phpCMS 1.2.2 - 'file' Remote File Disclosure

Digital Security Research Group DSecRG Advisory DSECRG-08-005 Application: phpCMS Versions Affected: 1.2.2 Vendor URL: http://www.phpcms.de Bug: Remote File Disclosure, Get admin password Exploits: YES Reported: 10.01.2008 Vendor response: 12.01.2008 Date of Public Advisory: 29.01.2008 Authors:...

phpMyClub 0.0.1 (page_courante) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== phpMyClub 0.0.1 pagecourante Local File Inclusion Vulnerability ================================================================== phpMyClub Local File Inclusion...

CVE-2008-0455

Cross-site scripting XSS vulnerability in the modnegotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary web script or HTML by...

PT-2008-2087 · Apache +2 · Apache Http Server +2

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 1.3.39 and earlier, 2.0.61 and earlier, 2.2.6 and earlier Description: A cross-site scripting XSS issue exists in the mod negotiation module, allowing remote authenticated users to inject arbitrary web script or HT...

Debian Security Advisory DSA 1125-1 (drupal)

The remote host is missing an update to drupal announced via advisory DSA 1125-1. Several remote vulnerabilities have been discovered in the Drupal web site platform, which may lead to the execution of arbitrary web script. The Common Vulnerabilities and Exposures project identifies the following...

Apache 2.2.6 (Windows) - Share PHP File Extension Mapping Information Disclosure

source: https://www.securityfocus.com/bid/26939/info Apache is prone to an information-disclosure vulnerability. This issue occurs because Apache fails to properly associate file extensions with the correct engines when handling specially crafted requests for files on Windows SMB shares. Attacker...

Uber Uploader <= 5.3.6 Remote File Upload Vulnerability

Uber Uploader = 5.3.6 Remote File Upload Vulnerability Download: http://sourceforge.net/projects/uber-uploader Bug found by JosS / Jose Luis Gуngora Fernбndez Contact: sys-projectathotmail.com Spanish Hackers Team www.spanish-hackers.com /server irc.freenode.net /join fullsecure .vuln/ There isn'...

Directory traversal

c32web.exe in McMurtrey/Whitaker Cart32 before 6.4 allows remote attackers to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte %00 sequence followed by an image file extension, as demonstrated by a request for a ".txt%00.gif" file. NOTE: this might b...

Design/Logic Flaw

epesi framework before 0.8.6 does not properly verify file extensions, which allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving the gallery images upload feature. NOTE: some of these details are obtained from third party information...

CVE-2007-4026

epesi framework before 0.8.6 does not properly verify file extensions, which allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving the gallery images upload feature. NOTE: some of these details are obtained from third party information...

CVE-2007-4026

CVE-2007-4026 affects the Epesi framework prior to 0.8.6. The issue: improper verification of file extensions during the gallery images upload feature, enabling remote attackers to upload and execute arbitrary PHP code via unspecified vectors. Documents do not provide explicit exploit steps or af...

Ray Chi-news publishing system(any version)exploit-vulnerability warning-the black bar safety net

Copyright to the vulnerability discoverer focn all, reproduced please keep the article intact, and indicate the source of! This article only do the study with, to any person for any illegal purpose himself does not bear any responsibility! Author: black radish System: ray Chi press release...

GLSA-200705-16 : PhpWiki: Remote execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200705-16 PhpWiki: Remote execution of arbitrary code Harold Hallikainen has reported that the Upload page fails to properly check the extension of a file. Impact : A remote attacker could upload a specially crafted PHP file to th...

Analysis upload vulnerability-vulnerability warning-the black bar safety net

This article sent to the hacker line of Defense of 2006.4 period, reproduced please indicate the Analysis upload vulnerability in the form English / the loneliness of the hedgehog In a brief introduction through the injection vulnerability check and fill, following the coupling re-introduce a...

Microsoft Windows fails to properly handle malformed OLE documents

Overview A vulnerability exists in a Microsoft Windows library that is used to handle OLE documents. The complete impact of this vulnerability is not clear, but may include the execution of arbitrary code as well as a denial of service. Description Microsoft OLE documents include summary...

Microsoft Word fails to properly handle malformed strings

Overview A vulnerability in the way Microsoft Word handles malformed Word Document streams could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Word contains a memory corruption vulnerability that could be triggered when Word opens...

MS Interactive Training .cbo Overflow

======================================================================== = MS Interactive Training .cbo Overflow = = MS Bulletin posted: = http://www.microsoft.com/technet/security/bulletin/MS07-005.mspx = = Affected Software: = Microsoft Windows 2000 = Microsoft Windows XP = Microsoft Windows...

CVE-2006-4581

Unrestricted file upload vulnerability in The Address Book 1.04e validates the Content-Type header but not the file extension, which allows remote attackers to upload arbitrary PHP scripts...

DansGuardianHex编码文件扩展名URI内容过滤绕过漏洞 Exploit

No description provided by source. Rubén Molina （[email protected]）提供了如下测试方法： 使用如下扩展名： http://server/file.%65%78%65 或http://server/file%2eexe...

dc-arbitrary.txt

/ -061124b- \ | deV!Lz Clanportal - Arbitrary File Upload | \ / S Y N O P S I S / =================' - access: remote severity: high - deV!Lz Clanportal allows nearly arbitrary files to be uploaded and stored on the server's filesystem, which enables anyone, even without a user account, to upload...