grab our rss feed

Information Security News and Exploits

Providing you with Security News and Exploits from all over the web.

Home

Entries for July 6th, 2010

linux/x86 bind port to 6678 XOR encoded polymorphic shellcode 125 bytes

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>linux/x86 bind port to 6678 XOR encoded polymorphic shellcode 125 bytes</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=======================================================================
linux/x86 bind port to 6678 XOR encoded polymorphic shellcode 125 bytes
=======================================================================
/*
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

Auction_Software Script Admin Login Bypass vulnerability

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Auction_Software Script Admin Login Bypass vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>========================================================
Auction_Software Script Admin Login Bypass vulnerability
========================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Name : Auction_Software Script Admin Login Bypass vulnerability
vendor URL :http://www.brotherscripts.com/
Price: $24.95
Author : altbta <l_9[at]hotmail.com>
dork : "PHPAuction GPL Enhanced V2.51 by AuctionCode.com"
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Xploit : Auth Bypass
Demo :
http://www.site.com/demos/Auction_Software/admin/
UserName: [...]

Leave a Comment

IBM Bladecenter Management – Multiple vulnerabilities

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>IBM Bladecenter Management – Multiple vulnerabilities</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=====================================================
IBM Bladecenter Management – Multiple vulnerabilities
=====================================================
Application: IBM BladeCenter Managemet Module
Versions Affected: BPET48L and may be other versions
Vendor URL: http://www-03.ibm.com/systems/bladecenter/
Bug: XSS,Directory traversal, Information disclosure
Exploits: YES
Reported: 05.09.2009
Vendor response: 09.09.2009
Solution: YES
Date of Public Advisory: 05.07.2010
Author: [...]

Leave a Comment

Bs Auction Script (articlesdetails.php) Sql injection Vulnerability

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Bs Auction Script (articlesdetails.php) Sql injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===================================================================
Bs Auction Script (articlesdetails.php) Sql injection Vulnerability
===================================================================
—————————-Information————————————————
+Name : BS Auction <= SQL Injection Vulnerability Exploit
+Autor : Easy Laster
+ICQ : 11-051-551
+Date : 06.07.2010
+Script : BS Auction
+Price : $24.95
+Language [...]

Leave a Comment

Auto Dealer <= SQL Injection Vulnerability

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Auto Dealer <= SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==========================================
Auto Dealer <= SQL Injection Vulnerability
==========================================
—————————-Information————————————————
+Name : Auto Dealer <= SQL Injection Vulnerability Proof of Concept
+Autor : Easy Laster
+ICQ : 11-051-551
+Date : 06.07.2010
+Script : BS Auto Dealer
+Price : $24.95
+Language [...]

Leave a Comment

osCommerce Online Merchant v2.2 Release Candidate 2a XSS/HTML Vuln

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>osCommerce Online Merchant v2.2 Release Candidate 2a XSS/HTML Vuln</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=======================================================================
osCommerce Online Merchant v2.2 Release Candidate 2a XSS/HTML Injection
=======================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

Tandis CMS SQL Injection Vulnerability

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Tandis CMS SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>======================================
Tandis CMS SQL Injection Vulnerability
======================================
# Author: Vahshatestan Iranian Hackers
[~]######################################### InformatioN ###################################################################################[~]
?
[~] Title : Tandis CMS SQL Injection Vulnerability
[~] Author : Vahshatestan Iranian Hackers
[~] Mail : Vahshatestan@Gmail.com
[~] Site : Www.vahshatestan.iR
[~] Dork : inurl:inurl:index.php?mod=0&cpage=
[~] bl4ckl0rd [...]

Leave a Comment

BPAutosales – Cars Sales v 2.1 Sql Injection Vulnerabilty

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>BPAutosales – Cars Sales v 2.1 Sql Injection Vulnerabilty</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=========================================================
BPAutosales – Cars Sales v 2.1 Sql Injection Vulnerabilty
=========================================================
Name : BPAutosales – Cars Sales Site Sqli? Vulnerability
version: 2.1
Critical Level : HIGH
vendor URL :http://www.bpowerhouse.com
Price:$229
Author : ..::[ SONiC ]::.. aka ~the_pshyco~ [...]

Leave a Comment

Pre Hospital Management System BSql injection/Auth Bypass Vulnerabilty

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Pre Hospital Management System BSql injection/Auth Bypass Vulnerabilty</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>======================================================================
Pre Hospital Management System BSql injection/Auth Bypass Vulnerabilty
======================================================================
Name : Pre Hospital Management System? Sqli / Aauth Bypass Vulnerability
Critical Level :VERY HIGH
vendor URL :http://www.hostnomi.net
Price:$750
Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>
special [...]

Leave a Comment

Inout Music version 1.0 Shell upload Vulnerabilty

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Inout Music version 1.0 Shell upload Vulnerabilty </title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=================================================
Inout Music version 1.0 Shell upload Vulnerabilty
=================================================
Name : Inout Music version 1.0 Shell upload Vulnerabilty
Critical Level :VERY HIGH
vendor URL :http://www.inoutscripts.com
Price:$197
Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>
special thanks to : [...]

