PHP AMX 0.90 - pluginsmain.php Remote File Inclusion

PHP AMX 0.90 - pluginsmain.php Remote File Inclusion phpamx 0.90 Class: Remote|Local File Include Vulnerability Patch: Unavailable Published 2006/10/18 Remote: Yes Local: No Type: High Site: http://sourceforge.net/projects/phpamx/ Author: MP Contact: [email protected] Vuln Code...

PHPRecipeBook <= 2.35 (g_rb_basedir) Remote File Include Exploit

Exploit for unknown platform in category web applications ================================================================ PHPRecipeBook = 2.35 grbbasedir Remote File Include Exploit ================================================================ !/usr/bin/perl PHPRecipeBook 2.36 Class: Remote...

Boonex Dolphin &lt;= 5.2 index.php Remote Code Execution Exploit

No description provided by source. !/usr/bin/php ?php / Boonex Dolphin 5.2 Remote Command Execution / File Inclusion Vulnerability Note: Requires register globals to be on, and magic quotes gpc to be off. Usage: php script.php host path command Usage Example: php script.php domain.com /dolphin/...

Comdev One Admin 4.1 - Adminfoot.php Remote Code Execution

Comdev One Admin 4.1 - Adminfoot.php Remote Code Execution !/usr/bin/php //oneadmin/adminfoot.php?pathdocroot= Googledork: inurl:/oneadmin/ w4ck1ng - w4ck1ng.com / if!$argv3 die"Usage: php $argv0 host path command\n Usage Example: php $argv0 domain.com /dolphin/ whoami\n"; function send$host, $pu...

Boonex Dolphin 5.2 - index.php Remote Code Execution

Boonex Dolphin 5.2 - index.php Remote Code Execution !/usr/bin/php //templates/tmpldfl/scripts/index.php?dirinc= w4ck1ng - w4ck1ng.com / if!$argv3 die"Usage: php $argv0 host path command\n Usage Example: php $argv0 domain.com /dolphin/ whoami\n"; function send$host, $put global $data; $conn =...

Comdev One Admin 4.1 - &#039;Adminfoot.php&#039; Remote Code Execution

!/usr/bin/php //oneadmin/adminfoot.php?pathdocroot= Googledork: inurl:/oneadmin/ w4ck1ng - w4ck1ng.com / if!$argv3 die"Usage: php $argv0 host path command\n Usage Example: php $argv0 domain.com /dolphin/ whoami\n"; function send$host, $put global $data; $conn = fsockopen gethostbyname$host,"80" ;...

[Full-disclosure] MHL-2006-002 Public Advisory: &quot;Call-Center-Software&quot; Multiple Security Issues

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MHL-2006-002 - Public Advisory +-----------------------------------------------------------+ | Call-Center-Software Multiple Security Issues | +-----------------------------------------------------------+ PUBLISHED ON October 11th, 2006 PUBLISHED AT...

CVE-2006-4823

PHP remote file inclusion vulnerability in scripts/newspage.php in Reamday Enterprises Magic News Pro 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the scriptpath parameter...

CVE-2006-4835

Bluview Blue Magic Board BMB aka BMForum 5.5 allows remote attackers to obtain sensitive information via a direct request to 1 footer.php, 2 header.php, 3 dbmysqlerror.php, 4 langlist.php, 5 sendmail.php, or 6 style.php, which reveals the path in various error messages...

CVE-2006-4823

PHP remote file inclusion vulnerability in scripts/newspage.php in Reamday Enterprises Magic News Pro 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the scriptpath parameter...

CVE-2006-4835

Bluview Blue Magic Board BMB aka BMForum 5.5 allows remote attackers to obtain sensitive information via a direct request to 1 footer.php, 2 header.php, 3 dbmysqlerror.php, 4 langlist.php, 5 sendmail.php, or 6 style.php, which reveals the path in various error messages...

CVE-2006-4823

CVE-2006-4823 is a PHP remote file inclusion vulnerability in the Reamday Enterprises Magic News Pro 1.0.3 and earlier . The flaw allows an attacker to execute arbitrary PHP code via a URL supplied in the script_path parameter, enabling remote code execution. The connected NVD entries confirm the...

CVE-2006-4835

The CVE-2006-4835 entry affects Bluview Blue Magic Board (BMB)/BMForum version 5.5. The issue allows remote attackers to obtain sensitive information through direct requests to several PHP scripts (footer.php, header.php, db_mysql_error.php, langlist.php, sendmail.php, style.php). Error messages ...

Fullpath disclosure in Blue Magic Board 5.5

Blue Magic Board BMB is nice forum system written by http://bmforum.com Some file error and show fullpath. I test newest version, maybe all older versions are infected. http://domain.ext/bmbpath/footer.php http://domain.ext/bmbpath/header.php http://domain.ext/bmbpath/include/db/dbmysqlerror.php...

Magic News Pro <= 1.0.3 (script_path) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ======================================================================= Magic News Pro 1.0.3 scriptpath Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By Saudi...

Magic News Pro &lt;= 1.0.3 (script_path) Remote File Include Vulnerability

No description provided by source. ==================================================================== Magic News Pro = 1.0.3 scriptpath Remote File Inclusion Exploit ==================================================================== Critical Level : Dangerous By Saudi Hackrz...

CCleague Pro 1.0.1RC1 - &#039;cookie&#039; Remote Code Execution

!/usr/bin/php -q -d shortopentag=on ? $devilteam = " ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:...

PHP-Proxima 6.0 - &#039;BB_Smilies.php&#039; Local File Inclusion

source: https://www.securityfocus.com/bid/19840/info PHP-Proxima is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary local files from the vulnerable system in the context of the...

pHNews alpha 1 - &#039;templates_dir&#039; Remote Code Execution

!/usr/bin/php -q -d shortopentag=on ? $devilteam = " ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:...

phpGroupWare <= 0.9.16.010 GLOBALS[] Remote Code Execution Exploit

Exploit for unknown platform in category web applications ================================================================== phpGroupWare calendar/inc/class.holidaycalc.inc.php line 14-33: .... / $Id: class.holidaycalc.inc.php,v 1.5 2001/08/26 12:32:28 skeeter Exp $ / if...