exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

AdaptCMS 3.0.3 HTTP Referer Header Open Redirect
Posted Jan 5, 2015
Authored by LiquidWorm | Site zeroscience.mk

AdaptCMS version 3.0.3 suffers from an open redirection vulnerability due to giving implied trust to the HTTP Referer header.

tags | exploit, web
SHA-256 | 0bae89972bb325d03e3e953fa608c002315df2ecd8d8f8c85d95edac75c9d692

Related Files

AdaptCMS 3.0 Cross Site Scripting
Posted May 7, 2015
Authored by Provensec

AdaptCMS version 3.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 71bae6992093d7256402d6bb35991c1169834d1e7e27df9ae1979cad08ac0d65
AdaptCMS 3.0.3 Remote Command Execution
Posted Jan 5, 2015
Authored by LiquidWorm | Site zeroscience.mk

AdaptCMS version 3.0.3 suffers from an authenticated arbitrary command execution vulnerability. The issue is caused due to the improper verification of uploaded files. This can be exploited to execute arbitrary PHP code by creating or uploading a malicious PHP script file that will be stored in '\app\webroot\uploads' directory.

tags | exploit, arbitrary, php
SHA-256 | 5b566183baf344d655c35712b81e46cf526107609f4fd7b1bd1927b963915827
AdaptCMS 3.0.3 Cross Site Scripting
Posted Jan 5, 2015
Authored by LiquidWorm | Site zeroscience.mk

AdaptCMS version 3.0.3 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 6f9af3f51b4bdd59ee2d675c919d9ac43718212e55595b6445dfc42030c32c48
AdaptCMS 3.0.1 Cross Site Scripting
Posted Oct 11, 2013
Authored by syst3m_f4ult

AdaptCMS version 3.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4f69e17362e1d3e3727d1e8458a9b8c39609e4b39a547dacffe89ebb93f75936
Secunia Security Advisory 52058
Posted Feb 5, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in AdaptCMS, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | cfe99d89e7026e32f6242b294aac518f95da5cead98c53040f850299523e5618
AdaptCMS 2.0.4 SQL Injection
Posted Feb 2, 2013
Authored by kallimero

AdaptCMS versions 2.0.4 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 10b28440296e69c4db952b068665c6894e07ffc6857babc5166dc7fe083cde72
AdaptCMS 2.0.2 Cross Site Scripting
Posted Jun 19, 2012
Authored by indoushka

AdaptCMS version 2.0.2 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 97186847792218b50bd50c087ed631bbd8f1b4936aac301043dad7bf2fffd224
AdaptCMS 2.0.2 (TinyURL) SQL Injection
Posted Jun 3, 2012
Authored by KedAns-Dz

AdaptCMS version 2.0.2 (TinyURL) suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | ecc9c9dc887b3df0475b0f5e46b2f86ca3d6efa6d62a9d722afa1e8502476d61
AdaptCMS 2.x SQL Injection
Posted Nov 23, 2011
Authored by X-Cisadane

AdaptCMS version 2.x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a80a3f2b5f67af7ca7383534b2562153352f1b57aa21ce4967d98558dda791bd
Secunia Security Advisory 46180
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefan Schurtz has discovered multiple vulnerabilities in AdaptCMS. These can be exploited by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 26531b1ee81a4e21a8c79dabf65d713fc5cf1c8d1e508ad47a3aee4ee5874b67
AdaptCMS 2.0.1 Cross Site Scripting / Bypass
Posted Sep 26, 2011
Authored by Stefan Schurtz

AdaptCMS version 2.0.1 suffers from cross site scripting, information disclosure, and authentication bypass vulnerability.

tags | exploit, xss, bypass, info disclosure
SHA-256 | 590b7718119cef4f5699e5608269f589d7d8c1bf22f040468240a2227b4dacf8
ATutor 2.0.2 Cross Site Scripting / SQL Injection
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor version 2.0.2 suffers from cross site scripting, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 156e8ca29442c39dd68f426ab627536ea459ec2f62caf6d738900896523fcea0
ATutor AChecker 1.2 Cross Site Scripting / Path Disclosure
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor AChecker version 1.2 suffers from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | f051fdf159320c7c589e285d8b88bea2bf95dbf5dda51944394344650d558b95
ATutor AChecker 1.2 SQL Injection
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor AChecker version 1.2 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 69d0f7a89f886464429de2e220cc5aeecc1f9b05cd0e22b446911e96c541b9f1
ATutor AContent 1.1 Script Insertion
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor AContent version 1.1 suffers from a script insertion vulnerability.

