33 matches found
Code injection
Multiple direct static code injection vulnerabilities in MyCMS 0.9.8 and earlier allow remote attackers to inject arbitrary PHP code into 1 a score.txt file via the score parameter, or 2 a setby.txt file via a login cookie, which is then included by games.php. NOTE: programs that use games.php...
CVE-2007-3587
MyCMS 0.9.8 and earlier allows remote attackers to gain privileges via the admin cookie parameter, as demonstrated by a post to admin/settings.php that injects PHP code into settings.inc, which can then be executed via a direct request to index.php...
CVE-2007-3586
Multiple direct static code injection vulnerabilities in MyCMS 0.9.8 and earlier allow remote attackers to inject arbitrary PHP code into 1 a score.txt file via the score parameter, or 2 a setby.txt file via a login cookie, which is then included by games.php. NOTE: programs that use games.php...
CVE-2007-3585
PHP remote file inclusion vulnerability in games.php in MyCMS 0.9.8 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the id parameter...
CVE-2007-3587
CVE-2007-3587 affects MyCMS 0.9.8 and earlier. The vulnerability allows remote attackers to gain privileges by exploiting the admin cookie parameter, demonstrated via a POST to admin/settings.php that injects PHP code into settings.inc, which can then be executed by requesting index.php. This des...
CVE-2007-3586
CVE-2007-3586 affects MyCMS 0.9.8 and earlier. Multiple direct static code injection vulnerabilities allow remote attackers to inject arbitrary PHP into (1) _score.txt via the score parameter, or (2) _setby.txt via a login cookie, which is then included by games.php. The description notes that pr...
CVE-2007-3585
CVE-2007-3585 describes a PHP remote file inclusion in the MyCMS web application (versions 0.9.8 and earlier). The vulnerability occurs in the games.php component, where an attacker can supply a URL in the id parameter to cause the system to include and execute arbitrary PHP code on the server. T...
MyCMS <= 0.9.8 Remote Command Execution Exploit (2 method)
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo " MyCMS = 0.9.8 Remote Command Execution Exploit 2 method by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love "; if $argc3 echo "Usage: php...
MyCMS 0.9.8 - Remote Command Execution (2)
MyCMS 0.9.8 - Remote Command Execution 2 !/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argcNo new score set"; elseif $score $data $file1 = "snakescore.txt"; $file2 = "snakesetby.txt"; $file1h = fopen$file1, 'w' or die"can't open file"; $file2h =...
MyCMS <= 0.9.8 Remote Command Execution Exploit
Exploit for unknown platform in category web applications =============================================== MyCMS 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0;...
MyCMS <= 0.9.8 Remote Command Execution Exploit (2 method)
Exploit for unknown platform in category web applications ========================================================== MyCMS No new score set"; elseif $score $data $file1 = "snakescore.txt"; $file2 = "snakesetby.txt"; $file1h = fopen$file1, 'w' or die"can't open file"; $file2h = fopen$file2, 'w' or...
MyCMS 0.9.8 - