[ home ] [ contents ] [ platforms ] [ shellcode ] [ search ] [ cracker ] [ links ] [ rss ] [ archive ]

Author:

JosS

Homepage:http://www.spanish-hackers.com/


[ exploits/shellcode ]
-::DATE -::DESCRIPTION -::HITS -::AUTHOR
2009-06-24 PHPEcho CMS 2.0-rc3 (forum) XSS Cookie Stealing / Blind Vulnerability 1329 R D JosS
2009-06-24 LightOpenCMS 0.1 (smarty.php cwd) Local File Inclusion Vulnerability 1343 R D JosS
2009-04-20 Studio Lounge Address Book 2.5 (profile) Shell Upload Vulnerability 1563 R D JosS
2009-04-16 SMA-DB 0.3.13 Multiple Remote File Inclusion Vulnerabilities 2338 R D JosS
2009-02-23 pPIM 1.01 (notes.php id) Remote Command Execution Exploit 2379 R D JosS
2009-02-06 1024 CMS <= 1.4.4 Remote Command Execution with RFI (c99) Exploit 4723 R D JosS
2009-02-04 GR Blog 1.1.4 (Upload/Bypass) Multiple Remote Vulnerabilities 1955 R D JosS
2009-02-04 GR Note 0.94 beta (Auth Bypass) Remote Database Backup Vulnerability 1536 R D JosS
2009-01-05 Cybershade CMS 0.2b (index.php) Remote File Inclusion Exploit 4039 R D JosS
2008-11-25 Clean CMS 1.5 (full_txt.php id) Blind SQL Injection Exploit 2010 R D JosS
2008-11-03 pppBlog <= 0.3.11 (randompic.php) File Disclosure Vulnerability 1811 R D JosS
2008-11-02 Maran PHP Shop (prod.php cat) SQL Injection Vulnerability 1837 R D JosS
2008-11-02 Maran PHP Shop (admin.php) Insecure Cookie Handling Vulnerability 2469 R D JosS
2008-11-01 Bloggie Lite 0.0.2 Beta SQL Injection by Insecure Cookie Handling 970 R D JosS
2008-10-23 aflog 1.01 Multiple Insecure Cookie Handling Vulnerabilies 1450 R D JosS
2008-10-21 LightBlog 9.8 (GET,POST,COOKIE) Multiple LFI Vulnerabilities 2671 R D JosS
2008-10-16 IP Reg <= 0.4 Multiple Remote SQL Injection Vulnerabilities 2041 R D JosS
2008-10-16 Kure 0.6.3 (index.php post,doc) Local File Inclusion Vulnerability 2146 R D JosS
2008-10-15 myStats (hits.php) Multiple Remote Vulnerabilities Exploit 2151 R D JosS
2008-10-15 myEvent 1.6 (viewevent.php) Remote SQL Injection Vulnerability 2519 R D JosS
2008-10-13 LokiCMS 0.3.4 (admin.php) Create Local File Inclusion Exploit 2382 R D JosS
2008-10-12 LokiCMS <= 0.3.4 (index.php page) Arbitrary Check File Exploit 2173 R D JosS
2008-10-12 My PHP Indexer 1.0 (index.php) Local File Download Vulnerability 3123 R D JosS
2008-10-09 ScriptsEz Mini Hosting Panel (members.php) LFI Vulnerability 2387 R D JosS
2008-10-09 ScriptsEz Easy Image Downloader Local File Download Vulnerability 2244 R D JosS
2008-10-05 FOSS Gallery Public <= 1.0 Arbitrary Upload / Information c99 Expoit 4014 R D JosS
2008-10-05 phpAbook <= 0.8.8b (COOKIE) Local File Inclusion Vulnerability 1868 R D JosS
2008-10-04 pPIM 1.01 (notes.php id) Local File Inclusion Vulnerability 1964 R D JosS
2008-10-01 MySQL Quick Admin <= 1.5.5 (COOKIE) Local File Inclusion Vulnerability 3431 R D JosS
2008-09-16 Hotel reservation System (city.asp city) Blind SQL Injection Vulnerability 3944 R D JosS
2008-09-15 Pre Real Estate Listings (search.php c) SQL Injection Vulnerability 2586 R D JosS
2008-09-05 WebCMS Portal Edition (index.php id) Blind SQL Injection Exploit 2810 R D JosS
2008-06-14 Pre Job Board (JobSearch.php) Remote SQL Injection Vulnerability 2754 R D JosS
2008-06-13 E-SMART CART (productsofcat.asp) Remote SQL Injection Vulnerability 2913 R D JosS
2008-06-13 PHP JOBWEBSITE PRO (JobSearch3.php) SQL Injection Vulnerability 2523 R D JosS
2008-06-10 ASPPortal Free Version (Topic_Id) Remote SQL Injection Vulnerability 2842 R D JosS
2008-06-09 Real Estate Web Site 1.0 (SQL/XSS) Multiple Remote Vulnerabilities 2257 R D JosS
2008-06-01 ComicShout 2.8 (news.php news_id) SQL Injection Vulnerability 2447 R D JosS
2008-05-31 BP Blog 6.0 (id) Remote Blind SQL Injection Vulnerability 2598 R D JosS
2008-05-16 StanWeb.CMS (default.asp id) Remote SQL Injection Exploit 3766 R D JosS
2008-05-09 SazCart <= 1.5.1 (prodid) Remote SQL Injection Exploit 3408 R D JosS
2008-05-04 Scout Portal Toolkit <= 1.4.0 (ParentId) Remote SQL Injection Exploit 2845 R D JosS
2008-04-15 Classifieds Caffe (index.php cat_id) SQL Injection Vulnerability 4588 R D JosS
2008-04-14 Koobi CMS 4.2.4/4.2.5/4.3.0 Multiple Remote SQL Injection Vulnerabilities 3471 R D JosS
2008-03-18 KAPhotoservice (album.asp) Remote SQL Injection Exploit 4289 R D JosS
2008-03-16 Mutiple Timesheets <= 5.0 Multiple Remote Vulnerabilities 3746 R D JosS
2008-03-12 EasyCalendar <= 4.0tr Multiple Remote Vulnerabilities 3789 R D JosS
2008-03-12 EasyGallery <= 5.0tr Multiple Remote Vulnerabilities 5653 R D JosS
2008-02-29 Koobi CMS 4.3.0 - 4.2.3 (categ) Remote SQL Injection Vulnerability 5848 R D JosS
2008-02-16 Simple CMS <= 1.0.3 (indexen.php area) Remote SQL Injection Exploit 3725 R D JosS
2008-01-16 Gradman <= 0.1.3 (agregar_info.php) Local File Inclusion Exploit 3414 R D JosS
2008-01-14 RichStrong CMS (showproduct.asp cat) Remote SQL Injection Exploit 4079 R D JosS
2008-01-13 Binn SBuilder (nid) Remote Blind SQL Injection Vulnerability 3155 R D JosS
2007-12-26 Blakord Portal <= Beta 1.3.A (all modules) SQL Injection Vulnerability 3509 R D JosS
2007-10-13 WWWISIS <= 7.1 (IsisScript) Local File Disclosure / XSS Vulnerabilities 5597 R D JosS

[ papers ]
-::DATE -::DESCRIPTION -::HITS -::AUTHOR
2008-10-07[spanish] f**king the Web Apps [LFI #1 - attack edition]3975DJosS



send all submissions to submit[at]milw0rm.com [gpg]
Videos hosted by Tradebit file hosting
Copyright © 2004-2009 milw0rm