scWiki Common.PHP远程文件包含漏洞

scWiki是一款基于PHP的WEB应用程序。 scWiki不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB权限执行任意PHP代码。 问题是由于'Common.PHP'脚本对用户提交的'pathdot'参数缺少过滤，指定远程服务器上的任意文件作为包含参数，可导致以WEB权限执行任意PHP代码。 scWiki scWiki 1.0 beta 2 目前没有详细解决方案提供： http://sourceforge.net/projects/sc-wiki/ http://www.example.com/path/includes/common.php?pathdot=Shell...

scWiki 1.0 Beta 2 - common.php?pathdot Remote File Inclusion

scWiki 1.0 Beta 2 - common.php?pathdot Remote File Inclusion scWiki 1.0 Beta 2 common.php pathdot Remote File Inclusion Vulnerability http://heanet.dl.sourceforge.net/sourceforge/sc-wiki/scwikibeta2.zip POC : /includes/common.php?pathdot=Shell milw0rm.com 2007-11-03...

Sql injection

Multiple SQL injection vulnerabilities in wolioCMS allow remote attackers to execute arbitrary SQL commands via 1 the id parameter to member.php in a page action, related to a SELECT statement in common.php; and the 2 loginid parameter uid variable, and possibly the 3 pwd parameter, to...

woliocms-sql.txt

wolioCMS - SQL Injection and Bypass Administrator Login Vendor : http://www.buton.web.id/member.php?member=anon Download : http://www.buton.web.id/download/woliocms.zip Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net Exploit ini berhasil jika...

wolioCMS Auth Bypass / Remote SQL Injection Vulnerabilities

No description provided by source. wolioCMS - SQL Injection and Bypass Administrator Login Vendor : http://www.buton.web.id/member.php?member=anon Download : http://www.buton.web.id/download/woliocms.zip Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg @irc.dal.net...

netclassifieds-multi.txt

Application: NetClassifieds version: -Free Edition -Standard Edition -Professional Edition -Premium Edition Web Site: http://www.scriptdevelopers.net/ Versions: all Platform: linux, windows Bug: multiple injection sql , xss , full path Fix Available: Yes...

Design/Logic Flaw

NetClassifieds Premium Edition allows remote attackers to obtain sensitive information via certain requests that reveal the path in an error message, related to the displayerrors setting in 1 Common.php and 2 imageresizer.php, and 3 the use of FILE in error reporting by imageresizer.php; and 4 vi...

NetClassifieds [multiple vulnerabilities]

Application: NetClassifieds version: -Free Edition -Standard Edition -Professional Edition -Premium Edition Web Site: http://www.scriptdevelopers.net/ Versions: all Platform: linux, windows Bug: multiple injection sql , xss , full path Fix Available: Yes...

NetClassifieds (SQL/XSS/Full Path) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ================================================================== NetClassifieds SQL/XSS/Full Path Multiple Remote Vulnerabilities ================================================================== Application: NetClassifieds: -Free Editi...

NetClassifieds - SQL Injection Cross-Site Scripting Full Path

NetClassifieds - SQL Injection Cross-Site Scripting Full Path Application: NetClassifieds: -Free Edition -Standard Edition -Professional Edition -Premium Edition Web Site: http://www.scriptdevelopers.net/ Versions: all Platform: linux, windows Bug: multiple injection sql , xss , full path Fix...

tsp-admin.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc4 echo "Usage: php ".$argv0." Host Path ID password Host: target server ip/hostname Path: path of template ID: A Valid Admin ID usally 1 works for the 'admin' nickname password: The PWD you want ...

AlstraSoft Live Support v1.21 Admin Credential Retrieve Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo " AlstraSoft Live Support v1.21 Admin Credential Retrieve Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love "; if $argc2 echo "Usage: php...

livesup-admin.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc2 echo "Usage: php ".$argv0." Host Path Host: target server ip/hostname Path: path of LiveSupport Example: php ".$argv0." localhost /LiveSupport/ "; die; errorreporting0;...

yaap-rfi.txt

-------------------------------------------------------------------------------- Script name.......:Yaap Affected Version.....:1.5 D.page..:http://yaap.oskbraniewo.pl/download/yaap15.tar.gz -------------------------------------------------------------------------------- Author:3l3ctric-Cracker Dr...

Remote file inclusion

PHP remote file inclusion vulnerability in includes/common.php in Yaap 1.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter, possibly related to the autoload function...

CVE-2007-2664

PHP remote file inclusion vulnerability in includes/common.php in Yaap 1.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter, possibly related to the autoload function...

YAAP <= 1.5 __autoload() Remote File Inclusion Vulnerability

No description provided by source. -------------------------------------------------------------------------------- Script name.......:Yaap Affected Version.....:1.5 D.page..:http://yaap.oskbraniewo.pl/download/yaap15.tar.gz...

YAAP 1.5 - '__autoload()' Remote File Inclusion

-------------------------------------------------------------------------------- Script name.......:Yaap Affected Version.....:1.5 D.page..:http://yaap.oskbraniewo.pl/download/yaap15.tar.gz -------------------------------------------------------------------------------- Author:3l3ctric-Cracker Dr...

CVE-2007-2521

PHP remote file inclusion vulnerability in common.php in E-GADS! before 2.2.7 allows remote attackers to execute arbitrary PHP code via a URL in the locale parameter...

SaBlog-X 1.5 storm path-vulnerability warning-the black bar safety net

Source: Amxku blog www.amxku.net common.php $options'gzipcompress' && functionexists'obgzhandler' ? obstart'obgzhandler' : obstart; Changed to: $options'gzipcompress' && functionexists'obgzhandler' ? @obstart'obgzhandler' : obstart; Discuz! Before seems to have there been such problems...