6483 matches found
MyPBS SQL Injection Exploit
!/usr/bin/perl Coded by Piker pikerdotther00tatgmaildotcom D.O.M Team piker,ka0x,an0de,xarnuz 2008 Security Researchers MyPBS Remote SQL Injection Exploit This exploit tries to read an arbitrary file. piker@domlabs:/advisories$ perl mypbs.pl http://localhost/mypbs /etc/passwd + File HEX:...
Free Articles Directory Remote File Inclusion Vulnerability
The remote web server contains a PHP application that is affected by a remote file include vulnerability. Description : The remote host is running Free Articles Directory, a CMS written in PHP. The installed version of Free Articles Directory fails to sanitize user input to the 'page' parameter i...
SECOBJADV-2008-05: Symantec Veritas Storage Foundation Arbitrary File Read Vulnerability
====================================================================== = Security Objectives Advisory SECOBJADV-2008-05 = ====================================================================== Veritas Storage Foundation Arbitrary File Read Vulnerability...
geccBBlite 2.0 (leggi.php id) Remote SQL Injection Exploit
No description provided by source. !/usr/bin/perl Coded by Piker pikerdotther00tatgmaildotcom D.O.M Team piker,ka0x,an0de,xarnuz 2008 Security Researchers geccBBlite Forums SQL Injection Exploit This exploit tries to read an arbitrary file. piker@domlabs:/advisories$ perl geccBB.pl...
geccBBlite 2.0 - 'id' SQL Injection
!/usr/bin/perl Coded by Piker pikerdotther00tatgmaildotcom D.O.M Team piker,ka0x,an0de,xarnuz 2008 Security Researchers geccBBlite Forums SQL Injection Exploit This exploit tries to read an arbitrary file. piker@domlabs:/advisories$ perl geccBB.pl http://localhost/geccBB /etc/passwd + Prefix:...
geccBBlite 2.0 - id SQL Injection
geccBBlite 2.0 - id SQL Injection !/usr/bin/perl Coded by Piker pikerdotther00tatgmaildotcom D.O.M Team piker,ka0x,an0de,xarnuz 2008 Security Researchers geccBBlite Forums SQL Injection Exploit This exploit tries to read an arbitrary file. piker@domlabs:/advisories$ perl geccBB.pl...
Php168 读取任意文件漏洞
代码:..job.php Line:117 if eregi".php",$url die"ERR"; $fileurl=strreplace$webdbwwwurl,"",$url; ifisfilePHP168PATH."$fileurl"&&filesizePHP168PATH."$fileurl"10241024500 $filename=basename$fileurl; $filetype=substrstrrchr$filename,'.',1; $filename=pregreplace"/\d+200\d+^+.^.+/is","\3",$filename;...
Directory traversal
Multiple directory traversal vulnerabilities in view/index.php in CMS Mini 0.2.2 allow remote attackers to read arbitrary local files via a .. dot dot in the 1 path and 2 p parameter...
CVE-2008-2004
The driveinit function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted...
CVE-2008-1924
Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable...
CVE-2008-1857
Multiple directory traversal vulnerabilities in viewsource.php in Make our Life Easy Mole 2.1.0 allow remote attackers to read arbitrary files via directory traversal sequences in the 1 dirn and 2 fname parameters...
CVE-2008-1643
CVE-2008-1643 describes a directory traversal vulnerability in LANDesk Management Suite (LDMS)’s PXE TFTP Service (PXEMTFTP.exe). Affected versions are LDMS 8.7 SP5 and earlier and 8.8. The flaw allows remote attackers to read arbitrary files via unspecified vectors in the PXE TFTP service. The a...
CVE-2008-0926
CVE-2008-0926 affects Novell eDirectory’s eMBox SOAP interface, where client-side authentication can be bypassed via requests to /SOAP URIs. This enables either read access to files or a denial of service (daemon shutdown). Affected products include eDirectory 8.7.3.9 and earlier, and 8.8.x befor...
CVE-2007-4850
curl/interface.c in the cURL library aka libcurl in PHP 5.2.4 and 5.2.5 allows context-dependent attackers to bypass safemode and openbasedir restrictions and read arbitrary files via a file:// request containing a \x00 sequence, a different vulnerability than CVE-2006-2563...
CVE-2008-0333
Directory traversal vulnerability in downloadviewattachment.aspx in AfterLogic MailBee WebMail Pro 4.1 for ASP.NET allows remote attackers to read arbitrary files via a .. dot dot in the tempfilename parameter...
PT-2008-1966 · Afterlogic +1 · Afterlogic Mailbee Webmail Pro +1
Name of the Vulnerable Software and Affected Versions: AfterLogic MailBee WebMail Pro version 4.1 for ASP.NET Description: The issue allows remote attackers to read arbitrary files due to a directory traversal vulnerability in the download view attachment.aspx file. This is achieved by using a...
CVE-2008-0140
CVE-2008-0140 affects Uebimiau Webmail 2.7.10 and 2.7.2, where a directory traversal vulnerability in error.php allows remote authenticated users to read arbitrary files via a .. in the selected_theme parameter. This is a separate vector from CVE-2007-3172. The connected sources confirm the affec...
CVE-2003-1427
Affected product: Netgear FM114P (firmware 1.4) web configuration interface. Vulnerability: Directory traversal via a hex-encoded (../../ )../ in the port parameter, allowing remote attackers to read arbitrary files (e.g., netgear.cfg). Root cause: Insufficient validation of the port parameter en...
CVE-2007-4820
Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter...
CVE-2007-3332
The CVE-2007-3332 entry concerns a directory traversal in Satellite.php of Satel Lite for PhpNuke, allowing remote attackers to read arbitrary files via a .. sequence in the name parameter used by a modload action. Affected component: Satellite.php in Satel Lite for PhpNuke. Root cause: improper ...