Websecurity - Веб безпека

В даній добірці експлоіти в веб додатках:

• Super Mod System v3 (s) SQL Injection Vulnerability (деталі)
• PHP Paid 4 Mail Script (home.php page) Remote File Inclusion Vuln (деталі)
• Cisco WLC 4402 Basic Auth Remote Denial of Service (meta) (деталі)
• SerWeb <= 2.1.0-dev1 2009-07-02 Multiple RFI Vulnerabilities (деталі)
• Magician Blog <= 1.0 (Auth Bypass) SQL injection Vulnerability (деталі)
• Magician Blog <= 1.0 (ids) Remote SQL Injection Vulnerability (деталі)
• Limny 1.01 (Auth Bypass) SQL Injection Vulnerability (деталі)
• PunBB Automatic Image Upload <= 1.3.5 Delete Arbitrary File Exploit (деталі)
• PunBB Automatic Image Upload <= 1.3.5 Remote SQL Injection Exploit (деталі)
• Exploits Multiple XSRF in DD-WRT (деталі)

В даній добірці експлоіти в веб додатках:

• XOOPS Celepar Module Qas (bSQL/XSS) Multiple Remote Vulnerabilities (деталі)
• SkaDate Dating (RFI/LFI/XSS) Multiple Remote Vulnerabilities (деталі)
• Almond Classifieds Ads (bSQL/XSS) Multiple Remote Vulnerabilities (деталі)
• Joomla Almond Classifieds 7.5 (com_aclassf) Multiple Vulnerabilities (деталі)
• IXXO Cart! Standalone and Joomla Component SQL Injection Vulnerability (деталі)
• Allomani Movies & Clips 2.7.0 Remote Blind SQL Injection Exploit (деталі)
• Allomani Songs & Clips 2.7.0 Blind SQL Injection Exploit (деталі)
• Allomani Mobile 2.5 Remote Blind SQL Injection Exploit (деталі)
• Inout Adserver (id) Remote SQL injection Vulnerability (деталі)
• DNS BailiWicked Host Attack (деталі)

В даній добірці експлоіти в веб додатках:

• PHP Live! <= 3.2.2 (questid) Remote SQL Injection Vulnerability (деталі)
• Scripteen Free Image Hosting Script 2.3 SQL Injection Exploit (деталі)
• Deonixscripts Templates Management 1.3 SQL Injection Vulnerability (деталі)
• Xoops Celepar Module Qas (codigo) SQL Injection Vulnerability (деталі)
• SaphpLesson v4.0 (Auth Bypass) SQL Injection Vulnerability (деталі)
• iWiccle 1.01 (LFI/SQL) Multiple Remote Vulnerabilities (деталі)
• stftp <= 1.10 (PWD Response) Remote Stack Overflow PoC (деталі)
• URA 3.0 (cat) remote SQL injection Vulnerability (деталі)
• GarageSalesJunkie (SQL/XSS) Multiple Remote Vulnerabilities (деталі)
• AlumniServer v-1.0.1 Blind SQLi Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Joomla Component com_joomloads (packageId) SQL Injection Vuln (деталі)
• Basilic 1.5.13 (index.php idAuthor) SQL Injection Vulnerability (деталі)
• PHP Live! 3.2.1/2 (x) Remote Blind SQL Injection Exploit (деталі)
• Joomla Extension UIajaxIM 1.1 JavaScript Execution Vulnerability (деталі)
• Million-Dollar Pixel Ads Platinum (SQL/XSS) Multiple Vulnerabilities (деталі)
• WzdFTPD <= 8.0 Remote Denial of Service Exploit (деталі)
• Pixaria Gallery 2.3.5 (file) Remote File Disclosure Exploit (деталі)
• Scripteen Free Image Hosting Script 2.3 Insecure Cookie Handling Vuln (деталі)
• Clip Bucket <= 1.7.1 Insecure Cookie Handling Vulnerability (деталі)
• FretsWeb 1.2 (name) Remote Blind SQL Injection Exploit (деталі)

В даній добірці експлоіти в веб додатках:

• DD-WRT (httpd service) Remote Command Execution Vulnerability (деталі)
• Meta Search Engine Script (url) Local File Disclosure Vulnerability (деталі)
• phpDirectorySource (XSS/SQL) Multiple Remote Vulnerabilities (деталі)
• AnotherPHPBook (APB) v.1.3.0 (Auth Bypass) SQL Injection Vulnerability (деталі)
• Phorum <= 5.2.11 Permanent Cross Site Scripting Vulnerabilities (деталі)
• GLinks 2.1 (cat) Remote Blind SQL Injection Vulnerability (деталі)
• e107 Plugin my_gallery 2.4.1 readfile() Local File Disclosure Exploit (деталі)
• AWCM 2.1 Local File Inclusion / Auth Bypass Vulnerabilities (деталі)
• PHP Melody 1.5.3 Remote File Upload Injection Vulnerability (деталі)
• (GET var ‘name’) BLIND SQL INJECTION EXPLOIT FretsWeb 1.2 (деталі)

