a bug in Wordpress (chenpress Plugin) that allows to us to occur
a File Upload on a Remote machin.
#
# Exploit Title : Wordpress (chenpress Plugin) Arbitrary File Upload
Vulnerability
#
# Author
a bug in Mybb 1.6.8 'announcements.php' that allows to us to occur a Sql
Injection on a Remote machin.
#
#
# Exploit Title : Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy
#
# Author :
a bug in Mybb 1.6.8 that allows to us to occur
a Sql Injection on a Remote machin.
#
# Exploit Title : Mybb 1.6.8 Sql Injection Vulnerabilitiy
#
# Author: IrIsT.Ir
#
# Discovered By : Am!r
#
#
a bug in Wordpress WPsc-MijnPress plugin that allows to us to occur
a Cross-Site Scripting on a Remote machin.
#
# Exploit Title : Wordpress WPsc-MijnPress plugin Cross-Site Scripting
Vulnerabilities
#
# Author: #BHG Security
a bug in vBulletin 4.1.10 that allows to us to occur
a Sql Injection on a Remote machin.
#
# Exploit Title : vBulletin 4.1.10 Sql Injection Vulnerabilitiy
#
# Author: IrIsT.Ir
#
# Discovered By : Am!r
#
# Home :
a bug in Wordpress taggator plugin that allows to us to occur
a Sql Injection on a Remote machin.
#
# Exploit Title : Wordpress taggator plugin Sql Injection Vulnerabilities
#
# Author: #BHG Security Center - IrIsT Security Team
)
#
#
#
# contact...: Amir[at]IrIsT.ir
#
#
#
# SP TNX: B3HZ4D m3hdi kalkal-hacking Mr.xpr
)
#
#
#
# contact...: Amir[at]IrIsT.ir
#
#
#
# SP TNX: The-0utl4w A.u.r.A B3HZ4D
!r (IrIsT)
#
#
#
# contact...: Amir[at]IrIsT.ir
)
#
#
#
# contact...: Amir[at]IrIsT.ir
)
#
#
#
# contact...: Amir[at]IrIsT.ir
#
#
#
# SP TNX: The-0utl4w A.u.r.A B3HZ4D m3hdi
)
#
#
#
# contact...: Amir[at]IrIsT.ir
...: Amir[at]IrIsT.ir
#
#
#
# Exploit...: Exploit
#
#
#
# discovery.: Am!r (IrIsT)
#
#
#
# contact...: Amir
)
#
#
#
# contact...: Amir[at]IrIsT.ir
.: Am!r (IrIsT)
#
#
#
# contact...: Amir[at]IrIsT.ir
)
#
#
#
# contact...: Amir[at]IrIsT.ir
#
#
#
# Exploit...:
http
(IrIsT)
#
#
#
# contact...: Amir[at]IrIsT.ir
)
#
#
#
# contact...: Amir[at]IrIsT.ir
#
#
#
# discovery.: Am!r (IrIsT)
#
#
#
# contact...: Amir[at]IrIsT.ir
)
#
#
#
# contact...: Amir[at]IrIsT.ir
?php
/*
php_python_bypass.php
php python extension safe_mode bypass
Amir Salmani - amir[at]salmani[dot]ir
*/
//python ext. installed?
if (!extension_loaded('python')) die(python extension is not installed\n);
//eval python code
$res = python_eval('
import os
pwd = os.getcwd()
print pwd
+ModuleBased CMS(MBCMS) multiple remote file Inclusion
+discripton:MBCMS (ModuleBased CMS) is a new CMS designed for ease of use and
customability. It is designed +for PHP/MySQL and it is easy to write new
modules or templates to suit a particular website.
+version:alfa 1
+vendor
23 matches
Mail list logo