54 matches found
MySQL Commander <= 2.7 (home) Remote File Inclusion Vulnerability
No description provided by source. \ /\ / | \ | / // / | | \ \ Y / | / / \ /\| /\ / / / / / .OR.ID ECHOADV73$2007 ----------------------------------------------------------------------------------------- ECHOADV73$2007 MySQL Commander = 2.7 home Remote File Inclusion Vulnerability...
OES (Open Educational System) 0.1beta - Remote File Inclusion
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV69$2007 ----------------------------------------------------------------------------------------- ECHOADV69$2007 OES Open Educational System 0.1beta Remote File Inclusion Vulnerability...
phpxd03-rfi.txt
| | \ | Dr Max Virus | / \ | | / / || \ / \ ------------------------------------------------------------------------------------------------------------------------ Script:phpxd Affected Version:0.3 Downlaoad:http://websec.science.uva.nl/kaper/xmlarchief/phpXD/phpxd0.3.tar.gz...
OPENi-CMS 1.0.1beta - 'config' Remote File Inclusion
Update: 22:44 09/11/06 Subject: "OPENi-CMS 1.0.1config Remote File Inclusion Vulnerability " Vulnerable version: OPENi-CMS 1.0.1 Operating System: - All OS Vendor URL: Support - [email protected] Website - http://www.openi-cms.org/ Description: Openi-CMS he one software PHP Content Management...
estateagent.txt
Aria-Security.net Advisory Discovered by: O.U.T.L.A.W Gr33t to: A.U.R.A & Hessam-X & Cl0wn & DrtRp Software: Mambo Component - EstateAgent Attack method: Source: Don't allow direct linking defined 'VALIDMOS' or die 'Direct Access to this location is not allowed.' ; requireonce $mainframe-getPath...
PHProjekt Content Management Module 0.6.1 - Multiple Remote File Inclusions
source: https://www.securityfocus.com/bid/19628/info Multiple remote file-include vulnerabilities affect the Content Management module for PHProjekt because the application fails to properly sanitize user-supplied input before using it in a PHP 'include' function call. An attacker may leverage...
Mafia Moblog <= 6 (pathtotemplate) Remote File Inclusion Vulnerability
------------------------------------------------------------------------ ------------------- Mafia Moblog pathtotemplate Remote File Inclusion ------------------------------------------------------------------------ ------------------- Author : Sh3ll Date : 2006/04/30 HomePage : http://www.sh3ll....
phpBB Advanced GuestBook addentry.php phpbb_root_path Parameter Remote File Inclusion
The remote host is running Advanced Guestbook, a free guestbook written in PHP. The version of Advanced Guestbook installed on the remote host fails to sanitize input to the 'phpbbrootpath' parameter of the 'admin/addentry.php' script before using it in a PHP 'include' function. Provided PHP's...
Design/Logic Flaw
Eval injection vulnerability in ezDatabase 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the dbid parameter to visitorupload.php, as demonstrated using phpinfo and include function calls...
CVE-2006-0214
Eval injection vulnerability in ezDatabase 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the dbid parameter to visitorupload.php, as demonstrated using phpinfo and include function calls...
CodeGrrl Applications Remote File Inclusion Vulnerabilities
The remote host appears to be running at least one of the PHP applications from CodeGrrl - PHPCalendar, PHPClique, PHPFanBase, or PHPQuotes. Under certain conditions, these applications fail to sanitize input to the 'siteurl' parameter of the 'protection.php' script before using it in a PHP...
e107.pl.txt
| | | | | | |/ \ \ /\ / / | | | | \ V V / || ||/ // Security Group. -= e107 remote sploit =- by sysbug Attack method: with this sploit u can send an include vuln to a Host victim the upload go to /images/evil.php C:\Perl\binperl sploit.pl www.site.com -= e107 remote sploit =- by sysbug...
PHP 4/5 - Input/Output Wrapper Remote File Inclusion Function Command Execution
source: https://www.securityfocus.com/bid/10427/info PHP is reportedly affected by an arbitrary command-execution weakness through the PHP 'include' function. This issue is due to a design error that allows the execution of attacker-supplied POST PHP commands when URI data is used as an argument ...
pMachine.txt
Informations : °°°°°°°°°°°°° Language : PHP Version : Free 2.2.1 Website : http://www.pmachine.com Problem : Include Security Hole PHP Code/Location : °°°°°°°°°°°°°°°°°°° This will work if registerglobals is ON OR OFF. /pm/lib.inc.php : ------------------------------------------------------------...