Websecurity - Веб безпека

В даній добірці експлоіти в веб додатках:

• Saphplesson 4.3 Remote Blind SQL Injection Exploit (деталі)
• MicroCMS 3.5 (SQL/LFI) Multiple Remote Vulnerabilities (деталі)
• Joomla Component com_jlord_rss (id) Blind SQL Injection Exploit (деталі)
• Joomla com_foobla_suggestions (idea_id) SQL Injection Vulnerability (деталі)
• AdsDX 3.05 (Auth Bypass) Remote SQL Injection Vulnerability (деталі)
• NaviCOPA Web Server 3.01 Remote Source Code Disclosure Vulnerability (деталі)
• phpPollScript <= 1.3 (include_class) Remote File Inclusion Vulnerability (деталі)
• Elite Gaming Ladders 3.2 (platform) SQL Injection Vulnerability (деталі)
• Joomla Component com_album 1.14 Directory Traversal Vulnerability (деталі)
• ProFTPd with mod_mysql Authentication Bypass Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• PHP Pro Bid Remote Blind SQL Injection Exploit (деталі)
• BigAnt Server 2.50 GET Request Remote BOF Exploit (SEH) 0day (деталі)
• BRS Webweaver 1.33 /Scripts Access Restriction Bypass Vulnerability (деталі)
• HotWeb Rentals (details.asp PropId) Blind SQL Injection Vuln (деталі)
• Three Pillars Help Desk v3 (Auth Bypass) SQL Injection Vulnerability (деталі)
• iBoutique.MALL 1.2 (cat) Remote Blind SQL Injection Vulnerability (деталі)
• BigAnt Server 2.50 GET Request Remote BOF Exploit (SEH) Universal (деталі)
• NetAccess IP3 (ping option) Command Injection Vulnerability (auth) (деталі)
• Joomla Component com_djcatalog SQL/bSQL Injection Vulnerabilities (деталі)
• CVE-2009-1979 PoC. Working at least on Oracle 10.2.0.4 win32 (деталі)

В даній добірці експлоіти в веб додатках:

• Kolibri+ Webserver 2 (GET Request) Remote SEH Overwrite Exploit (деталі)
• Kolibri+ Webserver 2 Directory Traversal Vulnerability (деталі)
• FtpXQ FTP Server 3.0 Remote Denial of Service Exploit (auth) (деталі)
• Techlogica HTTP Server 1.03 Arbitrary File Disclosure Exploit (деталі)
• Neufbox NB4-R1.5.10-MAIN Persistent XSS Vulnerability (деталі)
• httpdx Web Server 1.4 (Host Header) Remote Format String DoS Exploit (деталі)
• Aurora CMS 1.0.2 (install.plugin.php) Remote File Inclusion Vulnerability (деталі)
• Bs Counter 2.5.3 (page) Remote SQL Injection Vulnerability (деталі)
• Cerberus FTP Server 3.0.3 Remote Denial of Service Exploit (деталі)
• Apple Safari IPhone (using tel:) Remote Crash Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• MYRE Holiday Rental Manager (action) SQL Injection Vulnerability (деталі)
• Gyro 5.0 (SQL/XSS) Multiple Remote Vulnerabilities (деталі)
• Image voting 1.0 (index.php show) SQL Injection Vulnerability (деталі)
• Kolibri+ Webserver 2 Remote Source Code Disclosure Vulnerability (деталі)
• Kolibri+ Web Server 2 Remote Arbitrary Source Code Disclosure #2 (деталі)
• Xerver HTTP Server 4.32 Arbitrary Source Code Disclosure Vuln (деталі)
• Joomla Hotel Booking System XSS/SQL Injection Multiple Vulnerabilities (деталі)
• PHP-IPNMonitor (maincat_id) Remote SQL Injection Vulnerability (деталі)
• Siemens Gigaset SE361 WLAN Remote Reboot Exploit (деталі)
• Simple PHP Blog <= 0.5.1 Local File Include Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• WarFTPd 1.82.00-RC12 (LIST command) Format String DoS Exploit (деталі)
• Kolibri+ Webserver 2 (Get Request) Denial of Service Vulnerability (деталі)
• T-HTB Manager 0.5 Multiple Blind SQL Injection Vulnerabilities (деталі)
• An image gallery 1.0 (navigation.php) Local Directory Traversal Vuln (деталі)
• Drunken:Golem Gaming Portal (admin_news_bot.php) RFI Vulnerability (деталі)
• Adult Portal escort listing (user_id) Remote SQL Injection Vulnerability (деталі)
• Bus Script (sitetext_id) Remote SQL Injection Vulnerability (деталі)
• Accommodation Hotel Booking Portal (hotel_id) SQL Injection Vuln (деталі)
• iDesk (download.php cat_id) Remote SQL Injection Vulnerability (деталі)
• OpenSSH CRC compensation attack detection DoS PoC (деталі)

В даній добірці експлоіти в веб додатках:

