Email address | private |
---|---|
First Active | 2008-08-04 |
Last Active | 2014-04-28 |
TRENDnet TEW-634GRU version 1.00.23 suffers from local file disclosure, router crash, and privilege escalation vulnerabilities.
38342dcf82a4e158add2c032f5e76a186438778accbb57fe5bb4c316489090c3
Whitepaper called How to find RCE in scripts. This write up provides various examples and discusses remote command execution methods used against poorly written PHP code.
2f2fde57f7982151153355aa3ee97d4515c9dd2fff3b9dada9ae0554cc3a4ea6
Whitepaper called Finding Vulnerabilities in PHP Scripts. This write up comes filled with a large amount of useful examples and even provides fix information.
b66897db584121d2691f15a502d48781c34e1c4bea1a3fe041b00097b17c8307
Spider Solitaire local crash proof of concept exploit for Windows XP SP2.
39456be0748817e71f86b0bfe87df870a909b478cf76b80d9b9afc5f2a7098e8
This whitepaper discusses getting a shell via local file inclusion using the proc/self/environ method.
f44a0909a494a885dd582da411b77ae0a025e7893da8bff98c4c86167b3fbfa5
OpenNews version 1.0 suffers from SQL injection and command execution vulnerabilities.
69928830aa3899fc302a0071d63fd2b94c20bc604a0fd1bb2b1f14fb8feae246
Tenrok 1.1.0 suffers from user data disclosure and code execution vulnerabilities.
7e51a157e94d6439e5157995b13c053167b195c5361965acd7e9d32fc3374352
MyBackup version 1.4.0 suffers from arbitrary file download and remote file inclusion vulnerabilities.
a55e9a42de148023310b7ea1c51605989da24b351e36e6a375ec56b4fe578176
MOC Designs PHP News version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
ee203fe594f8184231861089b147b22f917e8f66ed4fd3f25ac7f5ef936f7137
QuickDev 4 Php suffers from an arbitrary file download vulnerability.
e789782ebde2ff8de115a8e35fb39d582a33e228745a0685ea482d4c087ed87d
TT Web Site Manager version 0.5 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
396ff35c3acfd88874ef434e487e3ad9bc2447c1ff697e13e0c6604e3bd936b2
SimpleLoginSys version 0.5 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
51b141b6de906f4d9df91e6aecc0541439074c1818acbbd374bf0c5e760f245b
simplePHPWeb version 0.2 suffers from an authentication bypass vulnerability.
95d63a144350cb30e8bddb18d7221533dce764dbf873ec4b5bcb6588f65acc30
NetpetCMS version 1.9 suffers from a local file inclusion vulnerability in confirm.php.
1bf6c25676c03f0096da3c9285d604968114c14f8e7fe2750a0b057f1838ef2a
aa33code version 0.0.1 suffers from local file inclusion, authentication bypass, and database disclosure vulnerabilities.
75cd5557576132d188e5f6ee9fd55c5b2ef11d485fd94e84b4577a8094780956
PortalXP Teacher Edition version 1.2 suffers from multiple remote SQL injection vulnerabilities.
24efd0c4ad711570ef7c7ea9c0a65e35d607b6ded6d6b9ce4e1f4b25dd7043e3
justVisual version 1.2 suffers from remote file inclusion vulnerabilities.
4d6dfa52bef23dd0e53f3651a88582224795a80d1f2bf624d5641d14f7592a2c
Orbis CMS version 1.0 suffers from shell upload, arbitrary file manipulation, and SQL injection vulnerabilities.
0cb2d663a28c552bb8da632a55f3f0dd9c6293923f0834cc3b844cbf79c144b6
dit.cms version 1.3 suffers from local file inclusion vulnerabilities.
18aeb8a97b3ad31bcc942057b6cff31ab105786046255d1227f97a5ecf65c787
CMSphp version 0.21 suffers from local file inclusion and cross site scripting vulnerabilities.
552966ff3ce0aa95239b5a451a5fedede10afff1f94263b5bd50f17be95e8fef
d.net CMS suffers from local file inclusion and SQL injection vulnerabilities.
c853e79021893da59d1ead78cf217a2250b13d35e4a712f6e4b2508ecd695f69
Really Simple CMS version 0.3a suffers from a local file inclusion vulnerability.
31391c79b2884566fa7878620e165c8c61d3b93ffe8f0f1dd809cdf4fc031cdf
MUJE CMS version 1.0.4.34 suffers from local file inclusion vulnerabilities.
c0d45a2fdef1349be6360333b3ed8a3aeccba69c3ae99a448956cf60aeb5cb93
PaoLiber version 1.1 suffers from an authentication bypass vulnerability.
3e75ad6cf1570cfe4de68444472d9da08ee883e7b42ed874fc8e29ad75faaff8
PaoBacheca Guestbook version 2.1 suffers from an authentication bypass vulnerability.
0a63ae742abf026093faa45bcd32838b2d59e7876baef5dab44a1991b601cfd7