Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability

a bug in Wordpress (chenpress Plugin) that allows to us to occur a File Upload on a Remote machin. # # Exploit Title : Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability # # Author

Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy

a bug in Mybb 1.6.8 'announcements.php' that allows to us to occur a Sql Injection on a Remote machin. # # # Exploit Title : Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy # # Author :

Mybb 1.6.8 Sql Injection Vulnerabilitiy

a bug in Mybb 1.6.8 that allows to us to occur a Sql Injection on a Remote machin. # # Exploit Title : Mybb 1.6.8 Sql Injection Vulnerabilitiy # # Author: IrIsT.Ir # # Discovered By : Am!r # #

Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities

a bug in Wordpress WPsc-MijnPress plugin that allows to us to occur a Cross-Site Scripting on a Remote machin. # # Exploit Title : Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities # # Author: #BHG Security

vBulletin 4.1.10 Sql Injection Vulnerabilitiy

a bug in vBulletin 4.1.10 that allows to us to occur a Sql Injection on a Remote machin. # # Exploit Title : vBulletin 4.1.10 Sql Injection Vulnerabilitiy # # Author: IrIsT.Ir # # Discovered By : Am!r # # Home :

Wordpress taggator plugin Sql Injection Vulnerabilities

a bug in Wordpress taggator plugin that allows to us to occur a Sql Injection on a Remote machin. # # Exploit Title : Wordpress taggator plugin Sql Injection Vulnerabilities # # Author: #BHG Security Center - IrIsT Security Team

Wordpress the-welcomizer plugin Cross-Site Scripting Vulnerabilities

™) # # # # contact...: Amir[at]IrIsT.ir # # # # SP TNX: B3HZ4D m3hdi kalkal-hacking Mr.xpr

WordPress flash-album-gallery Plugin 'flagshow.php' Cross Site Scripting Vulnerability

™) # # # # contact...: Amir[at]IrIsT.ir # # # # SP TNX: The-0utl4w A.u.r.A B3HZ4D

Wordpress 1-jquery-photo-gallery-slideshow-flash plugin Cross-Site Scripting Vulnerabilities

!r (IrIsT™) # # # # contact...: Amir[at]IrIsT.ir

Wordpress flash-album-gallery plugin Cross-Site Scripting Vulnerabilities

™) # # # # contact...: Amir[at]IrIsT.ir

Wordpress skysa-official plugin Cross-Site Scripting Vulnerabilities

™) # # # # contact...: Amir[at]IrIsT.ir # # # # SP TNX: The-0utl4w A.u.r.A B3HZ4D m3hdi

Wordpress clickdesk-live-support-chat plugin Cross-Site Scripting Vulnerabilities

™) # # # # contact...: Amir[at]IrIsT.ir

Wordpress featurific-for-wordpress plugin Cross-Site Scripting Vulnerabilities

...: Amir[at]IrIsT.ir # # # # Exploit...: Exploit

Wordpress enable-latex plugin Remote File Include Vulnerabilities

# # # # discovery.: Am!r (IrIsT™) # # # # contact...: Amir

Wordpress meenews 5.1 plugin Cross-Site Scripting Vulnerabilities

™) # # # # contact...: Amir[at]IrIsT.ir

wordpress Lanoba Social Plugin Xss Vulnerabilities

.: Am!r (IrIsT™) # # # # contact...: Amir[at]IrIsT.ir

Wordpress alert-before-your-post Plugin Cross-Site Scripting Vulnerabilities

™) # # # # contact...: Amir[at]IrIsT.ir # # # # Exploit...: http

Wordpress adminimize Plugin Vulnerabilities

(IrIsT™) # # # # contact...: Amir[at]IrIsT.ir

wordpress Flexible Custom Post Type plugin Xss Vulnerabilities

™) # # # # contact...: Amir[at]IrIsT.ir

wordpress Flexible Custom Post Type plugin Xss Vulnerabilities

™ # # # # discovery.: Am!r (IrIsT™) # # # # contact...: Amir[at]IrIsT.ir

PunBB 1.3.6 bug

™) # # # # contact...: Amir[at]IrIsT.ir

php python extension safe_mode bypass

?php /* php_python_bypass.php php python extension safe_mode bypass Amir Salmani - amir[at]salmani[dot]ir */ //python ext. installed? if (!extension_loaded('python')) die(python extension is not installed\n); //eval python code $res = python_eval(' import os pwd = os.getcwd() print pwd

ModuleBased CMS alfa 1 Multiple Remote File Inclusion

+ModuleBased CMS(MBCMS) multiple remote file Inclusion +discripton:MBCMS (ModuleBased CMS) is a new CMS designed for ease of use and customability. It is designed +for PHP/MySQL and it is easy to write new modules or templates to suit a particular website. +version:alfa 1 +vendor