Leave a Comment

Inout Article base Ultimate Shell upload Vulnerabilty

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Inout Article base Ultimate Shell upload Vulnerabilty </title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=====================================================
Inout Article base Ultimate Shell upload Vulnerabilty
=====================================================
Name : Inout Article base Ultimate Shell upload Vulnerabilty
Critical Level :VERY HIGH
vendor URL :http://www.inoutscripts.com
Price:$197
Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>
special thanks to : [...]

Leave a Comment

Inout Ad server Ultimate Shell upload Vulnerabilty

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Inout Ad server Ultimate Shell upload Vulnerabilty</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==================================================
Inout Ad server Ultimate Shell upload Vulnerabilty
==================================================
Name : Inout Ad server Ultimate Shell upload Vulnerabilty
Critical Level :VERY HIGH
vendor URL :http://www.inoutscripts.com
Price:$197
Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>
special thanks to : Sid3^effects,r0073r [...]

Leave a Comment

TCW PHP Album SQL injection Vulnerabilty

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>TCW PHP Album SQL injection Vulnerabilty</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>========================================
TCW PHP Album SQL injection Vulnerabilty
========================================
Name : TCW PHP Album SQL iNjection Vulnerabilty
Critical Level :VERY HIGH
vendor URL :http://www.codango.com/php/fnc/goto/?id=7951410
Price:free
Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>
special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,Bunny,Nishi,MA1201,RJ,D3aD F0x
greetz [...]

Leave a Comment

Lyrics V3 engine SQL injection Vulnerabilty

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Lyrics V3 engine SQL injection Vulnerabilty </title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===========================================
Lyrics V3 engine SQL injection Vulnerabilty
===========================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ [...]

Leave a Comment

ReVou MicroBlogging Script Auth Bypass Vulnerabilty

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>ReVou MicroBlogging Script Auth Bypass Vulnerabilty </title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>===================================================
ReVou MicroBlogging Script Auth Bypass Vulnerabilty
===================================================
Name : ReVou MicroBlogging Script Auth Bypass Vulnerabilty
Date : july 6,2010
Critical Level :VERY HIGH
vendor URL :http://www.revou.com/demo
Price:free
Author : ..::[ SONiC ]::.. aka ~the_pshyco~ <sonicdefence[at]gmail.com>
special thanks to : [...]

Leave a Comment

BS Auto Classifieds (info.php) SQL Injection Vulnerability

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>BS Auto Classifieds (info.php) SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>==========================================================
BS Auto Classifieds (info.php) SQL Injection Vulnerability
==========================================================
—————————-Information————————————————
+Autor : Easy Laster
+ICQ : 11-051-551
+Date : 06.07.2010
+Script : BS Auto Classifieds
+Price : $24.95
+Language HP
+Discovered by Easy Laster 4004-security-project.com
+Security Group Undergroundagents [...]

Leave a Comment

BS Business Directory (articlesdetails.php) SQL Injection Vulnerability

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>BS Business Directory (articlesdetails.php) SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=======================================================================
BS Business Directory (articlesdetails.php) SQL Injection Vulnerability
=======================================================================
—————————-Information————————————————
+Autor : Easy Laster
+ICQ : 11-051-551
+Date : 06.07.2010
+Script : BS Business Directory
+Price : $24.95
+Language HP
+Discovered by Easy Laster 4004-security-project.com
+Security Group Undergroundagents [...]

Leave a Comment

BS Classifieds Ads (articlesdetails.php) SQL Injection Vulnerability

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>BS Classifieds Ads (articlesdetails.php) SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>====================================================================
BS Classifieds Ads (articlesdetails.php) SQL Injection Vulnerability
====================================================================
—————————-Information————————————————
+Autor : Easy Laster
+ICQ : 11-051-551
+Date : 06.07.2010
+Script : BS Classifieds Ads
+Price : $24.95
+Language HP
+Discovered by Easy Laster 4004-security-project.com
+Security Group Undergroundagents [...]

Leave a Comment

BS Events Directory (articlesdetails.php) SQL Injection Vulnerability

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>BS Events Directory (articlesdetails.php) SQL Injection Vulnerability</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>=====================================================================
BS Events Directory (articlesdetails.php) SQL Injection Vulnerability
=====================================================================
—————————-Information————————————————
+Autor : Easy Laster
+ICQ : 11-051-551
+Date : 06.07.2010
+Script : BS Events Directory
+Price : $24.95
+Language HP
+Discovered by Easy Laster 4004-security-project.com
+Security Group Undergroundagents [...]

Leave a Comment

Pre Multi-Vendor Shopping Malls SQL Injection/Auth Bypass Vulnerabilty

Jul.06, 2010 in Exploits

<!DOCTYPE HTML PUBLIC ‘-//W3C//DTD HTML 4.01 Transitional//EN’><html><head><meta http-equiv=’Content-Type’ content=’text/html; charset=windows-1251′><title>Pre Multi-Vendor Shopping Malls SQL Injection/Auth Bypass Vulnerabilty</title><link rel=’shortcut icon’ href=’/favicon.ico’ type=’image/x-icon’><link rel=’alternate’ type=’application/rss+xml’ title=’Inj3ct0r RSS’ href=’/rss’></head><body><pre>======================================================================
Pre Multi-Vendor Shopping Malls SQL Injection/Auth Bypass Vulnerabilty
======================================================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ [...]

Leave a Comment

« previous entries

Quote

We use Linux for all our mission-critical applications. Having the source code means that we are not held hostage by anyone's support department.

Categories
- Exploits
- News