k-links directory (sql/xss) Multiple Vulnerabilities

No description provided by source. ================================================================================ || K-Links Directory SQL-INJECTION, XSS ================================================================================ Application: K-Links Directory ------------ Website:...

Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities

No description provided by source. Document Title: =============== Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1235 Release Date: ============= 2014-03-28 Vulnerability Laboratory ID VL-ID:...

Joomla OS Property 2.0.2 Unrestricted File Upload

No description provided by source. Exploit Title: Joomla comosproperty Unrestricted File Upload Google Dork: comosproperty Date: 13-07-2012 Author: Daniel Barragan D4NB4R Twitter: @D4NB4R site: http://www.insecurityperu.org/ & http://poisonsecurity.wordpress.com/ Vendor: Ossolution Team...

Liffy - Local File Inclusion Exploitation Tool

Liffy is a tool written in Python designed to exploit local file inclusion vulnerabilities using three different techniques that will get you a working web shell. The first two make use of the built-in PHP wrappers php://input and data://. The third makes use of the process control extension call...

Destoon B2B 2014-05-21最新版csrf getshell

简要描述： 上传问题+csrf+后台任意命令执行 = csrf getshell 详细说明： 先说上传问题，自带的fck编辑器没有验证上传图片的合法性，只判断了后缀名。 可以通过上传一个.jpg后缀的swf来进行csrf 然后是后台命令执行 /member/admin/sendmail.inc.php 行151 default: ifisset$send ifisset$preview && $preview $content = stripslashes$content; if$template if$sendtype == 2 $emails = explode"\n",...

PHPYUN云人才系统后台CSRF Getshell

简要描述： phpyun后台没有验证token，可以通过CSRF直接getshell 详细说明： 首先从后台getshell开始。 网站的配置文件，/plus/config.php，用的是双引号做键值，这导致了安全问题。我们可以把php代码写进双引号里面执行。 修改配置文件，提交: 然后访问/plus/config.php： 特别的是，因为phpyun后台没有防御CSRF的办法，所以我们可以构造一个表单，诱使管理员访问，修改配置文件，导致getshell。 详见漏洞证明。 漏洞证明：...

China Chopper Web Shell Remote Code Execution

China Chopper Web Shell is a malware designed to infect Web servers. The malware has a Web shell command-and-control CnC client binary and a text-based Web shell payload server component. Post infection, the malware enables remote attackers to execute arbitrary code on affected systems...

Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities

Document Title: =============== Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1235 Release Date: ============= 2014-03-28 Vulnerability Laboratory ID VL-ID: ====================================...

Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities

Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities Document Title: =============== Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1235 Release Date: ============= 2014-03-28 Vulnerabilit...

Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities

Document Title: =============== Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1235 Release Date: ============= 2014-03-28 Vulnerability Laboratory ID VL-ID: ====================================...

Allied Telesis AT-RG634A ADSL Broadband Router - Web Shell

Allied Telesis AT-RG634A ADSL Broadband Router - Web Shell Title: Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. Vulnerability Information: - CVE: CVE-2014-1982 - Type of Vulnerability: - CWE-78 : OS Command Injection - CWE-306 : Missing...

CVE-2014-2321

webshellcmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials...

Design/Logic Flaw

webshellcmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials...

ZTE F460/F660 cable modems contain an unauthenticated backdoor

Overview ZTE F460/F660 cable modems contain an unauthenticated backdoor. Description ZTE F460/F660 cable modems contain an unauthenticated backdoor. The webshellcmd.gch script accepts unauthenticated commands that have administrative access to the device. It has been reported that the...

[Weevely v1.1] Stealth tiny PHP web shell

Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation , and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones. Weevely is currently included in Backtrack and Backbox...

Imagam iFiles 1.16.0 iOS - Multiple Web Vulnerabilities

Imagam iFiles 1.16.0 iOS - Multiple Web Vulnerabilities Document Title: =============== Imagam iFiles v1.16.0 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1160 Release Date: ============= 2013-12-03 Vulnerability...

Dolibarr ERP/CMS 3.4.0 SQL Injection

Exploit Title: Dolibarr 3.4.0 SQLi Date: 10/7/2013 Exploit author: drone @dronesec More information: http://forelsec.blogspot.com/2013/10/dolibarr-340-multiple-vulnerabilities.html Vendor homepage: http://www.dolibarr.org/ Software link: Version: 3.4.0 Fixed in: 3.4.1 Tested on: Ubuntu 12.04...

Dolibarr ERP/CMS 3.4.0 (exportcsv.php, sondage param) - SQL Injection

Exploit for php platform in category web applications Exploit Title: Dolibarr 3.4.0 SQLi Date: 10/7/2013 Exploit author: drone @dronesec More information: http://forelsec.blogspot.com/2013/10/dolibarr-340-multiple-vulnerabilities.html Vendor homepage: http://www.dolibarr.org/ Software link:...

Dolibarr ERP/CRM 3.4.0 - 'exportcsv.php?sondage' SQL Injection

Exploit Title: Dolibarr 3.4.0 SQLi Date: 10/7/2013 Exploit author: drone @dronesec More information: http://forelsec.blogspot.com/2013/10/dolibarr-340-multiple-vulnerabilities.html Vendor homepage: http://www.dolibarr.org/ Software link: Version: 3.4.0 Fixed in: 3.4.1 Tested on: Ubuntu 12.04...

Dolibarr ERPCRM 3.4.0 - exportcsv.php?sondage SQL Injection

Dolibarr ERPCRM 3.4.0 - exportcsv.php?sondage SQL Injection Exploit Title: Dolibarr 3.4.0 SQLi Date: 10/7/2013 Exploit author: drone @dronesec More information: http://forelsec.blogspot.com/2013/10/dolibarr-340-multiple-vulnerabilities.html Vendor homepage: http://www.dolibarr.org/ Software link:...