Skip to content

Tag: exploit

PmWiki

Published 23/11/2011

<?php /* ————————————————————- PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Exploit ————————————————————- author……………: Egidio Romano aka EgiX mail……………..: n0b0d13s[at]gmail[dot]com software link……..: http://www.pmwiki.org/ affected…

Continuar Lendo …

Leave a Comment

PHP-Nuke

Published 23/11/2011

#!/usr/bin/perl # [0-Day] PHP-Nuke <= 8.1.0.3.5b (Downloads) Remote Blind SQL Injection # Date: 2010.07.04 after 50 days the bug was discovered. # Author/s: Dante90, WaRWolFz…

Continuar Lendo …

Leave a Comment

WordPress jetpack plugin SQL Injection Vulnerability

WordPress jetpack plugin SQL Injection Vulnerability

Published 21/11/2011

###################################################### # Exploit Title: WordPress jetpack plugin SQL Injection Vulnerability # Date: 2011-19-11 # Author: longrifle0x # software: WordPress # Download:http://wordpress.org/extend/plugins/jetpack/ # Tools: SQLMAP ######################################################…

Continuar Lendo …

Leave a Comment

OSX universal ROP shellcode Testado no SNOW LEOPARD

OSX universal ROP shellcode Testado no SNOW LEOPARD

Published 03/10/2011

; universal OSX dyld ROP shellcode ; tested on OS X 10.6.8 ; ; if you don’t want to compile, copy stage0 code from precompiled.txt…

Continuar Lendo …

Leave a Comment

NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF

NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF

Published 23/09/2011

Sense of Security – Security Advisory – SOS-11-011 Release Date. 20-Sep-2011 Last Update. – Vendor Notification Date. 22-Mar-2011 Product. NETGEAR Wireless Cable Modem Gateway CG814WG…

Continuar Lendo …

3 Comments

JAKCMS PRO

Published 23/09/2011

# Exploit Title: JAKCMS PRO < = 2.2.5 Remote Arbitrary File Upload Exploit # Google Dork: "Powered By JAKCMS" # Date: 21/09/2011 # Author: EgiX…

Continuar Lendo …

Leave a Comment

Multiple WordPress Plugin timthumb.php Vulnerabilites

Multiple WordPress Plugin timthumb.php Vulnerabilites

Published 23/09/2011

# Exploit Title: Multiple WordPress timthumb.php reuse vulnerabilities # Date: 09/19/2011 # Author: Ben Schmidt (supernothing (AT) spareclockcycles.org @_supernothing) — Description — The following WordPress…

Continuar Lendo …

3 Comments

Cisco TelePresence Multiple Vulnerabilities – SOS-11-010

Cisco TelePresence Multiple Vulnerabilities – SOS-11-010

Published 23/09/2011

Sense of Security – Security Advisory – SOS-11-010 Release Date. 19-Sep-2011 Last Update. – Vendor Notification Date. 21-Feb-2011 Product. Cisco TelePresence Series Platform. Cisco Affected…

Continuar Lendo …

Leave a Comment

WordPress Relocate Upload Plugin 0.14 Remote File Inclusion

WordPress Relocate Upload Plugin 0.14 Remote File Inclusion

Published 23/09/2011

# Exploit Title: Relocate Upload WordPress plugin RFI # Google Dork: inurl:wp-content/plugins/relocate-upload # Date: 09/19/2011 # Author: Ben Schmidt (supernothing (AT) spareclockcycles.org @_supernothing) # Software…

Continuar Lendo …

Leave a Comment

WordPress Mini Mail Dashboard Widget Plugin 1.36 Remote File Inclusion

WordPress Mini Mail Dashboard Widget Plugin 1.36 Remote File Inclusion

Published 23/09/2011

# Exploit Title: Mini Mail Dashboard Widget WordPress plugin RFI # Google Dork: inurl:wp-content/plugins/mini-mail-dashboard-widget # Date: 09/19/2011 # Author: Ben Schmidt (supernothing (AT) spareclockcycles.org @_supernothing)…

Continuar Lendo …

Leave a Comment

WordPress PureHTML plugin

WordPress PureHTML plugin

Published 06/09/2011

# Exploit Title: WordPress PureHTML plugin < = 1.0.0 SQL Injection Vulnerability # Date: 2011-08-31 # Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm) # Software Link: http://downloads.wordpress.org/plugin/pure-html.1.0.0.zip…

Continuar Lendo …

Leave a Comment

WordPress yolink Search plugin

WordPress yolink Search plugin

Published 06/09/2011

# Exploit Title: WordPress yolink Search plugin < = 1.1.4 SQL Injection Vulnerability # Date: 2011-08-30 # Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm) # Software Link:…

Continuar Lendo …

Leave a Comment

WordPress wp audio gallery playlist plugin

WordPress wp audio gallery playlist plugin

Published 06/09/2011

# Exploit Title: WordPress wp audio gallery playlist plugin < = 0.12 SQL Injection Vulnerability # Date: 2011-08-30 # Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm) #…

Continuar Lendo …

Leave a Comment

WordPress Crawl Rate Tracker plugin

WordPress Crawl Rate Tracker plugin

Published 06/09/2011

# Exploit Title: WordPress Crawl Rate Tracker plugin < = 2.0.2 SQL Injection Vulnerability # Date: 2011-08-30 # Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm) # Software…

Continuar Lendo …

Leave a Comment

WordPress Event Registration plugin

WordPress Event Registration plugin

Published 06/09/2011

# Exploit Title: WordPress Event Registration plugin < = 5.4.3 SQL Injection Vulnerability # Date: 2011-08-30 # Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm) # Software Link:…

Continuar Lendo …

Leave a Comment

WordPress Contus HD FLV Player plugin

WordPress Contus HD FLV Player plugin

Published 18/08/2011

# Exploit Title: WordPress Contus HD FLV Player plugin < = 1.3 SQL Injection Vulnerability # Date: 2011-08-17 # Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm) #…

Continuar Lendo …

Leave a Comment

WordPress File Groups plugin

WordPress File Groups plugin

Published 18/08/2011

# Exploit Title: WordPress File Groups plugin < = 1.1.2 SQL Injection Vulnerability # Date: 2011-08-17 # Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm) # Software Link:…

Continuar Lendo …

Leave a Comment

WP E-commerce plugin

WP E-commerce plugin

Published 08/08/2011

# Exploit Title: WP E-commerce plugin < = 3.8.4 Sql Injection # Google Dork: inurl:page_id= “Your billing/contact details” # Date: 18/07/2011 # Author: IHTeam #…

Continuar Lendo …

Leave a Comment

Joomla Component (com_jdirectory) SQL Injection Vulnerability

Joomla Component (com_jdirectory) SQL Injection Vulnerability

Published 08/08/2011

===================================================================== .__ .__ __ .__ .___ ____ ___ _________ | | ____ |__|/ |_ |__| __| _/ _/ __ \ / /____ | | /…

Continuar Lendo …

Leave a Comment

MyBB MyTabs (plugin) 0day SQL injection vulnerability

MyBB MyTabs (plugin) 0day SQL injection vulnerability

Published 08/08/2011

===================================================================== MyBB 0day MyTabs (plugin) SQL injection vulnerability ===================================================================== # Exploit title : MyBB 0day MyTabs (plugin) SQL injection vulnerability. # Author: AutoRUN & dR.sqL…

Continuar Lendo …

Leave a Comment