package main
/*
**
* Exploit Title: Joomla 1.5.x to 3.4.5 Object Injection Exploit
* Exploit Author: Khashayar Fereidani ( http://fereidani.com )
* Version: 1.5.x to 3.4.5
* CVE : CVE-2015-8562
/
Discovered by : Khashayar Fereidanis
Team Website : http://IRCRASH.COM
Team Members : Khashayar Fereidani - Sina YazdanMehr - Arash Allebrahim
English Forums : Http://IRCRASH.COM/forums/
Email : irancrash [ a t ] gmail [ d o t ] com
: http://linksysbycisco.com
Discovered by : Khashayar Fereidani
Team Website : Http://IRCRASH.COM
Team Members : Khashayar Fereidani - Sina YazdanMehr - Arash Allebrahim
English Forums : Http://IRCRASH.COM/forums/
Email : irancrash
|| Script : SMF (Simple Machine Forum) 1.1.11
|| Vulnerability Type : Active XSS ( Active Cross Site Scripting )
|| Risk : Low
|| Discovered By Khashayar Fereidani
|| http://ircrash.com http://bugtraq.ircrash.com
|| Note :
For use this vulnerability you need access to censor words panel .
#!/usr/bin/perl
###
# COMRaider Idefense Labs CreateFolder() and Copy() Insecure Method (Hard Disk
Filler Exploit)
#
# Discovered and Exploited by : Khashayar Fereidani
# Http://IRCRASH.com Http://Fereidani.ir
#
/
Discovered by : Khashayar Fereidani
My Official Website : HTTP://FEREIDANI.IR
Our Team Website : Http://IRCRASH.COM
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com
Sql Injection Vulnerability
Hi ,
Attacker can bypass disable_functions mod_security safe_mode ... with
this vulnerability .
I think this is good reason !
http://fereidani.ir - Khashayar Fereidani
Website : HTTP://FEREIDANI.IR
Team Website : Http://IRCRASH.COM
Team Members : Khashayar Fereidani - Hadi Kiamarsi - Sina YazdanMehr
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com
Local File Inclusion
inurl:show.php?imageid=
#
#
#
#Discovered by : Khashayar Fereidani a.k.a. Dr.Crash
#
#My Official Website : HTTP://FEREIDANI.IR
#
#Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com
a.k.a. Dr.Crash
#
#My Official Website : HTTP://FEREIDANI.IR
#
#Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com
#
#
#
#Khashayar Fereidani Official Website : HTTP://FEREIDANI.IR
://surfnet.dl.sourceforge.net/sourceforge/nooms/nooms_1.1.zip
Discovered by : Khashayar Fereidani Or Dr.Crash
My Website : HTTP://FEREIDANI.IR
Team Website : Http://IRCRASH.COM
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com
://surfnet.dl.sourceforge.net/sourceforge/mambo/MamboV4.6.2.zip
Discovered by : Khashayar Fereidani
My Website : HTTP://FEREIDANI.IR
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com
/
Discovered by : Khashayar Fereidani Or Dr.Crash
My Website : HTTP://FEREIDANI.IR
Team Website : Http://IRCRASH.COM
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com
Cross Site Scripting
.tar.gz
Discovered by : Khashayar Fereidani Or Dr.Crash
My Website : HTTP://FEREIDANI.IR
Our Team Website : HTTP://IRCRASH.COM
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com
/xampp-linux-1.6.7.tar.gz
Discovered by : Khashayar Fereidani Or Dr.Crash
My Website : HTTP://FEREIDANI.IR
Team Website : Http://IRCRASH.COM
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com
Website : HTTP://FEREIDANI.IR
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com
Khashayar Fereidani Offical Website : HTTP://FEREIDANI.IR
Script
Fereidani Or Dr.Crash
My Website : HTTP://FEREIDANI.IR
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t ] com
Script Download : http://dev-wms.sourceforge.net
://FEREIDANI.IR
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com
Khashayar Fereidani Offical Website : HTTP://FEREIDANI.IR
Script Download :
http
#
#
#
#Discovered by : Khashayar Fereidani a.k.a. Dr.Crash
#
#My Official Website : HTTP://FEREIDANI.IR
#
#Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com
#
#
#
#Khashayar Fereidani Offical Website : HTTP
#
#
#
#Discovered by : Khashayar Fereidani a.k.a. Dr.Crash
#
#My Offical Website : HTTP://FEREIDANI.IR
#
#Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com
#
#
#
#Khashayar Fereidani Offical Website : HTTP
://FEREIDANI.IR
Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com
Khashayar Fereidani Offical Website : HTTP://FEREIDANI.IR
Script Download :
http
#
#
#
#Discovered by : Khashayar Fereidani a.k.a. Dr.Crash
#
#My Offical Website : HTTP://FEREIDANI.IR
#
#Khashayar Fereidani Email : irancrash [ a t ] gmail [ d o t] com
#
#
#
#Khashayar Fereidani Offical Website : HTTP
')/script in Text box and click (Add)
Button .
# Now Open the Url Again See xss msg
##
# Solution : Edit Source Code And Filter Variable With htmlspecialchar()
function ...
##
# Khashayar Fereidani Email : irancrash
...
TNx : God..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
With
htmlspecialchar() function ...
TNx : God..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
IRCRASH TEAM - Http://IRCRASH.COM/
Solution : Edit Source Code And Filter Variable via htmlspecialchar() function
...
TNx : God..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
Solution : Edit Source Code And Filter Variable With htmlspecialchar() function
...
TNx : God..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
Solution : Edit Source Code And Filter Variable With htmlspecialchar() function
...
TNx : God..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
: God..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
: God..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
Solution : Edit Source Code And Filter Variable With htmlspecialchar() function
...
TNx : God..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
Solution : Edit Source Code And Filter Variable With htmlspecialchar() function
...
TNx : God..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
Solution : Edit Source Code And Filter Variable With htmlspecialchar() function
...
TNx : God..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
...
TNx : God..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
Script : BlackBook v1.0
Type : Multiple XSS Vulnerabilities
Discovered by : IRCRASH (Dr.Crash Or Khashayar Fereidani)
: Edit Source Code And Filter Variable With htmlspecialchar() function
...
TNx : God..
Khashayar Fereidani Email : irancrash[at]gmail[dot]com
Script : vlBook 1.21 (ALL VERSION)
Type : Multiple Remote Vulnerabilities (LFI/XSS)
Discovered by : IRCRASH (Dr.Crash Or Khashayar Fereidani)
Script : mjguest 6.7 (ALL VERSION)
Type : Multiple Remote Vulnerabilities (XSS/REDIRECTION)
Discovered by : IRCRASH (Dr.Crash Or Khashayar Fereidani)
/pad/index.php?skin=../[FILENAME]$00
TNx : God..
Khashayar Fereidani Email : irancrash[At]Gmail.com
#
Minibb 2.2a
XSS Vulnerability
#
Datalife Engine 6.7 XSRF Vulnerability
By IRCRASH
#!/usr/bin/perl
#
EasyNews-40tr
Multiple Remote Vulnerabilities (SQL Injection Exploit/XSS/LFI)
43 matches
Mail list logo