Lucene search
K

5 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

XMB <= 1.9.6 (u2uid) Remote SQL Injection Exploit (mq=off)

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo XMB = 1.9.6 'u2uid' SQL injection / admin credentials disclosure\n; echo by rgod [email protected]\n; echo site: http://retrogod.altervista.org\n; echo dork: \Powered by XMB\n\n; / works with magicquotes=off Mysql = 4....

7.1AI score
Exploits0
NVD
NVD
added 2006/08/17 1:4 a.m.11 views

CVE-2006-4191

Directory traversal vulnerability in memcp.php in XMB Extreme Message Board 1.9.6 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the langfilenew parameter, as demonstrated by injecting PHP sequences into an Apache HTTP Server...

5.1CVSS7.3AI score0.09403EPSS
Exploits1References9
Exploit DB
Exploit DB
added 2006/08/13 12:0 a.m.40 views

XMB 1.9.6 Final - &#039;basename()&#039; Remote Command Execution

!/usr/bin/php -q -d shortopentag=on ? echo "XMB = 1.9.6 Final basename 'langfilenew' arbitrary local inclusion / remote commands xctn\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork: "Powered by XMB"\n\n"; / works regardless of php.ini settings /...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/08/01 12:0 a.m.35 views

XMB 1.9.6 - &#039;mq=off&#039; &#039;u2uid&#039; SQL Injection

!/usr/bin/php -q -d shortopentag=on = 4.1 allowing subs / if $argc5 echo "Usage: php ".$argv0." host path username password OPTIONS\n"; echo "host: target server ip/hostname\n"; echo "path: path to XMB \n"; echo "user/pass: you need a valid user account\n"; echo "Options:\n"; echo " -Tprefix...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/08/01 12:0 a.m.20 views

XMB 1.9.6 - mqoff u2uid SQL Injection

XMB 1.9.6 - mqoff u2uid SQL Injection !/usr/bin/php -q -d shortopentag=on = 4.1 allowing subs / if $argc5 echo "Usage: php ".$argv0." host path username password OPTIONS\n"; echo "host: target server ip/hostname\n"; echo "path: path to XMB \n"; echo "user/pass: you need a valid user account\n";...

0.7AI score
Exploits0
Rows per page
Query Builder