Exploit the possiblities
Showing 101 - 125 of 4,630 RSS Feed

PHP Files

Alienvault OSSIM/USM 5.3.1 PHP Object Injection
Posted Nov 2, 2016
Authored by Peter Lapp

Alienvault OSSIM/USM versions 5.3.1 and below suffer from a php object injection vulnerability.

tags | exploit, php
advisories | CVE-2016-8580
MD5 | 7a66ece0e3bc3a94254de8614fc0971a
Slackware Security Advisory - php Updates
Posted Nov 1, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
MD5 | 4085332efd2588b982fe398b3b1efd69
InfraPower PPS-02-S Q213V1 Authentication Bypass
Posted Oct 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

InfraPower PPS-02-S Q213V1 suffers from an authentication bypass vulnerability. The device does not properly perform authentication, allowing it to be bypassed through cookie manipulation. The vulnerable function checkLogin() in 'Function.php' checks only if the 'Login' Cookie is empty or not, allowing easy bypass of the user security mechanisms.

tags | exploit, php, bypass
MD5 | 7fb418d4e3f6104e84acc7d747c5bff0
InfraPower PPS-02-S Q213V1 Local File Disclosure
Posted Oct 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

InfraPower PPS-02-S Q213V1 suffers from a file disclosure vulnerability when input passed thru the 'file' parameter to 'ListFile.php' script is not properly verified before being used to read files. This can be exploited to disclose contents of files from local resources.

tags | exploit, local, php
MD5 | 0a98eeb2886891df080bfd8cf5949273
InfraPower PPS-02-S Q213V1 Unauthenticated Remote Root Command Execution
Posted Oct 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

InfraPower PPS-02-S Q213V1 suffers from multiple unauthenticated remote command injection vulnerabilities. The vulnerability exists due to several POST parameters in several scripts not being sanitized when using the exec(), proc_open(), popen() and shell_exec() PHP function while updating the settings on the affected device. This allows the attacker to execute arbitrary system commands as the root user and bypass access controls in place.

tags | exploit, remote, arbitrary, root, php, vulnerability
MD5 | ae2754964c8b89e471b19c617f32b34b
PHP Support Tickets 1.3 SQL Injection
Posted Oct 30, 2016
Authored by N_A

PHP Support Tickets version 1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | d7dfeff41f95e048cf7203ab3a6af28f
PHP Support Tickets 1.3 Local File Inclusion
Posted Oct 30, 2016
Authored by N_A

PHP Support Tickets version 1.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, php, file inclusion
MD5 | c72382b048b49f629ff7f4c3d9f37efa
Debian Security Advisory 3698-1
Posted Oct 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3698-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.

tags | advisory, web, php, vulnerability
systems | linux, debian
MD5 | fadde7639490be1421c4c3c69fde17d9
Event Calendar PHP 1.5 Cross Site Request Forgery
Posted Oct 21, 2016
Authored by Ehsan Hosseini

Event Calendar PHP version 1.5 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf
MD5 | b91ca9cbb22d6e15045266d8731ce70d
Event Calendar PHP 1.5 SQL Injection
Posted Oct 21, 2016
Authored by Ehsan Hosseini

Event Calendar PHP version 1.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 753ac9cb8885aeb3cdb3c2164298e9bc
WordPress Userpro Remote File Upload
Posted Oct 21, 2016
Authored by T3rm!nat0r5 | Site metasploit.com

This Metasploit module exploits an arbitrary PHP code upload in thewordpress Ifileupload plugin, The vulnerability allows for unauthorization file upload and remote code execution.

tags | exploit, remote, arbitrary, php, code execution, file upload
MD5 | e488687e807e8098cbec133d782598c0
PizzaInn Beta 3 specials-exec.php Shell Upload
Posted Oct 20, 2016
Authored by Nassim Asrir

PizzaInn version Beta 3 suffers from a remote shell upload vulnerability in specials-exec.php.

tags | exploit, remote, shell, php
MD5 | 47beba4494e98a05ef73762e61d83e24
PizzaInn Beta 3 message-exec.php Cross Site Request Forgery
Posted Oct 20, 2016
Authored by Nassim Asrir

PizzaInn version Beta 3 suffers from a cross site request forgery vulnerability in message-exec.php.

tags | exploit, php, csrf
MD5 | 493b90b1637b6b46300078224f78e09a
PizzaInn Beta 3 Cross Site Scripting
Posted Oct 20, 2016
Authored by Nassim Asrir

PizzaInn version Beta 3 suffers from a persistent cross site scripting vulnerability in categories-exec.php.

tags | exploit, php, xss
MD5 | b74ceec50c8c833d3688d0b31d4a6342
PizzaInn Beta 3 categories-exec.php Cross Site Request Forgery
Posted Oct 20, 2016
Authored by Nassim Asrir

PizzaInn version Beta 3 suffers from a cross site request forgery vulnerability in categories-exec.php.

tags | exploit, php, csrf
MD5 | 1b2110c975c672a11e7ba8afe4f2b64f
SPIP 3.1.2 Template Compiler / Composer PHP Code Execution
Posted Oct 20, 2016
Authored by Nicolas Chatelain

SPIP versions 3.1.2 and below suffer from a PHP code execution vulnerability.

tags | exploit, php, code execution
advisories | CVE-2016-7998
MD5 | 55991565e09ceb72a42ec7723d003821
Advanced Upload (PHP) Script 1.0.2 SQL Injection
Posted Oct 16, 2016
Authored by N_A

Advanced Upload (PHP) Script version 1.0.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 5799cd16abe1a7220d3e02522cfdc805
Simple Forum PHP 2.4 Cross Site Request Forgery
Posted Oct 14, 2016
Authored by Ehsan Hosseini

Simple Forum PHP version 2.4 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf
MD5 | 348a8f2f3d740d821d6525a1e1b06c55
Simple Forum PHP 2.4 SQL Injection
Posted Oct 14, 2016
Authored by Ehsan Hosseini

Simple Forum PHP version 2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 0c8f36bfef1f552bf65a54beeed6c4e8
Simple Forum PHP 2.4 Cross Site Scripting
Posted Oct 14, 2016
Authored by Ehsan Hosseini

Simple Forum PHP version 2.4 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | 850c0f31b9ac3a5c355e15cec10233de
Simple Blog PHP 2.0 SQL Injection
Posted Oct 13, 2016
Authored by Ehsan Hosseini

Simple Blog PHP version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | a3d925f22175f89144a96a0235314fec
Simple Blog PHP 2.0 Cross Site Request Forgery / Cross Site Scripting
Posted Oct 13, 2016
Authored by Ehsan Hosseini

Simple Blog PHP version 2.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss, csrf
MD5 | e998b49792a643ae9a5ec03a7f107ae3
PHP Press Release Cross Site Scripting
Posted Oct 9, 2016
Authored by Besim

PHP Press Release suffers from a stored cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | 34ee868a3eb66b4d0621d05559415ad4
PHP Press Release Cross Site Request Forgery
Posted Oct 9, 2016
Authored by Besim

PHP Press Release suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf
MD5 | 765e59383685fc28cfcb7be966904013
Simple PHP Blog 0.8.4 Cross Site Scripting
Posted Oct 8, 2016
Authored by indoushka

Simple PHP Blog version 0.8.4 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | 006881540d42294d45ea7a17e8199b4d
Page 5 of 186
Back34567Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close