Login or Register :: Home :: Search :: Your Account :: Forums :: Waraxe Advisories :: Tools :: September 1, 2025 Menu Home Logout Discussions Forums Members List IRC chat Tools Base64 coder MD5 hash CRC32 checksum ROT13 coder SHA-1 hash URL-decoder Sql Char Encoder Affiliates y3dips ITsec Md5 Cracker User Manuals AlbumNow Content Content Sections FAQ Top Info Feedback Recommend Us Search Journal Your Account User Info Welcome, Anonymous Nickname Password (Register) Membership: Latest: MichaelSnaRe New Today: 0 New Yesterday: 0 Overall: 9144 People Online: Visitors: 134 Members: 0 Total: 134 Full disclosure Multi-Protocol Traceroute SEC Consult SA-20250728-0 :: Stored Cross-Site-Scripting in Optimizely Episerver CMS SEC Consult SA-20250807-0 :: Race Condition in Shopware Voucher Submission Insufficient Resource Allocation Limits in nopCommerce v4.10 and v4.80.3 Excel Import Functionality CSV Injection in nopcommerce v4.10 and 4.80.3 Insufficient Session Cookie Invalidation in nopCommerce v4.10and 4.80.3 Session Fixation Vulnerability in iDempiere WebUI v12.0.0.202508171158 CSV Injection in iDempiere WebUI 12.0.0.202508171158 liblcf v0.8.1 liblcf/lcf2xml: Untrusted LCF data triggers uncaught std::length_error via negative vector resize (DoS) liblcf v0.8.1 Integer Overflow in liblcf `ReadInt()` Leads to Out-of-Bounds Reads and Denial of Service Piciorgros TMO-100: Unauthorized configuration change via TFTP (CVE-2025-29617) Piciorgros TMO-100: Unauthorized log data access [tool] CRSprober iOS 18.6 - Undocumented TCC Access to Multiple Privacy Domainsvia preflight=yes Kigen eUICC issue (custom backdoor vs. FW update bug) IT Security and Insecurity Portal www.waraxe.us Forum Index Search found 15 matches HostAdmin ///224 $ But Free xD Forum:Outdated posts Posted: Sat Jul 24, 2004 9:56 am Subject: HostAdmin ///224 $ But Free xD genoxide Replies: 3 Views: 11594 Object not found! PHPnuke 7.4 FINAL Forum:PhpNuke Posted: Sat Jul 24, 2004 9:44 am Subject: PHPnuke 7.4 FINAL genoxide Replies: 3 Views: 9646 You can get 7.4 at my site www.nukescripts.info Issues concerning PHPNuke SQL Injection Forum:PhpNuke Posted: Tue Jul 20, 2004 7:57 am Subject: Issues concerning PHPNuke SQL Injection genoxide Replies: 5 Views: 14540 Its out on SF and a fix was released when the report was released http://www.nukescripts.info/modules.php?name=Forums&file=viewtopic&t=44#562 [waraxe-2004-SA#036] [Multiple security holes in PhpNuke] Forum:How to fix Posted: Sun Jul 18, 2004 5:38 pm Subject: [waraxe-2004-SA#036] [Multiple security holes in PhpNuke] genoxide Replies: 2 Views: 16378 Ok i've tested this report on nuke 6.9 and 7.3 and heres my 2 cents A1 - full path disclosure in "/modules/Search/index.php": Go to search page: http://localhost/nuke73/modules.php?name ... [waraxe-2004-SA#035] - security holes in search module Forum:How to fix Posted: Sat Jul 17, 2004 6:26 pm Subject: [waraxe-2004-SA#035] - security holes in search module genoxide Replies: 2 Views: 13404 The instory seems to be affecting only 7.* versions, i search 6.9 and it seems just right also i released http://www.nukecops.com/postt31532.html when i saw the report at SF, hope u dont mind ... new exploit: $content Forum:PhpNuke Posted: Tue Jul 13, 2004 9:05 pm Subject: new exploit: $content genoxide Replies: 7 Views: 13941 No need for irony, heh try this on a non patched phpnuke site index.php?content=%253cscript>alert%2528document.cookie);%253c/script> You will see that you are getting the cookies in a ... new exploit: $content Forum:PhpNuke Posted: Tue Jul 13, 2004 4:08 pm Subject: new exploit: $content genoxide Replies: 7 Views: 13941 Even if it's a local variable, it still can be used for XSS new exploit: $content Forum:PhpNuke Posted: Sun Jul 11, 2004 3:54 pm Subject: new exploit: $content genoxide Replies: 7 Views: 13941 I was working on my new project and i found that the $content var in several blocks doesn't get parse correctly. what i mean? Open block-Survey.php and you will see: $content .