142 matches found
dedecms v5. 1 vulnerability-the vulnerability warning-the black bar safety net
\include\incbookfunctions.php --------------------------------------------------- ...... function WriteBookText$cid,$body span id="more-1 9 4 4"/span global $cfgcmspath,$cfgbasedir; $ipath = $cfgcmspath."/ data/textdata"; $tpath = ceil$cid/5 0 0 0; if! isdir$cfgbasedir.$ ipath...
CYASK 3.x (collect.php neturl) Local File Disclosure Vulnerability
No description provided by source. This vulnerability leads to that the attacker can read any file on your webserver when it installs cyask. The $neturl variable in collect.php is short of enough check. When the attacker registers a new user, he can pass the user check and then submit any filenam...
Debian Security Advisory DSA 168-1 (PHP3, PHP4)
The remote host is missing an update to PHP3, PHP4 announced via advisory DSA 168-1. OpenVAS Vulnerability Test $Id: deb1681.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 168-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Tikiwiki CMS tiki-listmovies.php文件目录遍历漏洞
BUGTRAQ ID: 27008 TikiWiki是一款网站内容管理系统,基于PHP+ADOdb+Smarty等技术构建。 TikiWiki的实现上存在输入验证漏洞,远程攻击者可能利用此漏洞非授权访问到服务器上任意文件的部分内容。 TikiWiki的tiki-listmovies.php脚本允许用户获得任意文件的前1000个字节。该脚本将movie参数值设置为$movie,删除最后4字节并添加.xml扩展名,然后调用fopen$confFile,'r'打开文件并读取文件的前1000个字节,接着传送这1000字节用作MovieWidth和MovieHeight...
CVE-2007-0448
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safemode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI...
CVE-2007-0448
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safemode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI...
Design/Logic Flaw
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safemode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI...
CVE-2007-0448
The fopen function in PHP 5.2.0 does not properly handle invalid URI handlers, which allows context-dependent attackers to bypass safemode restrictions and read arbitrary files via a file path specified with an invalid URI, as demonstrated via the srpath URI...
CVE-2007-0448
CVE-2007-0448 : The PHP 5.2.0 fopen implementation fails to properly handle invalid URI handlers, enabling context-dependent attackers to bypass safe_mode and read arbitrary files via a path specified with an invalid URI (illustrated by the srpath URI). This is documented across multiple sources ...
PHP FOpen Safe_Mode限制绕过漏洞
PHP是一款开放源代码的网络编程语言。 PHP存在安全模式绕过问题,远程攻击者可以利用漏洞写文件到其他未授权位置,建立文件并执行。 在PHP 5.2.0中可使用写模式绕过safemode,fopen函数描述如下: - -845-845--- Code from PHP520 ext/standard/file.c START stream = phpstreamopenwrapperexfilename, mode, useincludepath ? USEPATH : 0 | ENFORCESAFEMODE | REPORTERRORS, NULL, context; -...
PHP Safe Mod protection bypass
It's possible to traverse working directory protection by using writing mode srpath://../ file prefix for fopen...
[Full-disclosure] PHP 5.2.0 safe_mode bypass (by Writing Mode)
Source: http://securityreason.com/achievementsecurityalert/44 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.2.0 safemode bypass by Writing Mode Author: Maksymilian Arciemowicz SecurityReason Date: - - Written: 02.12.2006 - - Public: 24.01.2007 SecurityAlert Id: 44 CVE: CVE-2007-0448...
phpPowerCards 2.10 (txt.inc.php) Remote Code Execution Vulnerability
No description provided by source. +------------------------------------------------------------------------------------------- + phpPowerCards 2.10 txt.inc.php Remote Code Execution Vulnerability +------------------------------------------------------------------------------------------- +...
PHPPowerCards 2.10 - txt.inc.php Remote Code Execution
PHPPowerCards 2.10 - txt.inc.php Remote Code Execution +------------------------------------------------------------------------------------------- + phpPowerCards 2.10 txt.inc.php Remote Code Execution Vulnerability...
pNews <= 1.1.0 (nbs) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ====================================================== pNews = 1.1.0 nbs Remote File Include Vulnerability ====================================================== PowerNews v1.1.0 nbs Remote File Inclusion Affected Software .: PowerNews...
sendcard_340_xpl.txt
!/usr/bin/php -q -d shortopentag=on php injection\n"; echo " works against magicquotesgpc=Off\n"; echo " 2 - arbitrary remote inclusion\n"; echo " works against allowurlfopen=On\n"; echo " 3 - arbitrary local inclusion\n"; echo " works regardless of php.ini settings\n"; echo " and if you succeed ...
FreeBSD : WebCalendar -- information disclosure vulnerability (09c92f3a-fd49-11da-995c-605724cdf281)
Secunia reports : socsam has discovered a vulnerability in WebCalendar, which can be exploited by malicious people to bypass certain security restrictions and disclose sensitive information. Input passed to the 'includedir' parameter isn't properly verified, before it is used in an 'fopen' call...
DotClear <= 1.2.4 (prepend.php) Arbitrary Remote Inclusion Exploit
Exploit for unknown platform in category web applications ================================================================== DotClear = 1.2.4 prepend.php Arbitrary Remote Inclusion Exploit ================================================================== !/usr/bin/php -q -d shortopentag=on ? ech...
Remote file inclusion
PHP remote file inclusion vulnerability in includes/config.php in WebCalendar 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter, which is remotely accessed in an fopen call whose results are used to define a userinc setting that is used in an...
CVE-2006-2762
PHP remote file inclusion vulnerability in includes/config.php in WebCalendar 1.0.3 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter, which is remotely accessed in an fopen call whose results are used to define a userinc setting that is used in an...