what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 26 - 50 of 55

Files from AmnPardaz Security Research Team

translucid-upload.txt

Posted Sep 3, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

TransLucid version 1.75 suffers from a remote arbitrary file upload vulnerability.

tags | exploit, remote, arbitrary, file upload

SHA-256 | e9567ac9823ceb39cd82126aa0d63fa304be53841ead193c02397f434d6617e3

Download | Favorite | View

igescms-multi.txt

Posted Aug 5, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

IGES CMS versions 2.0 and below suffer cross site scripting and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | 60adf6a24b2bdacd6541ef666dd5f09b68257b211d8f141c12199818ccc879c3

Download | Favorite | View

myblog-multi.txt

Posted Jul 21, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

MyBlog versions 0.9.8 and below suffer from information leak and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

SHA-256 | e7a0a431015c916f9b1a2d5f52fd1d2c70b9332ecbc42e21014a8b782e0bb47e

Download | Favorite | View

pluck-lfi.txt

Posted Jul 15, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Pluck version 4.5.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion

SHA-256 | 97359dbd07b27df4394cfd514c94a283ac92098fcbf90ff15c5c3cfc0e028c60

Download | Favorite | View

glshdeaf-multi.txt

Posted Jun 20, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

GL-SH Deaf Forum versions 6.5.5 and below suffer from local file inclusion, cross site scripting, and upload vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion

SHA-256 | ebe09075b7348be97113052f9b0888b053a0f94d156ccf5ebcfa6fbe9855baa2

Download | Favorite | View

virtualsupport-multi.txt

Posted Jun 20, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Virtual Support Office-XP versions 3.0.29 and below suffer from session management, SQL injection, cross site scripting, and authentication vulnerabilities.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | 93b343caab0ecc35adc6352a1ada251d3995ee13022c16042bdbd378944667d2

Download | Favorite | View

elinestudio-sqlxss.txt

Posted Jun 19, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

eLineStudio Site Composer (ESC) versions 2.6 and below suffer from SQL injection, cross site scripting, and information leakage vulnerabilities.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | 1a92e11ff7286dd9c1b83bede19c61fd5b42711d54d9dfff5639f1a51c8a97ec

Download | Favorite | View

academic-sqlxss.txt

Posted Jun 19, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Academic Web Tools CMS versions 1.4.2.8 and below suffer from directory traversal, SQL injection, and cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss, sql injection

SHA-256 | 6bb80a0be30de3680020fc3040e0bd35081f88b007d95287198e71c7b4f21e89

Download | Favorite | View

doitlivecms-sqlxss.txt

Posted Jun 18, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

doITlive CMS versions 2.50 and below suffer from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | b2a0fd51e4e3a41ec5c245c99261f2397bd10a0e4639d85ee2ea0762baa8000c

Download | Favorite | View

pooya-sql.txt

Posted Jun 12, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Pooya Site Builder (PSB) version 6.0 suffers from multiple SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection

SHA-256 | d1ad5ace918c57e4b7043a0340128448918e8f386197d1f9a6ad11939755be8a

Download | Favorite | View

absolute-screwups.txt

Posted Jun 11, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Products from Xigla, such as Absolute Live Support XE, Absolute News Manager XE, Absolute Banner Manager XE, Absolute Form Processor XE, Absolute Image Gallery XE, Absolute Poll Manager XE, and Absolute Control Panel XE all suffer from cross site scripting and/or SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | b097b8dc49b923f478afb2ab38d9012e47c350bf2a68d830775e86f79407e4cd

Download | Favorite | View

realmcms-multi.txt

Posted Jun 9, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Realm CMS versions 2.3 and below suffer from session management, cross site scripting, and SQL injection vulnerabilities.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | 09310fcdab074a65528ee038f16e846671af23989c2db23dc05d9a35159083b3

