашему паролю сразу при скачивании. - Файловый менеджер : групповое удаление, перемещение, копирование, скачка и загрузка файлов и директорий. переименование и создание файлов и директорий. правка, просмотр, изменении...

WSO Web Shell 2.5.1 Download

This utility provides a Web interface for remote operation c operating system and its service / daemon. Opportunity Description / features: Authorization for cookies Server Information File manager copy, rename, move, delete, chmod, touch, creating files and folders View, hexview, editing,...

WSO Web Shell 2.5.1 Download

This utility provides a Web interface for remote operation c operating system and its service / daemon. Opportunity Description / features: Authorization for cookies Server Information File manager copy, rename, move, delete, chmod, touch, creating files and folders View, hexview, editing,...

CMS Lokomedia 1.5 arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

CMS Lokomedia is a php-based content management system. CMS Lokomedia 1.5 arbitrary file upload vulnerability that could result in an attacker access to the web shell. +info: CMS Lokomedia 1.5 Arbitary file upload vulnerability Software: CMS Lokomedia Vendor: http://bukulokomedia.com/home Vuln...

Phpbuddies arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

Phpbuddies is an open-source article Directory System, Phpbuddies in the presence of arbitrary file upload vulnerability that could result in an attacker access to the web shell. +info: Phpbuddies 0day Arbitrary Upload File Vulnerability Author : Xr0b0t [email protected] Homepage :...

IF-CMS 2.07 - Local File Inclusion (1)

IF-CMS 2.07 - Local File Inclusion 1 !/usr/bin/python INFORMATION Exploit Title: If-CMS 2.07 Pre-Auth Local File Inclusion 0day Exploit Author: TecR0c Date: 13/3/2011 Software link: http://bit.ly/hh9ZB4 Tested on: Linux bt Version: 2.07 PHP.ini Settings: gpcmagicquotes = Off import...

IF-CMS 2.07 - Local File Inclusion (1)

!/usr/bin/python INFORMATION Exploit Title: If-CMS 2.07 Pre-Auth Local File Inclusion 0day Exploit Author: TecR0c Date: 13/3/2011 Software link: http://bit.ly/hh9ZB4 Tested on: Linux bt Version: 2.07 PHP.ini Settings: gpcmagicquotes = Off import...

PPS 4.0 perl-cgi web shell

PPS 4.0 perl-cgi web shell Данная утилита предназначенна для системных администраторов для удаленного управления своим сервером. Любое незаконное использование скрипта преследуется по закону. SIZE: 55.88 KB last update - 12.07.2013 09:45 Авторизация на cookies SystemInfo - информация о сервере Fi...

WSO 2.5 (web shell)

Данная утилита предоставляет веб-интерфейс для удаленной работы c операционной системой и ее службами/демонами. Описание возможностей / особенности: Авторизация на cookies Информация о сервере Файловый менеджер Копирование, переименование, перемещение, удаление, чмод, тач, создание файлов и папок...

MetInfo 3.0 (fckeditor)upload vulnerability-vulnerability warning-the black bar safety net

MetInfo enterprise website management system using PHP+MYSQL architecture, which uses the FCKeditor online Editor incorrectly configured cause the upload to be utilized, and in some cases upload 1. php. pdf can access to the web shell. Trojan: ? php / MetInfo 3.0 Arbitrary File Upload Exploit...

Как сделать впн из простого вебшелла.

Как сделать впн из вебшелла --- специально для rdot.org --- копирование только со ссылкой на источник Преамбула, или зачем это вообще нужно: Вопрос обеспечения собственной безопасности всегда актуален. Сокс цепочка соксов скрывает от жертвы IP атакующего, но траффик идёт в открытом виде, и может...

Nagios XI 2009R1.2B Multiple CSRF

Advisory Information Advisory ID: NGENUITY-2010-006 Date published: Aug. 7, 2010 Class: Cross-Site Request Forgery CSRF Software Description Nagios XI is the commercial / enterprise version of the open source Nagios project. Vulnerability Description Nagios XI 2009R1.2B is vulnerable to multiple...