php exploits
Page 1 of 8788 exploits
 |
Title | Author | Platform | Source | Description | Date |
|---|---|---|---|---|---|---|
|
php-Charts 1.0 - Code Execution Vulnerability | fizzle stick | php | exploit-db.com | Exploit Title: PHP-CHARTS v1.0 code execution vulnerability Date: 05/15/2013 Exploit Author: fizzle stick Vendor Homepage: http://php-charts.com/ Software Link: http://php-charts.com/downloads/php-chart_v1.0.zip Version: v1.0 Tested on: Windows Summary: PHP-charts v1.0 suffers | Friday |
|
|
Exponent CMS 2.2.0 beta 3 - Multiple Vulnerabilities | High-Tech Bridge . | php | exploit-db.com | Advisory ID: HTB23154 Product: Exponent CMS Vendor: Online Innovative Creations Vulnerable Version(s): 2.2.0 beta 3 and probably prior Tested Version: 2.2.0 beta 3 Vendor Notification: April 24, 2013 Vendor Patch: May 3, 2013 Public Disclosure: May 15, 2013 Vulnerability Type: SQL Injecti | Friday |
|
|
CKEditor < 4.1 Drupal 6.x & 7.x - Persistent XSS Vulnerability | r0ng | php | exploit-db.com | Exploit Title: Persistent XSS in wysiwyg CKEditor <4.1 Drupal 6.x & 7.x Date: 15/05/2013 Exploit Author: r0ng Vendor Homepage: http://www.websitesecurityscan.net, http://www.hackers2devnull.blogspot.co.uk Software Links: http://ckeditor.com/release/CKEditor-4.0.3, http://drupal.org/dow | Friday |
|
|
Wordpress wp-FileManager - Arbitrary File Download Vulnerability | ByEge | php | exploit-db.com | Title: Wordpress wp-FileManager Local File Download Vulnerability Author: ByEge Download: http://wordpress.org/extend/plugins/wp-filemanager/ Test Platform: Linux Images: http://j1305.hizliresim.com/19/f/n0xxf.jpg Vuln. Plat.: Web Application Google Dorks: inurl:wp-content/plugins/wp-fil | May 14 |
|
|
UMI.CMS 2.9 - CSRF Vulnerability | High-Tech Bridge . | php | exploit-db.com | Advisory ID: HTB23151 Product: UMI.CMS Vendor: OOO Umisoft Vulnerable Version(s): 2.9 and probably prior Tested Version: 2.9 Vendor Notification: April 3, 2013 Vendor Patch: May 7, 2013 Public Disclosure: May 8, 2013 Vulnerability Type: Cross-Site Request Forgery [CWE-352] CVE Reference: | May 14 |
|
|
AlienVault OSSIM 4.1.2 - Multiple SQL Injection Vulnerabilities | RunRunLevel | php | exploit-db.com | RunRunLevel Web Security Research - AlienVault OSSIM multiple SQL Injection vulnerabilities Vendor Website : http://www.alienvault.com INDEX --------------------------------------- 1. Background 2. Description 3. Affected Products 4. Vulnerabilities 5. Solution 6. | May 14 |
|
|
WHMCS 4.x (invoicefunctions.php, id param) - SQL Injection Vulnerability | Ahmed Aboul-Ela | php | exploit-db.com | Title: WHMCS 4.x SQL Injection Vulnerability Google Dork: intext:"Powered by WHMCompleteSolution" OR inurl:"submitticket.php" Author: Ahmed Aboul-Ela Contact: Ahmed.Aboul3la[at]gmail[dot]com Date: 14/5/2013 Vendor: http://www.whmcs.com Version: 4.5.2 and perior versions should | May 14 |
|
|
IPB (Invision Power Board) all versions (1.x? / 2.x / 3.x) - Admin Account Takeover | John JEAN | php | exploit-db.com | IPB (Invision Power Board) all versions (1.x? / 2.x / 3.x) Admin account Takeover leading to code execution Written on : 2013/05/02 Released on : 2013/05/13 Author: John JEAN (@johnjean on twitter) Affected application: Invision Power Board <= 3.4.4 Type of vulnerability: Logical Vulnerabilit | May 14 |
|
|
Ajax Availability Calendar 3.X.X - Multiple Vulnerabilties | AtT4CKxT3rR0r1ST | php | exploit-db.com | Ajax Availability Calendar 3.X.X Multiple Vulnerabilties .:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn] .:. Script : http://www.ajaxavailabilitycal | May 13 |
|
|
Joomla S5 Clan Roster com_s5clanroster (index.php, id param) - SQL Injection | AtT4CKxT3rR0r1ST | php | exploit-db.com | Joomla Component com_s5clanroster Sql Injection Vulnerability .:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn] .:. Dork : inurl:"com_s5clanroster" | May 13 |
|
|
GetSimpleCMS 3.2.1 Arbitrary File Upload Vulnerability | Ahmed Elhady Moha. | php | exploit-db.com | GetSimpleCMS Version 3.2.1 Arbitrary File Upload Vulnerability = Exploit Title: GetSimpleCMS Version 3.2.1 Arbitrary File Upload Vulnerability Download link: http://code.google.com/p/get-simple-cms/ version: | May 13 |
|
|
MoinMoin - Arbitrary Command Execution | HTP | php | exploit-db.com | !/usr/bin/env python -*- coding: utf-8 -*- ascii = '\x1b[1;31m' ascii +=' \r\n' ascii +=' ██████████ ██████ ███ ███ ███ ██████ | May 8 |
|
|
b2evolution 4.1.6 - Multiple Vulnerabilities | High-Tech Bridge . | php | exploit-db.com | Advisory ID: HTB23152 Product: b2evolution Vendor: b2evolution Group Vulnerable Version(s): 4.1.6 and probably prior Tested Version: 4.1.6 Vendor Notification: April 10, 2013 Vendor Patch: April 29, 2013 Public Disclosure: May 1, 2013 Vulnerability Type: SQL Injection [CWE-89] CVE Refere | May 7 |
|
|
Joomla DJ Classifieds Extension 2.0 - Blind SQL Injection Vulnerability | Napsterakos | php | exploit-db.com | $$$$$$\ $$\ $$\ $$$$$$\ $$ __$$\ $$ | $$ | $$ __$$\ $$ / \__| $$ | $$ | $$ / \__| $$ |$$$$\ $$$$$$$$ | \$$$$$$\ $$ |\_$$ | $$ __$$ | \____$$\ $$ | $$ | $$ | $$ | $$\ $$ | \$$$$$$ |$$\ $$ | $$ |$$\\$$$$$$ | \______/ \__|\__| \__|\__ | May 6 |
|
|
OpenDocMan 1.2.6.5 - Persistent XSS Vulnerability | drone | php | exploit-db.com | Exploit Title: OpenDocMan 1.2.6.5 Stored/Reflective XSS Date: 05/04/2013 Exploit Author: drone (@dronesec) More Exploit Information: Vendor Homepage: http://www.opendocman.com/ Software Link: http://sourceforge.net/projects/opendocman/files/opendocman/1.2.6.5/opendocman-1.2.6.5.zip | May 6 |