7698 matches found
A-Blog.txt
1A-Blog Remote File Include BuG FounD by Drago84 Application Affect:2A-Blog Source Code: 3http://prdownloads.sourceforge.net/a-blog/A-BlogV2.rar?download Problem: Soluction: Include in page require "mainfile.php"; Page Vulnerable : menu.php Dir : /navigate/ Exempe Of ExPloit is:...
CVE-2006-5135
Multiple PHP remote file inclusion vulnerabilities in A-Blog 2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 openbox, 2 middlebox, and 3 closebox parameters in a sources/myaccount.php; the 4 navigationend parameter in b navigation/search.php and c navigation/donation.php...
CVE-2006-5135
CVE-2006-5135 describes multiple PHP remote file inclusion vulnerabilities in A-Blog 2. An attacker can cause arbitrary PHP code execution by supplying a URL in parameters such as navigation_start, navigation_middle, and open_box/middle_box/close_box in sources/myaccount.php, navigation_end in na...
EUVD-2006-5077
PHP remote file inclusion vulnerability in navigation/menu.php in A-Blog 2 allows remote attackers to execute arbitrary PHP code via a URL in the navigationstart parameter...
CVE-2006-5092
CVE-2006-5092 and related CVEs describe PHP remote file inclusion (RFI) vulnerabilities in A-Blog 2. CVE-2006-5092 affects navigation/menu.php, allowing an attacker to trigger code execution by supplying a URL in the navigation_start parameter. CVE-2006-5135 expands to multiple RFI vectors across...
CVE-2006-5085
Static code injection vulnerability in config.php in Blog Pixel Motion 2.1.1 allows remote attackers to execute arbitrary PHP code via the nomblog parameter, which is injected into include/variables.php...
CVE-2006-5085
Static code injection vulnerability in config.php in Blog Pixel Motion 2.1.1 allows remote attackers to execute arbitrary PHP code via the nomblog parameter, which is injected into include/variables.php...
CVE-2006-5086
Blog Pixel Motion 2.1.1 is affected. The vulnerability allows remote attackers to change the admin username and password via a direct request to insere_base.php using modified (1) login and (2) pass parameters. The original researcher claimed SQL injection, but the report notes that this is not S...
CVE-2006-5085
CVE-2006-5085 affects Blog Pixel Motion 2.1.1. The vulnerability is a static code injection in config.php where the nom_blog parameter is injected into include/variables.php, enabling remote attackers to execute arbitrary PHP code. The available connected documents confirm the affected software v...
A-Blog v2.0 Remote File Include
============================================================================================== A-Blog v2.0 Remote File Include =============================================================================================== Critical Level : Dangerous A-Blog...
A-Blog 2.0 - Multiple Remote File Inclusions
A-Blog 2.0 - Multiple Remote File Inclusions ============================================================================================== A-Blog v2.0 Remote File Include =============================================================================================== Critical Level : Dangerous...
Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit
Exploit for unknown platform in category web applications ================================================================= Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit ================================================================= !/usr/bin/perl Affected.scr..: Blog Pixel...
Blog Pixel Motion 2.1.1 - PHP Code Execution Create Admin
Blog Pixel Motion 2.1.1 - PHP Code Execution Create Admin !/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..:...
A-Blog 2.0 Multiple Remote File Include Vulnerabilities
Exploit for unknown platform in category web applications ======================================================= A-Blog 2.0 Multiple Remote File Include Vulnerabilities =======================================================...
Blog Pixel Motion 2.1.1 - PHP Code Execution / Create Admin
!/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..: www.pixelmotion.org/zip/blog2.1.zip Poc.link......:...
A-Blog 2.0 - Multiple Remote File Inclusions
============================================================================================== A-Blog v2.0 Remote File Include =============================================================================================== Critical Level : Dangerous A-Blog...
Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit
No description provided by source. !/usr/bin/perl Affected.scr..: Blog Pixel Motion V2.1.1 Poc.ID........: 12060927 Type..........: PHP Code Execution stripslashes, SQL Injection urldecode Risk.level....: High Vendor.Status.: Unpatched Src.download..: www.pixelmotion.org/zip/blog2.1.zip...
A-Blog 2.0 Multiple Remote File Include Vulnerabilities
No description provided by source. ============================================================================================== A-Blog v2.0 Remote File Include =============================================================================================== Critical Level : Dangerous A-Blog...
A-Blog V2 (menu.php) Remote File Include Vulnerability
No description provided by source. ToXiC A-Blog Remote File Include BuG FounD by Drago84 Application Affect:A-Blog Source Code: http://prdownloads.sourceforge.net/a-blog/A-BlogV2.rar?download Problem: ?php include "$navigationstart"; ? ?php include"$navigationmiddle"; ? Soluction: Include in page...
A-Blog V2 (menu.php) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ====================================================== A-Blog V2 menu.php Remote File Include Vulnerability ====================================================== ToXiC A-Blog Remote File Include BuG FounD by Drago84 Application...