422 matches found
McGallery 0.5b - 'download.php' Arbitrary File Download
Piker McGallery 0.5b Arbitrary File Download Vulnerability Affected software: McGallery 0.5b Vendor: http://sourceforge.net/projects/mcgallery/ Dork: allintitle: "MCgallery 0.5b" http://target/path/download.php?filename=main.php Found by Piker The Am0s Team Greetz: KX-T33, kakalake, nAzGuL, Putus...
Directory traversal
Directory traversal vulnerability in download.php in Ahmet Sacan Pickle before 20070301 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
CVE-2007-1100
CVE-2007-1100 describes a directory traversal vulnerability in the Proj. Ahmet Sacan’s Pickle project (before 20070301). The flaw resides in download.php, where an attacker can supply a crafted file parameter containing ".." to cause arbitrary local file disclosure. Affected component: Pickle (Ah...
CVE-2007-1100
Directory traversal vulnerability in download.php in Ahmet Sacan Pickle before 20070301 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
Pickle 0.3 - download.php Local File Inclusion
Pickle 0.3 - download.php Local File Inclusion source: https://www.securityfocus.com/bid/22703/info picKLE is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local...
CVE-2007-0620
download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php...
CVE-2007-0620
download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php...
FD Script 1.3.2 - download.php Remote File Disclosure
FD Script 1.3.2 - download.php Remote File Disclosure Title : FdScript = v1.3.2 Remote File Disclosure Vulnerability Author : ajann Contact : : Site : http://stud.usv.ro/vladl/ $$ : Free SOURCE--------------------------------------------------------- http://target/path//download.php?fname=SOURCE...
Directory traversal
download.php in Joonas Viljanen JV2 Folder Gallery allows remote attackers to read sensitive files via a relative pathname in the file parameter, as demonstrated by config/gallerysetup.php. NOTE: this issue might be resultant from a directory traversal vulnerability...
CVE-2007-0329
CVE-2007-0329 affects the JV2 Folder Gallery (download.php) where a relative pathname in the file parameter enables directory traversal to read sensitive files (as shown by config/gallerysetup.php). Root cause is a path handling flaw; exploitation details are not provided in the supplied document...
JV2 Folder Gallery 3.0 - download.php Remote File Disclosure
JV2 Folder Gallery 3.0 - download.php Remote File Disclosure / Script Name :JV2 Folder Gallery Script site :www.jv2.net Discovered by :SaO Exploit Coded by :PeTrO Credits To soulreaver,Kuz3y Compile: Visual C++ or DevC++ / include include include pragma commentlib,"ws232.lib" int mainint argc, ch...
SZEWO PhpCommander Download.PHP本地文件包含漏洞
SZEWO PhpCommander是一款基于PHP的WEB应用程序。 SZEWO PhpCommander不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限查看系统文件内容。 问题是由于'Download.PHP'脚本对用户提交的WEB参数缺少过滤,提交包含多个"../"字符作为参数数据,可绕过WEB ROOT限制,以WEB进程权限查看系统文件内容。 SZEWO PhpCommander 3.0 http://www.szewo.com/php/commander/eng/ !/usr/bin/php -q -d shortopentag=on $devilteam...
Sisfo Kampus 0.8 - Remote File Inclusion / Download
Source Code = Sisfokampus 0.8 Website = www.Sisfokampus.net Author = E. Setio Dewo [email protected] Dorkz : Allinurl: /index.php?exec= File Vuln : index.php print.php download.php Local File Include Found by : Wawan Firmansyah a.k.a Ang|n [email protected] Source of index.php...
16 HTTP Upload Tool (download.php) Information Disclosure Vulnerability
No description provided by source. Target: HTTP Upload Tool For PHP 1.0 http://uploadtool.sourceforge.net/ Vulnerability: Information disclosure Description: The download.php file in Upload Tool for PHP neither verifies that a requestor has authenticated, nor performs any sanity checking on the...
HTTP Upload Tool - download.php Information Disclosure
HTTP Upload Tool - download.php Information Disclosure Target: HTTP Upload Tool For PHP 1.0 http://uploadtool.sourceforge.net/ Vulnerability: Information disclosure Description: The download.php file in Upload Tool for PHP neither verifies that a requestor has authenticated, nor performs any sani...
HTTP Upload Tool - 'download.php' Information Disclosure
Target: HTTP Upload Tool For PHP 1.0 http://uploadtool.sourceforge.net/ Vulnerability: Information disclosure Description: The download.php file in Upload Tool for PHP neither verifies that a requestor has authenticated, nor performs any sanity checking on the file being requested. This allows an...
CVE-2006-4794
Multiple cross-site scripting XSS vulnerabilities in e107 0.7.5 allow remote attackers to inject arbitrary web script or HTML via the query string PATHINFO in 1 contact.php, 2 download.php, 3 admin.php, 4 fpw.php, 5 news.php, 6 search.php, 7 signup.php, 8 submitnews.php, and 9 user.php. NOTE: the...
CVE-2006-4757
Multiple SQL injection vulnerabilities in the admin section in e107 0.7.5 allow remote authenticated administrative users to execute arbitrary SQL commands via the 1 linkopentype, 2 linkrender, 3 linkclass, and 4 linkid parameters in a links.php; the 5 searchquery parameter in b users.php; and th...
Sql injections in e107 [Admin section]
Hi, There are several sql injections in e107 0.7.5 admin section : I The "linkopentype", "linkrender" and "linkclass" parameters are passed to "dbInsert" function without checking : File /e107admin/links.php, Line 496 : $sql-dbInsert"links", "0, '$linkname', '$linkurl', '$linkdescription',...
Mambo phpBB Component download.php phpbb_root_path Parameter Remote File Inclusion
The remote host is running the phpBB component for Mambo, a web-based bulletin board. The version of the phpBB component for Mambo installed on the remote host fails to sanitize input to the 'phpbbrootpath' parameter of the 'download.php' and other scripts before using it to include PHP code...