Websecurity - Веб безпека

В даній добірці експлоіти в веб додатках:

• TalkBack 2.3.14 Multiple Remote Vulnerabilities (деталі)
• Sun One WebServer 6.1 JSP Source Viewing Vulnerability (деталі)
• Siteframe CMS 3.2.x SQL Injection/phpinfo() Multiple Vulnerabilities (деталі)
• Universe CMS 1.0.6 (vnews.php id) Remote SQL Injection Exploit (деталі)
• phpBMS 0.96 Multiple Remote Vulnerabilities (деталі)
• GenCMS 2006 Multiple Remote Vulnerabilities (деталі)
• MyMsg 1.0.3 (uid) Remote SQL Injection Vulnerability (деталі)
• Citrix XenCenterWeb (XSS/SQL/RCE) Multiple Remote Vulnerabilities (деталі)
• Phenotype CMS 2.8 (login.php user) Blind SQL Injection Vulnerability (деталі)
• Exploits Buffer Overflow in NaviCopa HTTP server 2.01 (cgi-bin) (деталі)

В даній добірці експлоіти в веб додатках:

• Opial 1.0 (albumid) Remote SQL Injection Vulnerability (деталі)
• Opial 1.0 (Auth Bypass) Remote SQL Injection Vulnerability (деталі)
• MRCGIGUY Thumbnail Gallery Post 1b Arb. Shell Upload Vulnerability (деталі)
• Nwahy Dir 2.1 Arbitrary Change Admin Password Exploit (деталі)
• Glossword <= 1.8.11 Arbitrary Uninstall / Install Vulnerability (деталі)
• ClearContent (image.php url) RFI/LFI Vulnerability (деталі)
• Mlffat 2.2 Remote Blind SQL Injection Exploit (деталі)
• WebAsyst Shop-Script (bSQL/XSS) Multiple Remote Vulnerabilities (деталі)
• EasyVillaRentalSite (Id) Remote SQL Injection Vulnerability (деталі)
• FreeSSHD 1.2.1 (Post Auth) Remote Seh Overflow (деталі)

В даній добірці експлоіти в веб додатках:

• ARD-9808 DVR Card Security Camera (GET Request) Remote DoS Exploit (деталі)
• YourTube <= 2.0 Arbitrary Database Disclosure Exploit (деталі)
• Oracle 10g SYS.LT.COMPRESSWORKSPACETREE SQL Injection Exploit (деталі)
• Apple Safari 4.x JavaScript Reload Remote Crash Exploit (деталі)
• conpresso 3.4.8 (detail.php) Remote Blind SQL Injection Vuln (деталі)
• Almnzm 2.0 Remote Blind SQL Injection Exploit (деталі)
• AdminLog 0.5 (valid_login) Authentication Bypass Vulnerability (деталі)
• Sourcefire 3D Sensor & Defense Center 4.8.x Privilege Escalation Vuln (деталі)
• Rentventory Multiple Remote SQL Injection Vulnerabilities (деталі)
• Exploits FreeSSHd Multiple Remote Stack Overflow Vulnerabilities (деталі)

В даній добірці експлоіти в веб додатках:

• Jax FormMailer 3.0.0 Remote File Inclusion Vulnerability (деталі)
• PunBB Extension Vote For Us <= 1.0.1 Blind SQL Injection Exploit (деталі)
• TSEP <= 0.942.02 Multiple Remote Vulnerabilities (деталі)
• Messages Library 2.0 Arbitrary Administrator Account Vulnerability (деталі)
• ARD-9808 DVR Card Security Camera Arbitrary Config Disclosure Vuln (деталі)
• Messages Library 2.0 Insecure Cookie Handling Vulnerability (деталі)
• Messages Library 2.0 Arbitrary Delete Message Vulnerability (деталі)
• CMS Chainuk <= 1.2 Multiple Remote VUlnerabilities (деталі)
• KerviNet Forum <= 1.1 Multiple Remote Vulnerabilities (деталі)
• (GET var ‘id’) BLIND SQL INJECTION EXPLOIT Dog Pedigree Online Database v1.0.1-Beta (деталі)

В даній добірці експлоіти в веб додатках:

• Audio Article Directory (file) Remote File Disclosure Vulnerability (деталі)
• Joomla com_bookflip (book_id) Remote SQL Injection Vulnerability (деталі)
• Cpanel (lastvisit.html domain) Arbitrary File Disclosure Vuln (auth) (деталі)
• SMF Mod Member Awards 1.0.2 Blind SQL Injection Exploit (деталі)
• DM FileManager 3.9.4 Remote File Disclosure Vulnerability (деталі)
• MDPro Module CWGuestBook <= 2.1 Remote SQL Injection Vulnerability (деталі)
• PunBB Affiliates Mod <= 1.1 Remote Blind SQL Injection Exploit (деталі)
• phpMyBlockchecker 1.0.0055 Insecure Cookie Handling Vulnerability (деталі)
• BIGACE CMS 2.6 (cmd) Local File Inclusion Vulnerability (деталі)
• maxcms2.0 create new admin exploit (деталі)

В даній добірці експлоіти в веб додатках:

• Joomla Component com_K2 <= 1.0.1b (category) SQL Injection Vuln (деталі)
• Joomla Component com_php (id) Blind SQL Injection Vulnerability (деталі)
• Messages Library 2.0 (cat.php CatID) SQL Injection Vulnerability (деталі)
• WHOISCART (Auth Bypass) Information Disclosure Vulnerability (деталі)
• Clicknet CMS 2.1 (side) Arbitrary File Disclosure Vulnlerability (деталі)
• PHP-Sugar 0.80 (index.php t) Local File Inclusion Vulnerability (деталі)
• Almnzm (COOKIE: customer) Remote SQL Injection Vulnerability (деталі)
• DM FileManager 3.9.4 Remote File Inclusion Vulnerability (деталі)
• Newsolved 1.1.6 (login grabber) Multiple SQL Injection Exploit (деталі)
• (GET var ‘member’) BLIND SQL INJECTION EXPLOIT FAMILY CONNECTIONS <= v1.9 (деталі)

В даній добірці експлоіти в веб додатках:

• AlumniServer 1.0.1 (resetpwemail) Blind SQL Injection Exploit (деталі)
• AlumniServer 1.0.1 (Auth Bypass) SQL Injection Vulnerability (деталі)
• MyFusion 6b settings[locale] Local File Inclusion Vulnerability (деталі)
• MD-Pro 1.083.x Survey Module (pollID) Blind SQL Injection Vulnerability (деталі)
• Mega File Manager 1.0 (index.php page) LFI Vulnerability (деталі)
• ForumPal FE 1.1 (Auth Bypass) Remote SQL Injection Vulnerability (деталі)
• PHP-Address Book 4.0.x Multiple SQL Injection Vulnerabilities (деталі)
• Virtue Online Test Generator (AB/SQL/XSS) Multiple Vulnerabilities (деталі)
• osTicket 1.6 RC4 Admin Login Blind SQL Injection Vulnerability (деталі)
• (POST var ‘rating’) BLIND SQL INJECTION microTopic v1 Initial Release (деталі)

В даній добірці експлоіти в веб додатках:

• BASE <= 1.2.4 (Auth Bypass) Insecure Cookie Handling Vulnerability (деталі)
• LightOpenCMS 0.1 (smarty.php cwd) Local File Inclusion Vulnerability (деталі)
• PHPEcho CMS 2.0-rc3 (forum) XSS Cookie Stealing / Blind Vulnerability (деталі)
• AN Guestbook 0.7.8 (g_lang) Local File Inclusion Vulnerability (деталі)
• Tribiq CMS 5.0.12c (XSS/LFI) Multiple Remote Vulnerabilities (деталі)
• Joomla Component com_pinboard Remote File Upload Vulnerability (деталі)
• Glossword <= 1.8.11 (index.php x) Local File Inclusion Vulnerability (деталі)
• Joomla Component com_amocourse (catid) SQL Injection Vuln (деталі)
• Joomla Component com_pinboard (task) SQL Injection Exploit (деталі)
• User options changer (SQLi) EXPLOIT Bigace CMS stable release 2.5 (деталі)

В даній добірці експлоіти в веб додатках:

• RS-CMS 2.1 (key) Remote SQL Injection Vulnerability (деталі)
• Joomla Component com_tickets <= 2.1 (id) SQL Injection Vuln (деталі)
• Sourcebans <= 1.4.2 Arbitrary Change Admin Email Vulnerability (деталі)
• Kasseler CMS (FD/XSS) Multiple Remote Vulnerabilities (деталі)
• Gravy Media Photo Host 1.0.8 Local File Disclosure Vulnerability (деталі)
• Campsite 3.3.0 RC1 Multiple Remote File Inclusion Vulnerabilities (деталі)
• Zen Cart 1.3.8 Remote SQL Execution Exploit (деталі)
• Zen Cart 1.3.8 Remote Code Execution Exploit (деталі)
• phpCollegeExchange 0.1.5c (RFI/LFI/XSS) Multiple Vulnerabilities (деталі)
• Bitweaver <= 2.6 /boards/boards_rss.php / saveFeed() remote code execution exploit (деталі)

В даній добірці експлоіти в веб додатках:

• TekBase All-in-One 3.1 Multiple SQL Injection Vulnerabilities (деталі)
• CMS Buzz (XSS/PC/HI) Multiple Remote Vulnerabilities (деталі)
• MIDAS 1.43 (Auth Bypass) Insecure Cookie Handling Vulnerability (деталі)
• AWScripts Gallery Search Engine 1.x Insecure Cookie Vulnerability (деталі)
• Elgg (XSS/CSRF/Change Password) Multiple Remote Vulnerabilities (деталі)
• pmaPWN! - phpMyAdmin Code Injection RCE Scanner & Exploit (деталі)
• phpDatingClub 3.7 Remote SQL/XSS Injection Vulnerabilities (деталі)
• pc4 Uploader <= 10.0 Remote File Disclosure Vulnerability (деталі)
• MyBB <= 1.4.6 Remote Code Execution Exploit (деталі)
• TinyWebGallery <= 1.7.6 LFI / Remote Code Execution Exploit (деталі)