1414 matches found
Liesbeth Base CMS - Information Disclosure
Liesbeth Base CMS - Information Disclosure source: https://www.securityfocus.com/bid/24749/info Liesbeth Base CMS is prone to an information-disclosure vulnerability. Exploiting this issue may allow an attacker to access sensitive information that may aid in further attacks...
evisioncms-exec.txt
!/usr/bin/php -q -d shortopentag=on ...need i say more? Bug 2 admin/functions.php: if isset$COOKIE'adminlang' $languageselector = $COOKIE'adminlang'; else $languageselector = "en"; include"lang/".$languageselector.".php"; ...speaks for it self really. Bug 3 ; $sql = "SELECT stylecss FROM template...
Directory traversal
Directory traversal vulnerability in index.php in Open Solution Quick.Cart 2.2 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in an sLanguage cookie, which is used to define a value in config/general.php...
e-Vision CMS 2.02 - SQL Injection / Remote Code Execution
!/usr/bin/php -q -d shortopentag=on ...need i say more? Bug 2 admin/functions.php: if isset$COOKIE'adminlang' $languageselector = $COOKIE'adminlang'; else $languageselector = "en"; include"lang/".$languageselector.".php"; ...speaks for it self really. Bug 3 ; $sql = "SELECT stylecss FROM template...
e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit
Exploit for unknown platform in category web applications ================================================================ e-Vision CMS ...need i say more? Bug 2 admin/functions.php: if isset$COOKIE'adminlang' $languageselector = $COOKIE'adminlang'; else $languageselector = "en";...
e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ?php / Explanation: Bug 1 admin/showimg.php: ?php $fp = fopen$GET'img', "r"; $img = fread$fp, filesize$GET'img'; fclose$fp; header"Content-type: ".$GET'type'; echo $img; ? ...need i say more? Bug 2 admin/functions.php: if...
CVE-2007-2647
Static code injection vulnerability in admin/adminconfiguration.php in Monalbum 0.8.7 allows remote authenticated users to inject arbitrary PHP code into the conf/config.inc.php file via the 1 gadmpass, 2 gadmuser, 3 gcfgHote, 4 gcfgPass, 5 gcfgUser, 6 gclassementrep, 7 gcontour, 8 gfond, 9...
Original 0.11 - 'config.inc.php?x[1]' Remote File Inclusion
Original Version 0.11config.inc.php Remote File Inclusion Vulnerability D.Script: http://xanatos.glo.org.mx/bi/original-0.11.tar.bz2 Discovered by: GolDM = Mahmoodali Homepage: http://www.Tryag.Com/cc Exploit:Path/inc/config.inc.php?x1=Shell Greetz To: Tryag-Team .... milw0rm.com 2007-05-10...
PHPOracleView - 'include_all.inc.php?page_dir' Remote File Inclusion
=============================== phporacleview = pagedir Remote File Inclusion Exploit =============================== Discoverd By : Alkomandoz Hacker HomePge= Asb-May.Net & Mohandko.com & Sniper-sa.com & Tryag.com ================================ Script Name: phporacleview Download Script:...
CVE-2007-2001
Multiple direct static code injection vulnerabilities in admin/configurer2.php in Crea-Book 1.0 and earlier allow remote authenticated administrators to execute arbitrary PHP code via the "Fond de la page" background color field and other unspecified fields, which injects into config.inc.php3...
SQLiteManager include/config.inc.php SQLiteManager_currentTheme Cookie Local File Inclusion
Binary data 3925.prm...
CVE-2007-0573
PHP remote file inclusion vulnerability in includes/config.inc.php in nsGalPHP 0.41 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the racineTBS parameter...
PhpSherpa (include/config.inc.php) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ==================================================================== PhpSherpa include/config.inc.php Remote File Include Vulnerability ====================================================================...
Fedora Core 5 : squirrelmail-1.4.7-2.fc5 (2006-788)
Many fixes here. Please report any regressions to Red Hat Bugzilla. - 1.4.7 with CVE-2006-3174 197369 - Move sqspellconfig.php to /etc and mark it %%confignoreplace 192236 - Reduce patch for body text 194457 - Better JP translation for 'Check mail' 196117 - Japanese zenkaku subject conversion...
CVE-2007-0100
The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows remote attackers to overwrite arbitrary files by modifying the client config file on the server, or by operating a malicious server...
CVE-2007-0100
The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows remote attackers to overwrite arbitrary files by modifying the client config file on the server, or by operating a malicious server...
Debian DSA-1242-1 : elog - several vulnerabilities
Several remote vulnerabilities have been discovered in elog, a web-based electronic logbook, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-5063 Tilman Koschnick discovered that log entry editing i...
Pagetool CMS <= 1.07 (pt_upload.php) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ====================================================================== Pagetool CMS = 1.07 ptupload.php Remote File Include Vulnerability ====================================================================== !usr/bin/perl use...
ME Download System <= 1.3 (header.php) Remote Inclusion Vulnerability
No description provided by source. +-------------------------------------------------------------------- + + ME Download System 1.3 Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: ME Download System 1.3 + Venedor ...........:...
Phpjobscheduler 3.0 (installed_config_file) File Include Vulnerabilities
No description provided by source. ====================================================================== Phpjobscheduler 3.0 - Multiple Remote File Include by Firewall Application Affect: phpjobscheduler 3.0 Source Code: http://scripts.ringsworld.com/development-tools/phpjobscheduler.v3.0.zip...