В даній добірці експлоіти в веб додатках:

• RadLance Gold 7.5 Multiple Remote Vulnerabilities (деталі)
• RadBIDS GOLD v4 Multiple Remote Vulnerabilities (деталі)
• MCshoutbox 1.1 (SQL/XSS/Shell) Multiple Remote Vulnerabilities (деталі)
• MiniCWB 2.3.0 (LANG) Remote File Inclusion Vulnerabilities (деталі)
• Netrix CMS 1.0 Authentication Bypass Vulnerability (деталі)
• Silentum Guestbook 2.0.2 (silentum_guestbook.php) SQL Injection Vuln (деталі)
• powerUpload 2.4 (Auth Bypass) Insecure Cookie Handling Vulnerability (деталі)
• E-Xoopport 3.1 Module MyAnnonces (lid) SQL Injection Vulnerability (деталі)
• Alibaba-clone CMS (SQL/bSQL) Remote SQL Injection Vulnerabilities (деталі)
• BLIND SQLi exploit S-CMS <= v-2.0 Beta3 (деталі)

В даній добірці експлоіти в веб додатках:

• PHP Live! 3.2.1/2 (x) Remote Blind SQL Injection Vulnerability (деталі)
• VS PANEL 7.5.5 (results.php Cat_ID) SQL Injection Vulnerability (деталі)
• WebVision 2.1 (news.php n) Remote SQL Injection Exploit (деталі)
• Joomla Component Jobline <= 1.3.1 Blind SQL Injection Vulnerability (деталі)
• Good/Bad Vote (XSS/LFI) Multiple Remote Vulnerabilities (деталі)
• Ger Versluis 2000 5.5 24 SITE_fiche.php SQL Injection Vulnerability (деталі)
• Battle Blog 1.25 Auth Bypass SQL Injection / HTML Injection Vulns (деталі)
• GBook 1.6 (mes_id) Remote SQL Injection Vulnerability (деталі)
• RadNICS Gold v5 Multiple Remote Vulnerabilities (деталі)
• BLIND SQLi exploit Open Biller 0.1 (деталі)

В даній добірці експлоіти в веб додатках:

• onepound shop 1.x products.php SQL Injection Vulnerability (деталі)
• Admin News Tools 2.5 (fichier) Remote File Disclosure Vulnerability (деталі)
• ILIAS LMS <= 3.9.9/3.10.7 Arbitrary Edition/Info Disclosure Vulns (деталі)
• Infinity <= 2.0.5 Arbitrary Create Admin Exploit (деталі)
• Greenwood Content Manager 0.3.2 Local File Inclusion Exploit (деталі)
• PHPGenealogy 2.0 (DataDirectory) RFI Vulnerability (деталі)
• ZenPhoto 1.2.5 Completely Blind SQL Injection Exploit (деталі)
• dB Masters Multimedia’s Content Manager 4.5 SQL Injection Vulnerability (деталі)
• Sguil/PADS SQL Injection / Server Crash Vulnerability (деталі)
• (’dest’) Blind (SQLi) EXPLOIT Kjtechforce mailman Beta-1 (деталі)

В даній добірці експлоіти в веб додатках:

• Ebay Clone 2009 Multiple SQL Injection Vulnerabilities (деталі)
• Opial 1.0 Arbitrary File Upload/XSS/SQL Injection Vulnerabilities (деталі)
• d.net CMS Arbitrary Reinstall/Blind SQL Injection Exploit (деталі)
• Censura 1.16.04 (bSQL/XSS) Multiple Remote Vulnerabilities (деталі)
• Php AdminPanel Free version 1.0.5 Remote File Disclosure Vuln (деталі)
• Traidnt UP 2.0 Remote Blind SQL Injection Exploit (деталі)
• Mobilelib Gold v3 Local File Disclosure Vulnerability (деталі)
• Virtualmin < 3.703 Multiple Local/Remote Vulnerabilities (деталі)
• DJ Calendar (DJcalendar.cgi TEMPLATE) File Disclosure Vuln (деталі)
• Blind (SQLi) EXPLOIT Online Grades & Attendance v3.2.6 (деталі)

В даній добірці експлоіти в веб додатках:

• ToyLog 0.1 SQL Injection Vulnerability/RCE Exploit (деталі)
• Morcego CMS <= 1.7.6 Remote Blind SQL Injection Exploit (деталі)
• LionWiki (index.php page) Local File Inclusion Vulnerability (деталі)
• Ebay Clone 2009 (SQL/bSQL) Multiple Remote Vulnerabilities (деталі)
• HTC / Windows Mobile OBEX FTP Service Directory Traversal Vuln (деталі)
• Digitaldesign CMS 0.1 Remote Database Disclosure Vulnerability (деталі)
• Joomla Component com_propertylab (auction_id) SQL injection Vuln (деталі)
• Jobbr 2.2.7 Multiple Remote SQL Injection Vulnerabilities (деталі)
• Joomla Component com_category (catid) SQL Injection Vulnerability (деталі)
• EXPLOIT Online Grades & Attendance v3.2.6 (деталі)