5 matches found
XMB <= 1.9.6 (u2uid) Remote SQL Injection Exploit (mq=off)
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo XMB = 1.9.6 'u2uid' SQL injection / admin credentials disclosure\n; echo by rgod [email protected]\n; echo site: http://retrogod.altervista.org\n; echo dork: \Powered by XMB\n\n; / works with magicquotes=off Mysql = 4....
CVE-2006-4191
Directory traversal vulnerability in memcp.php in XMB Extreme Message Board 1.9.6 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the langfilenew parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server...
XMB 1.9.6 Final - 'basename()' Remote Command Execution
!/usr/bin/php -q -d shortopentag=on ? echo "XMB = 1.9.6 Final basename 'langfilenew' arbitrary local inclusion / remote commands xctn\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork: "Powered by XMB"\n\n"; / works regardless of php.ini settings /...
XMB 1.9.6 - 'mq=off' 'u2uid' SQL Injection
!/usr/bin/php -q -d shortopentag=on = 4.1 allowing subs / if $argc5 echo "Usage: php ".$argv0." host path username password OPTIONS\n"; echo "host: target server ip/hostname\n"; echo "path: path to XMB \n"; echo "user/pass: you need a valid user account\n"; echo "Options:\n"; echo " -Tprefix...
XMB 1.9.6 - mqoff u2uid SQL Injection
XMB 1.9.6 - mqoff u2uid SQL Injection !/usr/bin/php -q -d shortopentag=on = 4.1 allowing subs / if $argc5 echo "Usage: php ".$argv0." host path username password OPTIONS\n"; echo "host: target server ip/hostname\n"; echo "path: path to XMB \n"; echo "user/pass: you need a valid user account\n";...