Websecurity - Веб безпека

В даній добірці експлоіти в веб додатках:

• Kolibri+ Webserver 2 (GET Request) Remote SEH Overwrite Exploit (деталі)
• Kolibri+ Webserver 2 Directory Traversal Vulnerability (деталі)
• FtpXQ FTP Server 3.0 Remote Denial of Service Exploit (auth) (деталі)
• Techlogica HTTP Server 1.03 Arbitrary File Disclosure Exploit (деталі)
• Neufbox NB4-R1.5.10-MAIN Persistent XSS Vulnerability (деталі)
• httpdx Web Server 1.4 (Host Header) Remote Format String DoS Exploit (деталі)
• Aurora CMS 1.0.2 (install.plugin.php) Remote File Inclusion Vulnerability (деталі)
• Bs Counter 2.5.3 (page) Remote SQL Injection Vulnerability (деталі)
• Cerberus FTP Server 3.0.3 Remote Denial of Service Exploit (деталі)
• Apple Safari IPhone (using tel:) Remote Crash Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• MYRE Holiday Rental Manager (action) SQL Injection Vulnerability (деталі)
• Gyro 5.0 (SQL/XSS) Multiple Remote Vulnerabilities (деталі)
• Image voting 1.0 (index.php show) SQL Injection Vulnerability (деталі)
• Kolibri+ Webserver 2 Remote Source Code Disclosure Vulnerability (деталі)
• Kolibri+ Web Server 2 Remote Arbitrary Source Code Disclosure #2 (деталі)
• Xerver HTTP Server 4.32 Arbitrary Source Code Disclosure Vuln (деталі)
• Joomla Hotel Booking System XSS/SQL Injection Multiple Vulnerabilities (деталі)
• PHP-IPNMonitor (maincat_id) Remote SQL Injection Vulnerability (деталі)
• Siemens Gigaset SE361 WLAN Remote Reboot Exploit (деталі)
• Simple PHP Blog <= 0.5.1 Local File Include Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• WarFTPd 1.82.00-RC12 (LIST command) Format String DoS Exploit (деталі)
• Kolibri+ Webserver 2 (Get Request) Denial of Service Vulnerability (деталі)
• T-HTB Manager 0.5 Multiple Blind SQL Injection Vulnerabilities (деталі)
• An image gallery 1.0 (navigation.php) Local Directory Traversal Vuln (деталі)
• Drunken:Golem Gaming Portal (admin_news_bot.php) RFI Vulnerability (деталі)
• Adult Portal escort listing (user_id) Remote SQL Injection Vulnerability (деталі)
• Bus Script (sitetext_id) Remote SQL Injection Vulnerability (деталі)
• Accommodation Hotel Booking Portal (hotel_id) SQL Injection Vuln (деталі)
• iDesk (download.php cat_id) Remote SQL Injection Vulnerability (деталі)
• OpenSSH CRC compensation attack detection DoS PoC (деталі)

В даній добірці експлоіти в веб додатках:

• Joomla Component com_joomloc (id) SQL Injection Vulnerability (деталі)
• Model Agency Manager Pro (user_id) SQL Injection Vulnerability (деталі)
• Joomla Component TPDugg 1.1 Blind SQL Injection Exploit (деталі)
• Joomla Component BF Survey Pro Free SQL Injection Exploit (деталі)
• OBOphiX <= 2.7.0 (fonctions_racine.php) Remote File Inclusion Vuln (деталі)
• The Rat CMS Alpha 2 Arbitrary File Upload Vulnerability (деталі)
• Graffiti CMS 1.x Arbitrary File Upload Vulnerability (деталі)
• Nullam Blog 0.1.2 (LFI/FD/SQL/XSS) Multiple Remote Vulnerabilities (деталі)
• Advanced Comment System 1.0 Multiple RFI Vulnerabilities (деталі)
• Linksys WRT54GC - Administration Password Change exploit (деталі)

В даній добірці експлоіти в веб додатках:

• PHP Live! 3.3 (deptid) Remote SQL Injection Vulnerability (деталі)
• PHPope <= 1.0.0 Multiple Remote File Inclusion Vulnerabilities (деталі)
• FreeSchool <= 1.1.0 Multiple Remote File Inclusion Vulnerabilities (деталі)
• Ticket Support Script (ticket.php) Remote Shell Upload Vulnerability (деталі)
• Zeroboard 4.1 pl7 now_connect() Remote Code Execution Exploit (деталі)
• Mambo Component com_zoom (catid) Blind SQL Injection Vulnerability (деталі)
• Joomla Compenent com_joomlub (aid) SQL Injection Vulnerability (деталі)
• Ipswitch WS_FTP 12 Professional Remote Format String PoC (деталі)
• Safari 3.2.3 (Win32) JavaScript (eval) Remote DoS Exploit (деталі)
• Agoko CMS <= 0.4 Remote Command Execution Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Joomla Component com_artportal 1.0 (portalid) SQL Injection Vulns (деталі)
• JSFTemplating, Mojarra Scales, GlassFish File Disclosure Vulnerabilities (деталі)
• Kingcms 0.6.0 (menu.php) Remote File Inclusion Vulnerability (деталі)
• Xstate Real Estate 1.0 (bSQL/XSS) Multiples Vulnerabilities (деталі)
• Ve-EDIT 0.1.4 (debug_php.php) Local File Inclusion Vulnerability (деталі)
• phpBB3 addon prime_quick_style GetAdmin Vulnerability (деталі)
• Ve-EDIT 0.1.4 (highlighter) Remote File Inclusion Vulnerability (деталі)
• Discuz! Plugin JiangHu <= 1.1 (id) SQL Injection Vulnerability (деталі)
• DataLife Engine 8.2 dle_config_api Remote File Inclusion Vulnerability (деталі)
• Joomla Component com_gameserver 1.0 (id) SQL Injection Vulnerability (деталі)

