9 matches found
PHPizabi 0.848b - C1 HFP1 Remote Privilege Escalation Vulnerability
No description provided by source. -------------------------------------------------------------------------------- PHPizabi v0.848b C1 HFP1 proc.inc.php remote privilege escalation php.ini independent by Nine:Situations:Group::bookoo...
PHPizabi 0.848b C1 HFP1-3 - Arbitrary File Upload
PHPizabi 0.848b C1 HFP1-3 - Arbitrary File Upload date"U"-300 43. 44. fnc"laneMakeToken", "file", $GET"id", array 45. "user.username" = me"username", 46. "file" = "system/cache/temp/".$filename, 47. ; 48. PHPizabi is prone to a vulnerability that lets remote attackers to upload and execute...
PHPizabi 0.8 - 'notepad_body' SQL Injection
source: https://www.securityfocus.com/bid/34223/info PHPizabi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data...
PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution
PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution !/usr/bin/php ?php / Found this after getting my inet back and noticing this http://www.milw0rm.com/exploits/6085 . The only problem with the remote command execution there is that it actually requires registerglobals = on. I saw the GLOBAL...
Directory traversal
Directory traversal vulnerability in index.php in PHPizabi 0.848b C1 HFP3 allows remote authenticated administrators to read arbitrary files via 1 a .. dot dot, 2 a URL, or possibly 3 a full pathname in the id parameter in an admin.templates.edittemplate action. NOTE: some of these details are...
Code injection
The AssignUser function in template.class.php in PHPizabi 0.848b C1 HFP3 performs unsafe macro expansions on strings delimited by '' and '' characters, which allows remote authenticated users to obtain sensitive information via a comment containing a macro, as demonstrated by a "user.password"...
phpizabi-disclose.txt
-------------------------------------------------------- PHPizabi v0.848b C1 HFP3 database information exposure -------------------------------------------------------- I would like to state that I am in no way responsible for how this information is used. It is just that, information and is...
PHPizabi v0.848b C1 HFP3 Database Information Disclosure Vuln
Exploit for unknown platform in category web applications ============================================================= PHPizabi v0.848b C1 HFP3 Database Information Disclosure Vuln =============================================================...
Unrestricted file upload
Unrestricted file upload vulnerability in image.php in PHPizabi 0.848b C1 HFP1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension from the event page, then accessing it via a direct request to the file in system/cache/pictures...