Websecurity - Веб безпека

В даній добірці експлоіти в веб додатках:

• OCS Inventory NG 1.2.1 (systemid) SQL Injection Vulnerability (деталі)
• Joomla Component idoblog 1.1b30 (com_idoblog) SQL Injection Vuln (деталі)
• 2WIRE Gateway Authentication Bypass & Password Reset Vulnerabilities (деталі)
• Gallarific 1.1 (gallery.php) Arbitrary Delete/Edit Category Vuln (деталі)
• Shorty 0.7.1b (Auth Bypass) Insecure Cookie Handling Vulnerability (деталі)
• Gazelle CMS 1.0 Multiple Vulnerabilities / RCE Exploit (деталі)
• Plume CMS 1.2.3 Multiple SQL Injection Vulnerabilities (деталі)
• JBLOG 1.5.1 Remote SQL Table Backup Exploit (деталі)
• EmbedThis Appweb v3.0B.2-4 Multiple Remote Buffer Overflow PoC (деталі)
• TGS CMS 0.x (XSS/SQL/FD) Multiple Remote Vulnerabilities (деталі)

В даній добірці експлоіти в веб додатках:

• Facil Helpdesk (RFI/LFI/XSS) Multiples Remote Vulnerabilities (деталі)
• PHPCityPortal (Auth Bypass) Remote SQL Injection Vulnerability (деталі)
• Arab Portal 2.2 (Auth Bypass) Blind SQL Injection Exploit (деталі)
• SmilieScript <= 1.0 (Auth Bypass) SQL Injection Vulnerability (деталі)
• Joomla Component Kunena Forums (com_kunena) bSQL Injection Exploit (деталі)
• CMS Made Simple <= 1.6.2 Local File Disclosure Vulnerability (деталі)
• Mini-CMS 1.0.1 (page.php id) SQL Injection Vulnerability (деталі)
• Papoo CMS 3.7.3 Authenticated Arbitrary Code Execution Vulnerability (деталі)
• Embedthis Appweb 3.0b.2-4 Remote Buffer Overflow PoC (деталі)
• Neostrada Livebox Remote Network Down Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Banner Exchange Script 1.0 (targetid) Blind SQL Injection Vuln (деталі)
• PHotoLa Gallery <= 1.0 (Auth Bypass) SQL Injection Vulnerability (деталі)
• Alwasel 1.5 Multiple Remote SQL Injection Vulnerabilities (деталі)
• PhotoPost PHP 3.3.1 (XSS/bSQL) Multiple Remote Vulnerabilities (деталі)
• Spiceworks 3.6 Accept Parameter Overflow Crash Exploit (деталі)
• Logoshows BBS 2.0 (DD/ICH) Multiple Remote Vulnerabilities (деталі)
• Logoshows BBS 2.0 (Auth Bypass) SQL Injection Vulnerability (деталі)
• Joomla Component com_pms 2.0.4 (Ignore-List) SQL Injection Exploit (деталі)
• IsolSoft Support Center 2.5 (RFI/LFI/XSS) Multiples Vulnerabilities (деталі)
• PoC exploit for the TLS renegotiation vulnerability (деталі)

В даній добірці експлоіти в веб додатках:

