135 matches found
zomplog39-xss.txt
Greetings to --d3hydr8 -r45c4l -baltazar -sinner01 -C1c4Tr1Z - Gabitzu and all darkc0de members ; Author: swappie aka faithlove Email : [email protected] Do researching and share! ; Title: ZompLog 3.9 beta CMS Link: http://www.zomp.nl/user-content/downloads/zomplog/zomplog3.9-beta.zip...
CVE-2008-2349
Zomplog 3.8.2 and earlier allows remote attackers to gain administrative access by creating an admin account via a direct request to install/newuser.php with the admin parameter set to 1...
Design/Logic Flaw
Zomplog 3.8.2 and earlier allows remote attackers to gain administrative access by creating an admin account via a direct request to install/newuser.php with the admin parameter set to 1...
CVE-2008-2349
Zomplog 3.8.2 and earlier allows remote attackers to gain administrative access by creating an admin account via a direct request to install/newuser.php with the admin parameter set to 1...
CVE-2008-2349
CVE-2008-2349 affects Zomplog,
zomplog-admin.txt
======================== WEBXAKEP.NET =========================== Name: "Zomplog 3.8.2 Добавляем админа "Add Admin" /-- Титлы блога "Blog Title" Логин "Username" Пароль "Password" Повторяем пароль "Confirm password" -------------------------------------------------------------...
zomplog-disclose.txt
Name: "Zomplog 3.8.2 = file disclouse" Version: All Script Download: http://www.zomp.nl/zomplog/ DORK: "powered by zomplog" Discovered By: Stack-Terrorist Exploit: http://localhost/path/upload/forcedownload.php?file=forcedownload.php thnx : alah...
Zomplog <= 3.8.2 (force_download.php) File Disclosure Vulnerability
No description provided by source. Name: "Zomplog 3.8.2 = file disclouse" Version: All Script Download: http://www.zomp.nl/zomplog/ DORK: "powered by zomplog" Discovered By: Stack-Terrorist Exploit: http://localhost/path/upload/forcedownload.php?file=forcedownload.php thnx : alah...
Zomplog <= 3.8.2 (newuser.php) Arbitrary Add Admin Exploit
No description provided by source. ======================== WEBXAKEP.NET =========================== Name: "Zomplog 3.8.2 = add admin" Version: All Script Download: http://www.zomp.nl/zomplog/ DORK: "powered by zomplog" Discovered By: ArxWolf Discovered On: 16 05 2008 WWW: http://WebXakep.net ICQ...
Zomplog <= 3.8.2 (newuser.php) Arbitrary Add Admin Exploit
Exploit for unknown platform in category web applications ========================================================== Zomplog ДобавлÑем админа "Add Admin" /-- Титлы блога "Blog Title" Логин "Username" Пароль "Password" ПовторÑем пароль "Confirm...
Zomplog 3.8.2 - newuser.php Arbitrary Add Admin
Zomplog 3.8.2 - newuser.php Arbitrary Add Admin ======================== WEBXAKEP.NET =========================== Name: "Zomplog 3.8.2 ДобавлÑем админа "Add Admin" /-- Титлы блога "Blog Title" Логин "Username" Пароль "Password" ПовторÑем пароль...
Zomplog <= 3.8.2 (force_download.php) File Disclosure Vulnerability
Exploit for unknown platform in category web applications =================================================================== Zomplog = 3.8.2 forcedownload.php File Disclosure Vulnerability =================================================================== Name: "Zomplog 3.8.2 = file disclouse"...
Zomplog 3.8.2 - force_download.php File Disclosure
Zomplog 3.8.2 - forcedownload.php File Disclosure Name: "Zomplog 3.8.2 = file disclouse" Version: All Script Download: http://www.zomp.nl/zomplog/ DORK: "powered by zomplog" Discovered By: Stack-Terrorist Exploit: http://localhost/path/upload/forcedownload.php?file=forcedownload.php thnx : alah...
Zomplog 3.8.2 - 'force_download.php' File Disclosure
Name: "Zomplog 3.8.2 = file disclouse" Version: All Script Download: http://www.zomp.nl/zomplog/ DORK: "powered by zomplog" Discovered By: Stack-Terrorist Exploit: http://localhost/path/upload/forcedownload.php?file=forcedownload.php thnx : alah milw0rm.com 2008-05-16...
Zomplog 3.8.2 - 'newuser.php' Arbitrary Add Admin
======================== WEBXAKEP.NET =========================== Name: "Zomplog 3.8.2 ДобавлÑем админа "Add Admin" /-- Титлы блога "Blog Title" Логин "Username" Пароль "Password" ПовторÑем пароль "Confirm password"...
CVE-2008-2176
Cross-site scripting XSS vulnerability in admin/category.php in Zomplog 3.8.2 allows remote attackers to inject arbitrary web script or HTML via the catname parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in admin/category.php in Zomplog 3.8.2 allows remote attackers to inject arbitrary web script or HTML via the catname parameter...
CVE-2008-2176
Cross-site scripting XSS vulnerability in admin/category.php in Zomplog 3.8.2 allows remote attackers to inject arbitrary web script or HTML via the catname parameter...
CVE-2008-2176
CVE-2008-2176 describes a cross-site scripting (XSS) vulnerability in the Zomplog web app. The affected component is the admin/category.php script in Zomplog 3.8.2, where an attacker can supply input via the catname parameter to inject arbitrary web script or HTML. The available records confirm t...
Vulnerability in Multiple Web Application
I found a link about some web applications vulnerability. 1. Chicomos CMS Configuration File Disclosoure 2. Zomplog 3.8.2 Blog Engine Arbitrary Files Download/Disclosoure 3. Wheatlog Blog Engine Auto Create User See below http://kandangjamur.net/tutorial/multiple-application.txt...