XCMS <= 1.83 Remote Command Execution Exploit

No description provided by source. Name : XCMS = v1.83 Remote Command Execution Vulnerability Author : x0kster Email : [email protected] Site : ihteam.net Script Download : http://www.xcms.it Date : 28/12/2007 Dork : inurl:mod=notizie The xcms's footerthat is in /dati/generali/footer.dtb is...

Joomla Component com_feedpost XSS vulnerability

Exploit for php platform in category web applications =============================================== Joomla Component comfeedpost XSS vulnerability =============================================== Exploit Title: Joomla comfeedpost XSS vulnerability Date : 17 june 2010 Author : x0kster...

XCMS 1.83 - Remote Command Execution

Name : XCMS So the xcms allow you to modify the footer throught a bugged page called cpie.php included in the admin panel. So let's take a look to the bugged code. So with a simple html form we can change the footer. Ex: /textarea input type=...

XCMS 1.83 - Remote Command Execution

XCMS 1.83 - Remote Command Execution Name : XCMS So the xcms allow you to modify the footer throught a bugged page called cpie.php included in the admin panel. So let's take a look to the bugged code. So with a simple html form we can change the footer. Ex: /textarea input type=...

MMSLamp (idpro) Remote SQL Injection Vulnerability

No description provided by source. Name : mmsLamp SQL Injection Vulnerability. Author : x0kster Email : [email protected] Script Page : http://www.brand039.com/?service=prodottidettaglio&idpro=4 Date : 22/12/2007 Bug in : default.php PoC :...

mmslamp-sql.txt

Name : mmsLamp SQL Injection Vulnerability. Author : x0kster Email : [email protected] Script Page : http://www.brand039.com/?service=prodottidettaglio&idpro=4 Date : 22/12/2007 Bug in : default.php PoC : http://site.com/default.php?service=prodottidettaglio&idpro=SQL Example:...

MMSLamp - idpro SQL Injection

MMSLamp - idpro SQL Injection Name : mmsLamp SQL Injection Vulnerability. Author : x0kster Email : [email protected] Script Page : http://www.brand039.com/?service=prodottidettaglio&idpro=4 Date : 22/12/2007 Bug in : default.php PoC : http://site.com/default.php?service=prodottidettaglio&idpro=SQ...

MMSLamp (idpro) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================== MMSLamp idpro Remote SQL Injection Vulnerability ================================================== Name : mmsLamp SQL Injection Vulnerability. Author : x0kster Date : 22/12/2007 Bug in :...

MMSLamp - &#039;idpro&#039; SQL Injection

Name : mmsLamp SQL Injection Vulnerability. Author : x0kster Email : [email protected] Script Page : http://www.brand039.com/?service=prodottidettaglio&idpro=4 Date : 22/12/2007 Bug in : default.php PoC : http://site.com/default.php?service=prodottidettaglio&idpro=SQL Example:...

nicLOR CMS (sezione_news.php) Remote SQL Injection Vulnerability

No description provided by source. Name : nicLOR-CMS SQL Injection Vulnerability. Author : x0kster Email : [email protected] Script Download : http://www.niclor.net/prodotti/16-04-06-niclorcms.zip Date : 21/12/2007 SQL Injection in sezionenews.php ?php ... $intSezioneID = $GET'id'; ... $strSQL =...

nicLOR CMS - sezione_news.php SQL Injection

nicLOR CMS - sezionenews.php SQL Injection Name : nicLOR-CMS SQL Injection Vulnerability. Author : x0kster Email : [email protected] Script Download : http://www.niclor.net/prodotti/16-04-06-niclorcms.zip Date : 21/12/2007 SQL Injection in sezionenews.php So we can exploit the $intSezioneID and...

nicLOR CMS - &#039;sezione_news.php&#039; SQL Injection

Name : nicLOR-CMS SQL Injection Vulnerability. Author : x0kster Email : [email protected] Script Download : http://www.niclor.net/prodotti/16-04-06-niclorcms.zip Date : 21/12/2007 SQL Injection in sezionenews.php So we can exploit the $intSezioneID and execute an sql injection. PoC:...

nicLOR CMS (sezione_news.php) Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================ nicLOR CMS sezionenews.php Remote SQL Injection Vulnerability ================================================================ Name : nicLOR-CMS SQL Injection Vulnerability...

xcms all version arbitrary code execution

!-- - Name : XCMS Arbitrary Command Execution Vulnerability - - Download : http://www.xcms.it/index.php?lng=it&mod=download&pg=indice&c=2 - - Author : x0kster - - Email : x0ksterATgmailDOTcom - - Date : 20-09-2007 - -- html head title-XCMS Arbitrary Command Execution Vuln by x0kster -/title /head...

Vigile CMS v1.8 Multiple Remote XSS Vulnerability

Name : Vigile CMS v1.8 Multiple Remote XSS Vulnerability Download : http://www.itcms.it/ Date : 20-09-2007 Author : x0kster Mail : [email protected] Note : For works, the wiki or the download module must be installed in the site. PoCs : Wiki 1 :...

vigilecms-xss.txt

Name : Vigile CMS v1.8 Multiple Remote XSS Vulnerability Download : http://www.itcms.it/ Date : 20-09-2007 Author : x0kster Mail : [email protected] Note : For works, the wiki or the download module must be installed in the site. PoCs : Wiki 1 :...