tags | exploit
SHA-256 | a6be43d63054eb477eddea9f0ec640843c438d24439cee3724859cfa283bb118
ATutor AContent 1.1 / 1.3 Cross Site Scripting
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor AContent version 1.1 suffers from multiple cross site scripting vulnerabilities. This also affects version 1.3 as of 2014/01/05.

tags | exploit, vulnerability, xss
SHA-256 | 11f71a7a8fc1b6198d0accd72f3c4a62c57ad812171943bba7e230803cb30eff
ATutor AContent 1.1 SQL Injection
Posted Aug 6, 2011
Authored by LiquidWorm | Site zeroscience.mk

ATutor AContent version 1.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | f56291915b34b94f96cf88882cc5c3ad29f32c7cd6bb2be6f841ce2ae4b2f103
Digital Scribe 1.5 Cross Site Scripting
Posted Jul 31, 2011
Authored by LiquidWorm | Site zeroscience.mk

Digital Scribe version 1.5 suffers from multiple post cross site scripting vulnerabilities. Input thru the POST parameters 'title', 'last' and 'email' in register.php is not sanitized allowing the attacker to execute HTML code into user's browser session on the affected site.

tags | exploit, php, vulnerability, xss
SHA-256 | b4e758e765d3c3f1dd3bae0aeac26f05237bd21334ea75852e11273d369ff975
Online Grades Project Team 3.2.5 Cross Site Scripting
Posted Jul 25, 2011
Authored by LiquidWorm | Site zeroscience.mk

Online Grades version 3.2.5 suffers from multiple cross site scripting vulnerabilities. The issue is triggered when input passed via multiple parameters to the 'admin/admin.php' script is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

tags | exploit, arbitrary, php, vulnerability, xss
SHA-256 | 97dac1462d3751baa282b6d6356f3f5c1af9936b2fe7fc9e1f21af38da27da98
PG eLMS Pro DEC_2007_01 Blind SQL Injection
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

PG eLMS Pro version DEC_2007_01 suffers from multiple remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | f33c1f60fe48012757d4de9d5b369cbdd1b4511201f7d9fa55519f099d092a34
PG eLMS Pro DEC_2007_01 Cross Site Scripting
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

PG eLMS Pro version DEC_2007_01 suffers from multiple POST cross site scripting vulnerabilities in contact_us.php.

tags | exploit, php, vulnerability, xss
SHA-256 | 3cb7f482a30aa8222e39a62050d674c0b4201c4a9b953dc76fb7e986a91915bf
TCExam 11.2.011 SQL Injection
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

TCExam versions 11.2.011 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 914e1468f043c743fbcb3539d34a062ed28fec35ba1be0ed6dab33cd0deb9e05
TCExam 11.2.011 Cross Site Scripting
Posted Jul 14, 2011
Authored by LiquidWorm | Site zeroscience.mk

TCExam versions 11.2.011 and below suffer from multiple pre and post auth cross site scripting vulnerabilities when parsing user input to multiple parameters via GET and POST method in multiple scripts. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, vulnerability, xss
SHA-256 | 124989b21ffded644a3bd7fb5253e0bf4a9f3a0f8cf17bb80608ab44fd14748f
Tugux CMS 1.2 Remote Arbitrary File Deletion
Posted Jul 11, 2011
Authored by LiquidWorm | Site zeroscience.mk

Tugux CMS version 1.2 remote arbitrary file deletion vulnerability.

tags | exploit, remote, arbitrary
SHA-256 | b322ce3279d241071e6638005f0f9486916adab50fcebbdaf25046904c8aa330
ESTsoft ALPlayer 2.0 ASX Playlist File Handling Buffer Overflow
Posted Jul 7, 2011
Authored by LiquidWorm | Site zeroscience.mk

ESTsoft ALPlayer version 2.0 suffers from a buffer overflow vulnerability. It is caused due to a boundary error in the processing of a playlist file, which can be exploited to cause a stack-based buffer overflow when a user opens e.g. a specially crafted .asx file. Successful exploitation may allow execution of arbitrary code.

tags | exploit, overflow, arbitrary
systems | linux
SHA-256 | 5a582f57cd6e6df287f9f89eb693be5d651a9317c7ec5a7a9f97332fdc138cd4
Page 1 of 4
Back1234Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close