CVE-2006-6966

phpGraphy before 0.9.13a does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a config.php file via the pictures parameter to...

Flipper Poll v1.1.0 (poll.php) remote file include vuln

Flipper Poll v1.1.0 poll.php remote file include vuln --------------------------------------------------------------------------------- Found: Cyber-Security cyber-security.org --------------------------------------------------------------------------------- Script Download:...

Epistemon 1.0 (common.php inc_path) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ===================================================================== Epistemon 1.0 common.php incpath Remote File Include Vulnerability =====================================================================...

Code injection

download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php...

Remote file inclusion

PHP remote file inclusion vulnerability in config.php in RPW 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the sqllanguage parameter...

RPW Config.PHP远程文件包含漏洞

RPW是一款基于PHP的WEB应用程序。 RPW不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Config.PHP'脚本对用户提交的'sqllanguage'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 RPW 1.0.2 目前没有解决方案提供 http://www.example.com/include/config.php?sqllanguage=shell.txt...

RPW 1.0.2 (config.php sql_language) Remote File Inclusion Vulnerability

No description provided by source. | | \ | Dr Max Virus | / \ | | / / || \ / \ ------------------------------------------------------------------------------...

RPW 1.0.2 - config.php?sql_language Remote File Inclusion

RPW 1.0.2 - config.php?sqllanguage Remote File Inclusion | | \ | Dr Max Virus | / \ | | / / || \ / \ ------------------------------------------------------------------------------------------------------------------------ Script:RPW Affected Version:1.0.2...

RPW 1.0.2 (config.php sql_language) Remote File Inclusion Vulnerability:

| | | Dr Max Virus | / | | / / || / ------------------------------------------------------------------------------------------------------------------------ Script:RPW Affected Version:1.0.2 Downlaoad&Victim:http://vlad.tepesch.free.fr/mods/rpw1.0.2.zip...

RPW 1.0.2 (config.php sql_language) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ======================================================================= RPW 1.0.2 config.php sqllanguage Remote File Inclusion Vulnerability ======================================================================= | | \ | Dr Max Virus | / \...

RPW 1.0.2 - 'config.php?sql_language' Remote File Inclusion

| | \ | Dr Max Virus | / \ | | / / || \ / \ ------------------------------------------------------------------------------------------------------------------------ Script:RPW Affected Version:1.0.2 Downlaoad&Victim:http://vlad.tepesch.free.fr/mods/rpw1.0.2.zip...

PHPIndexPage 1.0.1 - 'config.php' Remote File Inclusion

!/usr/bin/perl phpindexpage 1.0 & 1.0.1 config.phpRemote File Include Vulnerability Bug Found : DeltahackingTEAM discovery:Dr.Pantagon & Exploitet By Dr.Pantagon Class: Remote File Include Vulnerability exemplary Exp: http://www.site.com/config.php?envincpath= Remote: Yes Type: Highly critical...

PHPIndexPage 1.0.1 - config.php Remote File Inclusion

PHPIndexPage 1.0.1 - config.php Remote File Inclusion !/usr/bin/perl phpindexpage 1.0 & 1.0.1 config.phpRemote File Include Vulnerability Bug Found : DeltahackingTEAM discovery:Dr.Pantagon & Exploitet By Dr.Pantagon Class: Remote File Include Vulnerability exemplary Exp:...

magic photo storage website Multiple Remote File Inclusion

============================ HItamputih Crew ==================== hitamputih Advisory Discovered By : IbnuSina ----------------------------------------------------------- Software: createauction Script : http://www.scriptaty.net/magic-photo-storage-website.html Method: file inclusion Thanks To :...

TorrentFlux 2.2 - 'downloaddetails.php' Local File Disclosure

Description: TorrentFlux fails to sanitise the variable "alias" in downloaddetails.php. This allows an attacker to include any file they want; the contents is displayed at in the spaces provided and the remaning data is displayed as error messages on the page. Overall Torrentflux makes it look...

TorrentFlux 2.2 - downloaddetails.php Local File Disclosure

TorrentFlux 2.2 - downloaddetails.php Local File Disclosure Description: TorrentFlux fails to sanitise the variable "alias" in downloaddetails.php. This allows an attacker to include any file they want; the contents is displayed at in the spaces provided and the remaning data is displayed as erro...

Thatware <= 0.4.6 (root_path) Remote File Include Vulnerability

No description provided by source. Thatware 0.4.6 rootpath Remote File Inclusion CreW: ToXiC Bug Found by Drago84 Source Code: http://ufpr.dl.sourceforge.net/sourceforge/thatware/thatware0.4.6.tar.gz Page Affect config.php ExP:...

TorrentFlux 2.2 Arbitrary File Creation/Overwrite/Deletion & Command Execution Vulnerablities

r0ut3r Presents... Another r0ut3r discovery! TorrentFlux 2.2 Arbitrary File Creation/Overwrite/Deletion & Command Execution Vulnerablities Software: TorrentFlux 2.2 Vendor: http://www.torrentflux.com/ Released: 2006/11/15...

torrentflux 2.2 - Arbitrary File Create/ Execute/Delete

r0ut3r Presents... Another r0ut3r discovery! TorrentFlux 2.2 Arbitrary File Creation/Overwrite/Deletion & Command Execution Vulnerablities Software: TorrentFlux 2.2 Vendor: http://www.torrentflux.com/ Released: 2006/11/15...

torrentflux 2.2 - Arbitrary File Create ExecuteDelete

torrentflux 2.2 - Arbitrary File Create ExecuteDelete r0ut3r Presents... Another r0ut3r discovery! TorrentFlux 2.2 Arbitrary File Creation/Overwrite/Deletion & Command Execution Vulnerablities Software: TorrentFlux 2.2 Vendor: http://www.torrentflux.com/ Released: 2006/11/15...