Next Page >>
Discovered By
print "################################################"
print " VigileCMS <= 1.8 Stealth "
print " Remote Command Execution "
print " "
print " Discovered By The:Paradox "
print " "
print " Usage: "
print " %s [Target] [Path] " % (sys.argv[0])
print " "
print " Example: "
Hello,,
Google Chrome Auto download exploit ..
Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security@soqor.net
Tested Successfully on Google Chrome Build 1798
/***************************************************************\
* WinSoftMagic Photo Editor .PNG File Buffer Overflow *
* *
* This sploit runs calc.exe or bind to port 4444. *
* Tested On Win XP SP2 & Win VisTa 2008 *
* Code & Discovered By: eidelweiss *
* *
* This Made For Educational purpose only *
* Author will not responsible for any damage *
* *
* *
Date Discovered
---------------
October 14, 2008
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Corey LeBleu and r@b13$
Vulnerability Description
Date Discovered
---------------
March 10th, 2009
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Steven James and princeofnigeria and r@b13$
Vulnerability Description
GetBlog local File inclusion ..
http://sourceforge.net/projects/geblog
Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security@soqor.net
Exploit : -
tested on:
cPanel V 11.18.3
cPanel V 11.21.0-BETA
Discovered By Linux_Drox
Soon : Bypass Security of servers On cPanel 11.x
www.LeZr.Com
S-H-T
=================================================
Discovered By: CrAzY CrAcKeR
Email: CrAzY_CrAcKeR(at)hotmail(dot)com
================================================
example:-
http://www.example.info/rubrique.php?id=-1+union+select+1,2,us_login,us_password,5,6,7,8,9,10,11,12,13,14+from+a_users_f
Affected OS:
FreeBSD 6.3 [TESTED & FOUND]
FreeBSD 6.2 [TESTED & FOUND]
Discovered By : INTECO-CERT, David Reguera Garcia, david.reguera@inteco.es
POC exploit by : INTECO-CERT, David Reguera Garcia, david.reguera@inteco.es
Remote : NO
Execution of code : NO
Privilege scalation : NO
Discovered By : Arsalan Emamjomehkashan
aeries browser interface(ABI) 3.8.3.14 Remote SQL Injection
Website:http://aeries.com/
SQL injection:
GradebookOptions.asp?GrdBk=SQL
loginproc.asp If you post variable "SchlCode"
XSS:
UserName variable on loginproc.asp and usr on Login.asp
Hello,,
PHPEchoCMS Multible remote vulnerabilitis
Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security@soqor.net
MyBlog (MyCMS) Remote PHP Code execution / PHP Code injection ..
http://sourceforge.net/projects/myblog/
Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security@soqor.net
Exploit : -
Date Discovered
---------------
October 21st 2008
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Steven James and r@b13$
Vulnerability Description
Tested Version: 1.0.4
Threat Class: XSS
Severity: Medium
Remote: yes
Local: no
Discovered By: Andrei Rimsa Alvares
===== Description =====
Pligg is prone to a XSS vulnerability in the installation file: install/install1.php. The variable "language" - obtained from an http request - can be manipulated to execute java script code via onmouseover like functions. Even with the two sanitizers used (strip_tags and addslashes) it is possible to bypass the double quote jail of the value field in the input tag by passing a double quote via the "language" variable.
Date Discovered
---------------
January 19th 2009
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: David Marshall and r@b13$
Vulnerability Description
Severity
--------
High
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: princeofnigeria and r@b13$
Date Discovered
**************************************************************
Application: VirtueMart
Version affected: <= 1.1.6
Website: http://www.virtuemart.net/
Discovered By: Andrea Fabrizi
Email: andrea.fabrizi@gmail.com
Web: http://www.andreafabrizi.it
Vuln: Blind SQL Injection
**************************************************************
Date Discovered
---------------
March 12, 2012
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: r@b13$
Vulnerability Description
In the Script Xoops-2.0.16 are Remote File Inclusion Bugs
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Script : xoops-2.0.16-Kararli
Discovered By : F10
Contact : by_f10@hotmail.com
WebSite : http://by-f10.com
Greetz : by_emR3 , H0tturk , TaRanTuLa ,
gsy , ercu_145 ,
LupuS,m0sted,CyberGhost ... .
Date Discovered
---------------
October 23, 2008
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Shmoov and r@b13$
Vulnerability Description
Hello
Cybershade CMS Remote File include vulnerability
Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security@soqor.net
Remote File Including
Date Discovered
---------------
November 3, 2009
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Alex Kaszczuk, Alan Chin, Jose R. Hernandez and r@b13$
Vulnerability Description
Discovered By : Arsalan Emamjomehkashan
admin@arsalank.com
aeries browser interface(ABI) 3.8.2.8 XSS
Website:http://aeries.com/
Login on it add a new event with <script>alert("xss)</script> and it will work each time you load your homepage
--------------------------------
Aria-Security Team
httP://Aria-Security.Net
Date Discovered
---------------
September 6th, 2011
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: r@b13$
Vulnerability Description
Tested Version: 0.97.0
Threat Class: XSS
Severity: High
Remote: yes
Local: no
Discovered By: Andrei Rimsa Alvares
===== Description =====
The file "modules/slideshowmodule/slideshow.js.php" is prone to XSS vulnerabilities. Multiple instance of variable $_GET['u'] gets outputted to the page without proper sanitization.
Date Discovered
---------------
May 12, 2009
Discovered By
-------------
Digital Defense, Inc. Vulnerability Research Team
Credit: Geoff Humes and r@b13$
Vulnerability Description
Discovered By : Arsalan Emamjomehkashan
admin@arsalank.com
aeries browser interface(ABI) 3.8.2.8 Remote SQL Injection
Website:http://aeries.com/
GradebookStuScores.asp?GrdBk=SQL
--------------------------
Aria-Security Team
httP://Aria-Security.Net
##################################################################
# Title : online newspaper university "newsdesc.php" SQL Injection Vulnerabilities
#
# Discovered By: CrAzY CrAcKeR
#
# Home : Null
#
# Email : CrAzY_CrAcKeR@hotmail.com.com
#
Hello,,
TorrentTrader Classic Mutiple Remote vulnerabilities
Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security@soqor.net
On 26 Sep 2007 19:09:17 -0000, security@soqor.net <security@soqor.net> wrote:
> Hello
>
> Joomla multiple vulerabilities
>
> Discovered By : HACKERS PAL
> Copy rights : HACKERS PAL
> Website : http://www.soqor.net
> Email Address : security (at) soqor (dot) net
>
> Affected Versions
Next Page>>
|