= "<form ... some fixes waraxe released. Forum:PhpNuke Posted: Fri Jul 09, 2004 9:15 am Subject: some fixes waraxe released. genoxide Replies: 2 Views: 9823 and about the $admin or $user exploits ############################################################# #--------------- Base64 sanitize by Waraxe ----------------- if(isset($admin)) ... Which is the best protection System? Forum:PhpNuke Posted: Thu Jul 08, 2004 9:43 pm Subject: Which is the best protection System? genoxide Replies: 6 Views: 12233 i agree with u, but what about new ones? -=LOGO COMPETITION!=- Forum:General discussion Posted: Thu Jul 08, 2004 9:42 pm Subject: -=LOGO COMPETITION!=- genoxide Replies: 21 Views: 41700 i've just started messing with ps so don't be 2 hard with me http://xeronet.org/uploads/genoxide/waraxe1.gif Which is the best protection System? Forum:PhpNuke Posted: Thu Jul 08, 2004 8:57 pm Subject: Which is the best protection System? genoxide Replies: 6 Views: 12233 i've sentinel (latest version) on all of my nuke sites and i didn't have any problem with it, its secure,fast and reliable New security flaws in phpnuke all versions! Forum:PhpNuke Posted: Thu Jul 08, 2004 8:56 pm Subject: New security flaws in phpnuke all versions! genoxide Replies: 13 Views: 22352 so if we replace the old if (!eregi("admin.php", $_SERVER['SCRIPT_NAME'])) { die ("Access Denied"); } or if (!eregi(" ... some fixes waraxe released. Forum:PhpNuke Posted: Thu Jul 08, 2004 8:45 pm Subject: some fixes waraxe released. genoxide Replies: 2 Views: 9823 also about the fix in the modules.php about the $name fix $modpath .= "modules/$name/".$file.".php"; if (file_exists($modpath)) { how can the 'xploi ... some fixes waraxe released. Forum:PhpNuke Posted: Thu Jul 08, 2004 8:40 pm Subject: some fixes waraxe released. genoxide Replies: 2 Views: 9823 Well i'm currently working on a new project of mine and i got cs permission to work with his fixes for phpnuke. i came across with some of the fixes waraxe made in article.php // start code fix ... Page 1 of 1 All times are GMT Select a forumSecurity Research by waraxe----------------General discussionHow to fixMetasploit relatedHash cracking requests----------------MD5 hashesAll other hashesHash related informationhttp://www.waraxe.us portal----------------SuggestionsCooperation proposalsSecurity bugs and issues in general----------------Newbies cornerSql injectionCross-site scripting aka XSSRemote file inclusionFull path disclosureShell commands injectionPhishing and Social EngineeringAll other security holesVarious software----------------PhpNukePostNukePhpBBXMB forumvBulletin BoardInvision Power Boarde107MamboJoomlaXOOPSM$ WindowsLinux worldAll other softwareCoppermine Photo GalleryProgramming languages----------------PhpMySqlPerlJavaJavascriptC and C++Visual BasicBorland Delphi and PascalPythonHTML and XMLAssemblerReverse engineering----------------Newbies cornerDisassemblingPHP script decode requestsMiscellaneous stuff----------------Future of the ITNanotechnologyFun cornerLinksTry2hack sitesProxy databaseDirect Downloads----------------ToolsTutorialsWordlistsRecycle Bin----------------Removed messagesOutdated posts Powered by phpBB © 2001-2008 phpBB Group

PCWizardHub - Helping you fix, build, and optimize your PC life
All logos and trademarks in this site are property of their respective owner. The comments and posts are property of their posters, all the rest (c) 2004-2024 Janek Vind "waraxe"
Page Generation: 0.027 Seconds