• Tenrok 1.1.0 (UDD/RCE) Multiple Remote Vulnerabilities (деталі)
• Portel v2008 (decide.php patron) Blind SQL Injection Vulnerability (деталі)
• OpenNews 1.0 (SQLI/RCE) Multiple Remote Vulnerabilities (деталі)
• AccessoriesMe PHP Affiliate Script 1.4 (bSQL-XSS) Multiple Vulns (деталі)
• LM Starmail 2.0 (SQL Injection/File Inclusion) Multiple Vulnerabilities (деталі)
• TYPO3 CMS 4.0 (showUid) Remote SQL Injection Vulnerability (деталі)
• PHP Script Forum Hoster (Topic Delete/XSS) Multiple Vulnerabilities (деталі)
• Typing Pal <= 1.0 (idTableProduit) SQL Injection Vulnerability (деталі)
• Logoshows BBS 2.0 (forumid) Remote SQL Injection Vulnerability (деталі)
• Novell Netware 6.5 (ICEbrowser) Remote System Denial of Service Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Blink Blog System (Auth Bypass) SQL Injection Vulnerability (деталі)
• Payment Processor Script (shop.htm cid) SQL Injection Vulnerability (деталі)
• elgg <= 1.5 (/_css/js.php) Local File Inclusion Vulnerability (деталі)
• MOC Designs PHP News 1.1 (Auth Bypass) SQL Injection Vulnerability (деталі)
• In-Portal 4.3.1 (index.php env) Local File Inclusion Vulnerability (деталі)
• Perl$hop e-commerce Script Trust Boundary Input Parameter Injection (деталі)
• Shopmaker CMS 2.0 (bSQL/ LFI) Multiple Remote Vulnerabilities (деталі)
• MyBackup 1.4.0 (AFD/RFI) Multiple Remote Vulnerabilities (деталі)
• Irokez CMS 0.7.1 Remote SQL Injection Vulnerability (деталі)
• FlatPress 0.804-0.812.1 Local File Inclusion to Remote Command Execution vulnerability exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Arab Portal <= 2.2 (mod.php module) Local File Inclusion Vulnerability (деталі)
• Multi Website 1.5 (index php action) SQL Injection Vulnerability (деталі)
• Elvin BTS 1.2.2 (SQL/XSS) Multiple Remote Vulnerabilities (деталі)
• Questions Answered 1.3 (Auth Bypass) Remote SQL Injection Vuln (деталі)
• x10 Media Adult Script 1.7 Multiple Remote Vulnerabilities (деталі)
• Miniweb 2.0 Module Survey Pro (bSQL/XSS) Multiple Vulnerabilities (деталі)
• Miniweb 2.0 Module Publisher (bSQL-XSS) Multiple Vulnerabilities (деталі)
• MAXcms 3.11.20b RFI / File Disclosure Vulnerabilities (деталі)
• Discloser 0.0.4-rc2 (index.php more) SQL Injection Vulnerability (деталі)
• Netsurf 1.2 ‘hspace’ Remote Integer Overflow PoC Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Joomla Component com_jfusion (Itemid) Blind SQL Injection Vuln (деталі)
• SimpleLoginSys 0.5 (Auth Bypass) SQL Injection Vulnerability (деталі)
• TT Web Site Manager 0.5 (Auth Bypass) SQL Injection Vulnerability (деталі)
• QuickDev 4 (download.php file) File Disclosure Vulnerability (деталі)
• Netpet CMS 1.9 (confirm.php language) Local File Inclusion Vulnerability (деталі)
• Ajax Short URL Script (Auth Bypass) SQL Injection Vulnerability (деталі)
• ProjectButler 1.5.0 (pda_projects.php offset) RFI Vulnerability (деталі)
• Amaya 11.2 W3C Editor/Browser (defer) Remote BOF Exploit (SEH) (деталі)
• AW BannerAd (Auth Bypass) SQL Injection Vulnerability (деталі)
• Netsurf 1.2 ‘width’ Remote Integer Overflow PoC Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Orbis CMS 1.0 (AFD/ADF/ASU/SQL) Multiple Remote Vulnerabilities (деталі)
• justVisual 1.2 (fs_jVroot) Remote File Inclusion Vulnerabilities (деталі)
• Ultrize TimeSheet 1.2.2 readfile() Local File Disclosure Vulnerability (деталі)
• SAP Business One 2005-A License Manager Remote BOF Exploit (деталі)
• Arab Portal v2.x (forum.php qc) Remote SQL Injection Exploit (деталі)
• MAXcms 3.11.20b Multiple Remote File Inclusion Vulnerabilities (деталі)
• Mobilelib Gold v3 (Auth Bypass/SQL) Multiple Remote Vulnerabilities (деталі)
• aa33code 0.0.1 (LFI/Auth Bypass/DCD) Multiple Remote Vulnerabilites (деталі)
• PortalXP - Teacher Edition 1.2 Multiple SQL Injection Vulnerabilities (деталі)
• Netsurf 1.2 Remote Memory Leak Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Ultrize TimeSheet 1.2.2 Remote File Inclusion Vulnerability (деталі)
• TinyBrowser (TinyMCE Editor File browser) 1.41.6 Multiple Vulnerabilities (деталі)
• linkSpheric 0.74b6 (listID) Remote SQL Injection Vulnerability (деталі)
• PunBB Reputation.php Mod <= 2.0.4 Local File Inclusion Exploit (деталі)
• MUJE CMS 1.0.4.34 Local File Inclusion Vulnerabilities (деталі)
• Really Simple CMS 0.3a (pagecontent.php PT) Local File Inclusion Vulnerability (деталі)
• d.net CMS (LFI/SQLI) Multiple Remote Vulnerabilities (деталі)
• CMSphp 0.21 (LFI/XSS) Multiple Remote Vulnerabilities (деталі)
• dit.cms 1.3 (path/sitemap/relPath) Local File Inclusion Vulnerabilities (деталі)
• GoodTech SSH Remote Buffer Overflow Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• NcFTPd <= 2.8.5 Remote Jail Breakout Vulnerability (деталі)
• PunBB Reputation.php Mod <= 2.0.4 Blind SQL Injection Exploit (деталі)
• phpArcadeScript 4.0 (linkout.php id) SQL Injection Vulnerability (деталі)
• PHP Paid 4 Mail Script (paidbanner.php ID) SQL Injection Vulnerability (деталі)
• Firebird SQL op_connect_request main listener shutdown Vulnerability (деталі)
• PaoLiber 1.1 (login_ok) Authentication Bypass Vulnerability (деталі)
• PaoBacheca Guestbook 2.1 (login_ok) Auth Bypass Vulnerability (деталі)
• PaoLink 1.0 (login_ok) Authentication Bypass Vulnerability (деталі)
• In-Portal 4.3.1 Arbitrary Shell Upload Vulnerability (деталі)
• vBulletinR Version 3.8.2 D3n14l 0f S3rv1c3 Expl01t (деталі)