В даній добірці експлоіти в веб додатках:

• SolarWinds TFTP Server <=9.2.0.111 Remote DoS Exploit (деталі)
• Modern Script <= 5.0 (index.php s) SQL Injection Vulnerability (деталі)
• Apple iPhone 2.2.1/3.x (MobileSafari) Crash & Reboot Exploit (loop) (деталі)
• BandCMS 0.10 news.php Multiple SQL Injection Vulnerabilities (деталі)
• Re-Script v.0.99 Beta ( listings.php op ) SQL Injection Vulnerability (деталі)
• Basic PHP Events Lister 2 Reset Admin Pass/Add Admin Vulns (деталі)
• SEO-CMS 1.3 (body.php) Remote File Inclusion Vulnerability (деталі)
• osCommerce Online Merchant 2.2 RC2a Code Execution Exploit (деталі)
• Mybuxscript PTC-BUX (spnews.php) SQL Injection Vulnerability (деталі)
• Joomla Component Agora 3.0.0b (com_agora) LFI Vulnerability (деталі)

В даній добірці експлоіти в веб додатках:

• allomani 2007 (cat) Remote SQL Injection Vulnerability (деталі)
• PAD Site Scripts 3.6 (list.php string) SQL Injection Vulnerability (деталі)
• Open Auto Classifieds <= 1.5.9 Multiple Remote Vulnerabilities (деталі)
• Discuz! Plugin Crazy Star <= 2.0 (fmid) SQL Injection Vulnerability (деталі)
• TFTPUtil GUI 1.3.0 Remote Denial of Service Exploit (деталі)
• Simple CMS FrameWork <= 1.0 (page) Remote SQL Injection Vuln (деталі)
• Joomla Component com_digifolio 1.52 (id) SQL Injection Vulnerability (деталі)
• Uiga Church Portal (year) Remote SQL Injection Vulnerability (деталі)
• Silurus Classifieds System (category.php) SQL Injection Vulnerability (деталі)
• MailEnable 1.52 HTTP Mail Service Stack BOF Exploit PoC (деталі)

В даній добірці експлоіти в веб додатках:

• New5starRating 1.0 (rating.php) SQL Injection Vulnerability (деталі)
• Netgear WNR2000 FW 1.2.0.8 Information Disclsoure Vulnerabilities (деталі)
• Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (meta) (деталі)
• TCPDB 3.8 Remote Content Change Bypass Vulnerabilities (деталі)
• Turnkey Arcade Script (id) Remote SQL Injection Vulnerability (деталі)
• Joomla Component com_siirler 1.2 (sid) SQL Injection Vulnerability (деталі)
• ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (meta) (деталі)
• EMO Breader Manager (video.php movie) SQL Injection Vulnerability (деталі)
• Moa Gallery <= 1.2.0 Multiple Remote File Inclusion Vulnerabilities (деталі)
• phpSANE 0.5.0 (save.php) Remote File Inclusion Vulnerability (деталі)

В даній добірці експлоіти в веб додатках:

• Moa Gallery 1.1.0 (gallery_id) Remote SQL Injection Vulnerability (деталі)
• Lanai Core 0.6 Remote File Disclosure / Info Disclosure Vulns (деталі)
• Cuteflow 2.10.3 edituser.php Security Bypass Vulnerability (деталі)
• PHP Dir Submit (aid) Remote SQL Injection Vulnerability (деталі)
• Arcade Trade Script 1.0b (Auth Bypass) Insecure Cookie Handling Vuln (деталі)
• Geeklog <= 1.6.0sr1 Remote Arbitrary File Upload Vulnerability (деталі)
• Joomla Component com_jtips 1.0.x (season) bSQL Injection Vuln (деталі)
• Huawei SmartAX MT880 Multiple XSRF Vulnerabilities (деталі)
• Joomla Component com_ninjamonial 1.x (testimID) SQL injection Vuln (деталі)
• NaviCopa Web Server 3.01 Remote Buffer Overflow Exploit (деталі)