CVE-2009-4623

CVE-2020-35598 (Advanced Comment System 1.0) is affected by Local File Inclusion via advanced_component_system/index.php?ACS_path=..%2f. Exploitation can lead to unauthorized file access and, per the Nuclei entry, may enable remote code execution and full system compromise. CVE-2009-4623 is relat...

CVE-2009-4623

Multiple PHP remote file inclusion vulnerabilities in Advanced Comment System 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the ACSpath parameter to 1 index.php and 2 admin.php in advancedcommentsystem/. NOTE: this might only be a vulnerability when the administrator has n...

Telepark Wiki v2.4.23 Multiple Remote Vulnerabilities

No description provided by source. Abysssec Inc Public Advisory Title : Telepark Wiki Multiple Remote Vulnerabilities Affected Version : = v2.4.23 Vendor Site : www.teamtodo.com Discovery : www.Abysssec.com Vendor contact : 8 november Vendor response : 9 november patch is available in vendor...

Advanced Comment System 1.0 - Multiple Remote File Inclusions

Advanced Comment System 1.0 - Multiple Remote File Inclusions ====================================================== Advanced comment system1.0 Remote File Inclusion Vulnerability Found by : kurdish hackers team C0ntact : pshela at YaHoo .com Groups : Kurd-Team site : www.kurdteam.org...

Advanced Comment System 1.0 - Multiple Remote File Inclusions

====================================================== Advanced comment system1.0 Remote File Inclusion Vulnerability Found by : kurdish hackers team C0ntact : pshela at YaHoo .com Groups : Kurd-Team site : www.kurdteam.org ======================================================= +++++++++++++++++...

Advanced Comment System 1.0 Multiple RFI Vulnerabilities

Exploit for unknown platform in category web applications ======================================================== Advanced Comment System 1.0 Multiple RFI Vulnerabilities ======================================================== ====================================================== Advanced...

e107 Plugin my_gallery 2.4.1 readfile() Local File Disclosure Exploit

Exploit for unknown platform in category web applications ===================================================================== e107 Plugin mygallery 2.4.1 readfile Local File Disclosure Exploit ===================================================================== Web 2 XPL : File 2 Read : i...

e107 Plugin my_gallery 2.4.1 - readfile() Local File Disclosure

e107 Plugin mygallery 2.4.1 - readfile Local File Disclosure Web 2 XPL : File 2 Read : "; if $POST'xpl' $data .= "GET /$vuln$trasv$file HTTP/1.1\r\n"; $data .= "Host: $host\r\n"; $data...

e107 Plugin my_gallery 2.4.1 - 'readfile()' Local File Disclosure

Web 2 XPL : File 2 Read : "; if $POST'xpl' $data .= "GET /$vuln$trasv$file HTTP/1.1\r\n"; $data .= "Host: $host\r\n"; $data .= "C...

Ninja Blog 4.8 XSRF / XSS

Vendor: http://ninjadesigns.co.uk Versions: Ninja Blog 4.8 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at https://www.push55.co.uk/index.php?s=ad&id=7 ---- Due to insufficient validation of client-side data, we can inject script directly into the...

Authentication flaw

admin.php in Multi-Page Comment System MPCS 1.0 and 1.1 allows remote attackers to bypass authentication and gain privileges by setting the CommentSystemAdmin cookie to 1...

CVE-2008-2293

admin.php in Multi-Page Comment System MPCS 1.0 and 1.1 allows remote attackers to bypass authentication and gain privileges by setting the CommentSystemAdmin cookie to 1...

CVE-2008-2293

admin.php in Multi-Page Comment System MPCS 1.0 and 1.1 allows remote attackers to bypass authentication and gain privileges by setting the CommentSystemAdmin cookie to 1...

CVE-2008-2293

The CVE-2008-2293 issue affects Multi-Page Comment System (MPCS) 1.0 and 1.1, where remote attackers can bypass authentication and escalate privileges by setting the CommentSystemAdmin cookie to 1. The available sources describe an authentication bypass via a cookie manipulation, marking it as a ...

Multi-Page Comment System 1.1.0 - Insecure Cookie Handling

Multi-Page Comment System 1.1.0 - Insecure Cookie Handling --==+================================================================================+==-- --==+ Multi-Page Comment System 1.1.0 Insecure Cookie Handling +==--...

Multi-Page Comment System 1.1.0 - Insecure Cookie Handling

--==+================================================================================+==-- --==+ Multi-Page Comment System 1.1.0 Insecure Cookie Handling +==-- --==+================================================================================+==-- Discovered By: t0pP8uZz Discovered On: 15 MAY...

CVE-2006-5624

CVE-2006-5624 affects Multi-Page Comment System (MPCS) 1.0.0 and earlier. Multiple PHP remote file inclusion vulnerabilities allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to (1) include.php or (2) functions.php. Root cause: unvalidated path parameter enablin...

CVE-2006-5624

Multiple PHP remote file inclusion vulnerabilities in Multi-Page Comment System MPCS 1.0.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the path parameter to 1 include.php or 2 functions.php. NOTE: the provenance of this information is unknown; the details are...

MPCS <= 1.0 (path) Remote File Include Vulnerabilities

No description provided by source. ================================================================== Multi-Page Comment System RFI ================================================================== Info:- Scripts: Multi-Page Comment System MPCS Home: http://tpvgames.co.uk/web/mpcs/ Download:...

MPCS 1.0 - 'path' Remote File Inclusion

================================================================== Multi-Page Comment System RFI ================================================================== Info:- Scripts: Multi-Page Comment System MPCS Home: http://tpvgames.co.uk/web/mpcs/ Download:...