Information Security News and Exploits

Providing you with Security News and Exploits from all over the web.

Entries for October, 2010

[webapps / 0day] – Zomplog 3.9 Multiple XSS & XSRF Vulnerabilities

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Zomplog 3.9 Multiple XSS &amp; XSRF Vulnerabilities | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Zomplog 3.9 Multiple XSS &amp; XSRF Vulnerabilities by High-Tech Bridge . in webapps / 0day | Inj3ct0r – exploit database : [...]

Leave a Comment

[webapps / 0day] – RoSPORA <= 1.5.0 Remote PHP Code Injection

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>RoSPORA &lt;= 1.5.0 Remote PHP Code Injection | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’RoSPORA &lt;= 1.5.0 Remote PHP Code Injection by EgiX in webapps / 0day | Inj3ct0r – exploit database : vulnerability : [...]

Leave a Comment

[webapps / 0day] – TFTgallery <= 0.13.1 Local File Inclusion Vulnerability

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>TFTgallery &lt;= 0.13.1 Local File Inclusion Vulnerability | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’TFTgallery &lt;= 0.13.1 Local File Inclusion Vulnerability by Lance M. Havok in webapps / 0day | Inj3ct0r – exploit database : [...]

Leave a Comment

[webapps / 0day] – PHPKit <= 1.6.1 R2 overview.php SQL Injection Exploit

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>PHPKit &lt;= 1.6.1 R2 overview.php SQL Injection Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’PHPKit &lt;= 1.6.1 R2 overview.php SQL Injection Exploit by Easy Laster in webapps / 0day | Inj3ct0r – exploit database [...]

Leave a Comment

[webapps / 0day] – mygamingladder MGL Combo System <= 7.5 game.php SQL injection Exploit

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>mygamingladder MGL Combo System &lt;= 7.5 game.php SQL injection Exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’mygamingladder MGL Combo System &lt;= 7.5 game.php SQL injection Exploit by Easy Laster in webapps / 0day | [...]

Leave a Comment

[webapps / 0day] – Zoopeer 0.1 & 0.2 (fckeditor) Shell Upload Vulnerability

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Zoopeer 0.1 &amp; 0.2 (fckeditor) Shell Upload Vulnerability | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Zoopeer 0.1 &amp; 0.2 (fckeditor) Shell Upload Vulnerability by Net.Edit0r in webapps / 0day | Inj3ct0r – exploit database : [...]

Leave a Comment

[webapps / 0day] – Simpli Easy (AFC Simple) Newsletter <= 4.2 XSS/Information Leakage

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Simpli Easy (AFC Simple) Newsletter &lt;= 4.2 XSS/Information Leakage | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Simpli Easy (AFC Simple) Newsletter &lt;= 4.2 XSS/Information Leakage by p0deje in webapps / 0day | Inj3ct0r – exploit [...]

Leave a Comment

[webapps / 0day] – Dolphin 7.0.3 <= (poll) Modules LFI Vulnerability

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Dolphin 7.0.3 &lt;= (poll) Modules LFI Vulnerability | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Dolphin 7.0.3 &lt;= (poll) Modules LFI Vulnerability by KnocKout in webapps / 0day | Inj3ct0r – exploit database : vulnerability : [...]

Leave a Comment

[webapps / 0day] – Dolphin 7.0.3 <= (6) Modules LFI Vulnerabilities

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Dolphin 7.0.3 &lt;= (6) Modules LFI Vulnerabilities | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Dolphin 7.0.3 &lt;= (6) Modules LFI Vulnerabilities by KnocKout in webapps / 0day | Inj3ct0r – exploit database : vulnerability : [...]

Leave a Comment

[webapps / 0day] – bloofoxCMS 0.3.5 Remot upload exploit

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>bloofoxCMS 0.3.5 Remot upload exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’bloofoxCMS 0.3.5 Remot upload exploit by indoushka in webapps / 0day | Inj3ct0r – exploit database : vulnerability : 0day : shellcode’ /><link [...]

