Websecurity - Веб безпека

В даній добірці експлоіти в веб додатках:

• Joomla Component com_joomloc (id) SQL Injection Vulnerability (деталі)
• Model Agency Manager Pro (user_id) SQL Injection Vulnerability (деталі)
• Joomla Component TPDugg 1.1 Blind SQL Injection Exploit (деталі)
• Joomla Component BF Survey Pro Free SQL Injection Exploit (деталі)
• OBOphiX <= 2.7.0 (fonctions_racine.php) Remote File Inclusion Vuln (деталі)
• The Rat CMS Alpha 2 Arbitrary File Upload Vulnerability (деталі)
• Graffiti CMS 1.x Arbitrary File Upload Vulnerability (деталі)
• Nullam Blog 0.1.2 (LFI/FD/SQL/XSS) Multiple Remote Vulnerabilities (деталі)
• Advanced Comment System 1.0 Multiple RFI Vulnerabilities (деталі)
• Linksys WRT54GC - Administration Password Change exploit (деталі)

В даній добірці експлоіти в веб додатках:

• PHP Live! 3.3 (deptid) Remote SQL Injection Vulnerability (деталі)
• PHPope <= 1.0.0 Multiple Remote File Inclusion Vulnerabilities (деталі)
• FreeSchool <= 1.1.0 Multiple Remote File Inclusion Vulnerabilities (деталі)
• Ticket Support Script (ticket.php) Remote Shell Upload Vulnerability (деталі)
• Zeroboard 4.1 pl7 now_connect() Remote Code Execution Exploit (деталі)
• Mambo Component com_zoom (catid) Blind SQL Injection Vulnerability (деталі)
• Joomla Compenent com_joomlub (aid) SQL Injection Vulnerability (деталі)
• Ipswitch WS_FTP 12 Professional Remote Format String PoC (деталі)
• Safari 3.2.3 (Win32) JavaScript (eval) Remote DoS Exploit (деталі)
• Agoko CMS <= 0.4 Remote Command Execution Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Joomla Component com_artportal 1.0 (portalid) SQL Injection Vulns (деталі)
• JSFTemplating, Mojarra Scales, GlassFish File Disclosure Vulnerabilities (деталі)
• Kingcms 0.6.0 (menu.php) Remote File Inclusion Vulnerability (деталі)
• Xstate Real Estate 1.0 (bSQL/XSS) Multiples Vulnerabilities (деталі)
• Ve-EDIT 0.1.4 (debug_php.php) Local File Inclusion Vulnerability (деталі)
• phpBB3 addon prime_quick_style GetAdmin Vulnerability (деталі)
• Ve-EDIT 0.1.4 (highlighter) Remote File Inclusion Vulnerability (деталі)
• Discuz! Plugin JiangHu <= 1.1 (id) SQL Injection Vulnerability (деталі)
• DataLife Engine 8.2 dle_config_api Remote File Inclusion Vulnerability (деталі)
• Joomla Component com_gameserver 1.0 (id) SQL Injection Vulnerability (деталі)

В даній добірці експлоіти в веб додатках:

• SolarWinds TFTP Server <=9.2.0.111 Remote DoS Exploit (деталі)
• Modern Script <= 5.0 (index.php s) SQL Injection Vulnerability (деталі)
• Apple iPhone 2.2.1/3.x (MobileSafari) Crash & Reboot Exploit (loop) (деталі)
• BandCMS 0.10 news.php Multiple SQL Injection Vulnerabilities (деталі)
• Re-Script v.0.99 Beta ( listings.php op ) SQL Injection Vulnerability (деталі)
• Basic PHP Events Lister 2 Reset Admin Pass/Add Admin Vulns (деталі)
• SEO-CMS 1.3 (body.php) Remote File Inclusion Vulnerability (деталі)
• osCommerce Online Merchant 2.2 RC2a Code Execution Exploit (деталі)
• Mybuxscript PTC-BUX (spnews.php) SQL Injection Vulnerability (деталі)
• Joomla Component Agora 3.0.0b (com_agora) LFI Vulnerability (деталі)

В даній добірці експлоіти в веб додатках:

• allomani 2007 (cat) Remote SQL Injection Vulnerability (деталі)
• PAD Site Scripts 3.6 (list.php string) SQL Injection Vulnerability (деталі)
• Open Auto Classifieds <= 1.5.9 Multiple Remote Vulnerabilities (деталі)
• Discuz! Plugin Crazy Star <= 2.0 (fmid) SQL Injection Vulnerability (деталі)
• TFTPUtil GUI 1.3.0 Remote Denial of Service Exploit (деталі)
• Simple CMS FrameWork <= 1.0 (page) Remote SQL Injection Vuln (деталі)
• Joomla Component com_digifolio 1.52 (id) SQL Injection Vulnerability (деталі)
• Uiga Church Portal (year) Remote SQL Injection Vulnerability (деталі)
• Silurus Classifieds System (category.php) SQL Injection Vulnerability (деталі)
• MailEnable 1.52 HTTP Mail Service Stack BOF Exploit PoC (деталі)