Download | Favorite | View

quicksite-multi.txt

Posted Jun 4, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

QuickerSite version 1.8.5 suffers from various site manipulation flaws as well as cross site scripting and SQL injection vulnerabilities. This thing is riddled with holes.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | 58acc7a4491e9f4405f467c26a046525f3d490c89855383f84152e5ed95324dd

Download | Favorite | View

dotnetnuke-xss.txt

Posted May 30, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Dot Net Nuke versions 4.8.3 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 86cd5f32cd7cd1c3674ce7d617eff9c9047049a44b5d05f092d43848ff71e81a

Download | Favorite | View

megabbs-multi.txt

Posted Apr 28, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

MegaBBS Forum version 2.2 suffers from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | 79eeae701d5f9803bf5c9794d8af68df423590af24a4274456d51df28e9dfa57

Download | Favorite | View

acidcat-multi.txt

Posted Apr 21, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Acidcat CMS version 3.4.1 suffers from multiple vulnerabilities including SQL injection, arbitrary upload, and cross site scripting flaws.

tags | exploit, arbitrary, vulnerability, xss, sql injection

SHA-256 | 70cc4c780fa6f9637e4830c96b6152f324e0bc1ce4da670a4128dc20933d34a9

Download | Favorite | View

carboncom-multi.txt

Posted Apr 16, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Carbon Communities Forum versions 2.4 and below suffer from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | ec8b6da167cb0ac04f04778c691d037a9cd993aa0d5833d3b0c4f5594180c62e

Download | Favorite | View

cpcommerce-xsslfi.txt

Posted Apr 14, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

cpCommerce version 1.1.0 suffers from cross site scripting, SQL injection, and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, sql injection, file inclusion

SHA-256 | ceebe4dddeda0754bbe4c5cdc896985269fbc43017245a50b25f1c16efe81316

Download | Favorite | View

mambo-xssxsrf.txt

Posted Jan 28, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Mambo version 4.6.3 suffers from path disclosure, cross site scripting, cross site request forgery, and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, csrf

SHA-256 | 11fd34395ce14c48e3d329b487a2ffb8e5f8d0ce02bab9147296b7bf6926edd3

Download | Favorite | View

candypress-multi.txt

Posted Jan 26, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

CandyPress eCommerce Suite version 4.1.1.26 suffers from multiple vulnerabilities including SQL injection and cross site scripting.

tags | exploit, vulnerability, xss, sql injection

SHA-256 | 6dea4b9ea36e243e8e32cd02a9ba55d515cf86faf74b42b2271eab1726f8e075

Download | Favorite | View

wwrte-traverse.txt

Posted Jan 24, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Web Wiz Rich Text Editor version 4.0 suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion

SHA-256 | 05d91ffd39567b27eddb46e07f2d489261c6d5e6575ed85f4d8799afd486885e

Download | Favorite | View

wwn-traverse.txt

Posted Jan 24, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Web Wiz NewsPad version 1.02 suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion

SHA-256 | 0081a226138d639213391108aa7027b5069ecc4705fbffc07738b7c5a38bbd51

Download | Favorite | View

wwf-traverse.txt

Posted Jan 24, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Web Wiz Forums version 9.07 suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion

SHA-256 | cde46cc496ac4ad5dac5e1978785370ef4fa729d9de4a7cdae9be6700db350cd

Download | Favorite | View

bloofox-multi.txt

Posted Jan 22, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

Bloofox version 0.3 suffers from SQL injection and local file disclosure vulnerabilities.

tags | exploit, local, vulnerability, sql injection

SHA-256 | 4f41aad6f62ca42e8b06f78ff9876b8af115e1dc3f6666ca95df4fb453b27990

Download | Favorite | View

onecms-sql.txt

Posted Jan 7, 2008

Authored by AmnPardaz Security Research Team | Site bugreport.ir

OneCMS version 2.4 suffers from remote SQL injection and upload vulnerabilities.

tags | exploit, remote, vulnerability, sql injection

SHA-256 | 9f14cb0e7fd5be4e114aef1861e9319c5b608f89058c56dfe57dce63d8cc8526

Download | Favorite | View