Leave a Comment

[remote exploits] – Home FTP Server v1.11.1.149 RETR DELE RMD Remote Directory Traversal

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Home FTP Server v1.11.1.149 RETR DELE RMD Remote Directory Traversal | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Home FTP Server v1.11.1.149 RETR DELE RMD Remote Directory Traversal by Pr0T3cT10n in remote exploits | Inj3ct0r – [...]

Leave a Comment

[remote exploits] – SmallFTPD v1.0.3 Remote Directory Traversal Vulnerability

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>SmallFTPD v1.0.3 Remote Directory Traversal Vulnerability | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’SmallFTPD v1.0.3 Remote Directory Traversal Vulnerability by Pr0T3cT10n in remote exploits | Inj3ct0r – exploit database : vulnerability : 0day : shellcode’ [...]

Leave a Comment

[dos / poc] – yPlay v2.4.5 Denial of Service Vulnerability

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>yPlay v2.4.5 Denial of Service Vulnerability | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’yPlay v2.4.5 Denial of Service Vulnerability by MOHAMED ABDI in dos / poc | Inj3ct0r – exploit database : vulnerability : 0day [...]

Leave a Comment

[webapps / 0day] – Joovili 3.1.8 CRLF injection/HTTP response splitting Vulnerability

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Joovili 3.1.8 CRLF injection/HTTP response splitting Vulnerability | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Joovili 3.1.8 CRLF injection/HTTP response splitting Vulnerability by indoushka in webapps / 0day | Inj3ct0r – exploit database : vulnerability : [...]

Leave a Comment

[webapps / 0day] – Joovili 3.1.8 SQL injection Vulnerability

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Joovili 3.1.8 SQL injection Vulnerability | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Joovili 3.1.8 SQL injection Vulnerability by indoushka in webapps / 0day | Inj3ct0r – exploit database : vulnerability : 0day : shellcode’ /><link [...]

Leave a Comment

[webapps / 0day] – MediaCore 0.8.2 backup restore 0-day exploit

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>MediaCore 0.8.2 backup restore 0-day exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’MediaCore 0.8.2 backup restore 0-day exploit by indoushka in webapps / 0day | Inj3ct0r – exploit database : vulnerability : 0day : [...]

Leave a Comment

[webapps / 0day] – Mobile Chat v2.0.2 by Pass Vulnerability

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>Mobile Chat v2.0.2 by Pass Vulnerability | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’Mobile Chat v2.0.2 by Pass Vulnerability by indoushka in webapps / 0day | Inj3ct0r – exploit database : vulnerability : 0day : [...]

Leave a Comment

[webapps / 0day] – OSBanditi SQL injection Vulnerability

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>OSBanditi SQL injection Vulnerability | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’OSBanditi SQL injection Vulnerability by indoushka in webapps / 0day | Inj3ct0r – exploit database : vulnerability : 0day : shellcode’ /><link rel=’shortcut icon’ [...]

Leave a Comment

[webapps / 0day] – zomplog3.9 Remot upload exploit

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>zomplog3.9 Remot upload exploit | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’zomplog3.9 Remot upload exploit by indoushka in webapps / 0day | Inj3ct0r – exploit database : vulnerability : 0day : shellcode’ /><link rel=’shortcut icon’ [...]

Leave a Comment

[webapps / 0day] – zomplog3.9 SQL injection Vulnerability

Oct.31, 2010 in Exploits

<!DOCTYPE html PUBLIC ‘-//W3C//DTD XHTML 1.0 Strict//EN’ ‘http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd’><html xmlns=’http://www.w3.org/1999/xhtml’><head><meta http-equiv=’Content-Type’ content=’text/html; charset=utf-8′ /><meta http-equiv=’Content-Language’ content=’en’ /><title>zomplog3.9 SQL injection Vulnerability | Inj3ct0r – exploit database : vulnerability : 0day : shellcode</title><meta name=’description’ content=’zomplog3.9 SQL injection Vulnerability by indoushka in webapps / 0day | Inj3ct0r – exploit database : vulnerability : 0day : shellcode’ /><link rel=’shortcut icon’ [...]

Leave a Comment