В даній добірці експлоіти в веб додатках:

• New5starRating 1.0 (rating.php) SQL Injection Vulnerability (деталі)
• Netgear WNR2000 FW 1.2.0.8 Information Disclsoure Vulnerabilities (деталі)
• Cerberus FTP 3.0.1 (ALLO) Remote Overflow DoS Exploit (meta) (деталі)
• TCPDB 3.8 Remote Content Change Bypass Vulnerabilities (деталі)
• Turnkey Arcade Script (id) Remote SQL Injection Vulnerability (деталі)
• Joomla Component com_siirler 1.2 (sid) SQL Injection Vulnerability (деталі)
• ProFTP 2.9 (welcome message) Remote Buffer Overflow Exploit (meta) (деталі)
• EMO Breader Manager (video.php movie) SQL Injection Vulnerability (деталі)
• Moa Gallery <= 1.2.0 Multiple Remote File Inclusion Vulnerabilities (деталі)
• phpSANE 0.5.0 (save.php) Remote File Inclusion Vulnerability (деталі)

В даній добірці експлоіти в веб додатках:

• Moa Gallery 1.1.0 (gallery_id) Remote SQL Injection Vulnerability (деталі)
• Lanai Core 0.6 Remote File Disclosure / Info Disclosure Vulns (деталі)
• Cuteflow 2.10.3 edituser.php Security Bypass Vulnerability (деталі)
• PHP Dir Submit (aid) Remote SQL Injection Vulnerability (деталі)
• Arcade Trade Script 1.0b (Auth Bypass) Insecure Cookie Handling Vuln (деталі)
• Geeklog <= 1.6.0sr1 Remote Arbitrary File Upload Vulnerability (деталі)
• Joomla Component com_jtips 1.0.x (season) bSQL Injection Vuln (деталі)
• Huawei SmartAX MT880 Multiple XSRF Vulnerabilities (деталі)
• Joomla Component com_ninjamonial 1.x (testimID) SQL injection Vuln (деталі)
• NaviCopa Web Server 3.01 Remote Buffer Overflow Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• ZTE ZXDSL 831 II Modem Arbitrary Configuration Access Vulnerability (деталі)
• Best Dating Script Arbitrary Shell Upload Vulnerability (деталі)
• CBAuthority - ClickBank Affiliate Management SQL Injection Vulnerability (деталі)
• PHP Email Manager (remove.php ID) SQL Injection Vulnerability (деталі)
• Ultimate Fade-in slideshow 1.51 Shell Upload Vulnerability (деталі)
• ProSysInfo TFTP Server TFTPDWIN 0.4.2 Remote BOF Exploit (деталі)
• phpfreeBB 1.0 Remote BLIND SQL Injection Vulnerability (деталі)
• asaher pro 1.0.4 Remote Database Backup Vulnerability (деталі)
• Ed Charkow’s Supercharged Linking Blind SQL Injection Exploit (деталі)
• RunCms v.2M1 /modules/forum/post.php - ‘forum’ remote semi-blind SQL Injection Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Adobe JRun 4 (logfile) Directory Traversal Vulnerability (auth) (деталі)
• Joomla Component MisterEstate Blind SQL Injection Exploit (деталі)
• Infinity <= 2.x.x options[style_dir] Local File Disclosure Vulnerability (деталі)
• E Cms <= 1.0 (index.php s) Remote SQL Injection Vulnerability (деталі)
• Autonomous LAN party <= 0.98.3 Remote File Inclusion Vulnerability (деталі)
• 2WIRE Gateway (Auth Bypass & Password Reset) Vulnerabilities #2 (деталі)
• ZTE ZXDSL 831 II Modem Arbitrary Add Admin User Vulnerability (деталі)
• Safari 4.0.2 (WebKit Parsing of Floating Point Numbers) BOF PoC (деталі)
• Traidnt UP 2.0 Remote SQL Injection Exploit (деталі)
• KDE Konqueror 4.1.3 ‘iframe src’ Memory Leak Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Gazelle CMS 1.0 Remote Arbitrary Shell Upload Vulnerability (деталі)
• THOMSON ST585 (user.ini) Arbitrary Download Vulnerability (деталі)
• MyWeight 1.0 Remote Shell Upload Vulnerability (деталі)
• DS CMS 1.0 (nFileId) Remote SQL Injection Vulnerability (деталі)
• PHP Competition System <= 0.84 (competition) SQL Injection Vuln (деталі)
• Ignition 1.2 (comment) Remote Code Injection Vulnerability (деталі)
• AJ Auction Pro OOPD 2.x (store.php id) SQL Injection Exploit (деталі)
• BaBB 2.8 Remote Code Injection Exploit (деталі)
• PHP-Lance 1.52 Multiple Local File Inclusion Vulnerabilities (деталі)
• KDE Konqueror 4.1.3 ‘link href’ Memory Leak Exploit (деталі)