• Joomla Component com_joomloc (id) SQL Injection Vulnerability (деталі)
• Model Agency Manager Pro (user_id) SQL Injection Vulnerability (деталі)
• Joomla Component TPDugg 1.1 Blind SQL Injection Exploit (деталі)
• Joomla Component BF Survey Pro Free SQL Injection Exploit (деталі)
• OBOphiX <= 2.7.0 (fonctions_racine.php) Remote File Inclusion Vuln (деталі)
• The Rat CMS Alpha 2 Arbitrary File Upload Vulnerability (деталі)
• Graffiti CMS 1.x Arbitrary File Upload Vulnerability (деталі)
• Nullam Blog 0.1.2 (LFI/FD/SQL/XSS) Multiple Remote Vulnerabilities (деталі)
• Advanced Comment System 1.0 Multiple RFI Vulnerabilities (деталі)
• Linksys WRT54GC - Administration Password Change exploit (деталі)

В даній добірці експлоіти в веб додатках:

• PHP Live! 3.3 (deptid) Remote SQL Injection Vulnerability (деталі)
• PHPope <= 1.0.0 Multiple Remote File Inclusion Vulnerabilities (деталі)
• FreeSchool <= 1.1.0 Multiple Remote File Inclusion Vulnerabilities (деталі)
• Ticket Support Script (ticket.php) Remote Shell Upload Vulnerability (деталі)
• Zeroboard 4.1 pl7 now_connect() Remote Code Execution Exploit (деталі)
• Mambo Component com_zoom (catid) Blind SQL Injection Vulnerability (деталі)
• Joomla Compenent com_joomlub (aid) SQL Injection Vulnerability (деталі)
• Ipswitch WS_FTP 12 Professional Remote Format String PoC (деталі)
• Safari 3.2.3 (Win32) JavaScript (eval) Remote DoS Exploit (деталі)
• Agoko CMS <= 0.4 Remote Command Execution Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Joomla Component com_artportal 1.0 (portalid) SQL Injection Vulns (деталі)
• JSFTemplating, Mojarra Scales, GlassFish File Disclosure Vulnerabilities (деталі)
• Kingcms 0.6.0 (menu.php) Remote File Inclusion Vulnerability (деталі)
• Xstate Real Estate 1.0 (bSQL/XSS) Multiples Vulnerabilities (деталі)
• Ve-EDIT 0.1.4 (debug_php.php) Local File Inclusion Vulnerability (деталі)
• phpBB3 addon prime_quick_style GetAdmin Vulnerability (деталі)
• Ve-EDIT 0.1.4 (highlighter) Remote File Inclusion Vulnerability (деталі)
• Discuz! Plugin JiangHu <= 1.1 (id) SQL Injection Vulnerability (деталі)
• DataLife Engine 8.2 dle_config_api Remote File Inclusion Vulnerability (деталі)
• Joomla Component com_gameserver 1.0 (id) SQL Injection Vulnerability (деталі)

В даній добірці експлоіти в веб додатках:

• SolarWinds TFTP Server <=9.2.0.111 Remote DoS Exploit (деталі)
• Modern Script <= 5.0 (index.php s) SQL Injection Vulnerability (деталі)
• Apple iPhone 2.2.1/3.x (MobileSafari) Crash & Reboot Exploit (loop) (деталі)
• BandCMS 0.10 news.php Multiple SQL Injection Vulnerabilities (деталі)
• Re-Script v.0.99 Beta ( listings.php op ) SQL Injection Vulnerability (деталі)
• Basic PHP Events Lister 2 Reset Admin Pass/Add Admin Vulns (деталі)
• SEO-CMS 1.3 (body.php) Remote File Inclusion Vulnerability (деталі)
• osCommerce Online Merchant 2.2 RC2a Code Execution Exploit (деталі)
• Mybuxscript PTC-BUX (spnews.php) SQL Injection Vulnerability (деталі)
• Joomla Component Agora 3.0.0b (com_agora) LFI Vulnerability (деталі)

В даній добірці експлоіти в веб додатках:

• allomani 2007 (cat) Remote SQL Injection Vulnerability (деталі)
• PAD Site Scripts 3.6 (list.php string) SQL Injection Vulnerability (деталі)
• Open Auto Classifieds <= 1.5.9 Multiple Remote Vulnerabilities (деталі)
• Discuz! Plugin Crazy Star <= 2.0 (fmid) SQL Injection Vulnerability (деталі)
• TFTPUtil GUI 1.3.0 Remote Denial of Service Exploit (деталі)
• Simple CMS FrameWork <= 1.0 (page) Remote SQL Injection Vuln (деталі)
• Joomla Component com_digifolio 1.52 (id) SQL Injection Vulnerability (деталі)
• Uiga Church Portal (year) Remote SQL Injection Vulnerability (деталі)
• Silurus Classifieds System (category.php) SQL Injection Vulnerability (деталі)
• MailEnable 1.52 HTTP Mail Service Stack BOF Exploit PoC (деталі)