CVE Certified
GHDB

Google Hacking Database

Advisories and Vulnerabilities

These searches locate vulnerable servers. These searches are often generated from various security advisory posts, and in many cases are product or version-specific.

DATE Title Summary
2006-04-15 inurl:sysinfo.cgi ext:cgi dork:inurl:sysinfo.cgi ext:cgi exploit: http://www.milw0rm.com/exploits/1677 I found this comma...
2006-04-15 inurl:"extras/update.php" intext:mysql.p... this is an osCommerce dork:inurl:"extras/update.php" intext:mysql.php -display or mor...
2006-04-10 "powered by phplist" | inurl:"lists... this is for PHPList 2.10.2 arbitrary local inclusion, discovered by me:advisory/poc exploit: ht...
2006-04-10 intitle:PHPOpenChat inurl:"index.php?language... exploit:http://retrogod.altervista.org/phpopenchat_30x_sql_xpl.htmlalso, information disclosure...
2006-04-10 inurl:server.php ext:php intext:"No SQL"... vulnerabilitydiscovered by Secunia, quick reference:http://www.securityfocus.com/bid/16187an ex...
2006-04-10 intext:"2000-2001 The phpHeaven Team" -s... intext:"2000-2001 The phpHeaven Team" -sourceforge this is for PHPMyChat remote comma...
2006-04-05 "2004-2005 ReloadCMS Team." this is for ReloadCMS ...
2006-04-05 intext:"2000-2001 The phpHeaven Team" -s... this is the dork for PHPMyChat ...
2006-03-30 "PhpCollab . Log In" | "NetOffice .... this is for PhpCollab 2.x / NetOffice 2.x sql injectionhttp://retrogod.altervista.org/phpcollab...
2006-03-30 "powered by claroline" -demo this is for Claroline e-learning platform ...
2006-03-28 inurl:*.exe ext:exe inurl:/*cgi*/ a cgi-bin executables xss/html injection miscellanea:some examples:inurl:keycgi.exe ext:exe inu...
2006-03-28 "Powered by XHP CMS" -ihackstuff -exploi... tested version: 0.5 without to have admin rights, you can go to: http://[target]/path_to_xhp_cm...
2006-03-28 "powered by guestbook script" -ihackstuf... poc exploit & explaination: http://retrogod.altervista.org/gbs_17_xpl_pl.html...
2006-03-28 "powered by php icalendar" -ihackstuff -... this is for php iCalendar ...
2006-03-28 intext:"powered by gcards" -ihackstuff -... this is for gcards ...
2006-03-28 intext:"Powered by Plogger!" -plogger.or... explaination & exploit: http://retrogod.altervista.org/plogger_b21_sql_xpl.html...
2006-03-28 WEBalbum 2004-2006 duda -ihackstuff -exploit dork: WEBalbum 2004-2006 duda -ihackstuff -exploitsoftware site: http://www.web-album.org/ advi...
2006-02-28 intitle:admbook intitle:version filetype:php intitle:admbook intitle:version filetype:php tested version: 1.2.2, you can inject php code in ...
2006-02-28 intext:"Powered By Geeklog" -geeklog.net dork: intext:"Powered By Geeklog" -geeklog.net this is for the vulnerability discover...
2006-02-28 "powered by 4images" this is for 4images ...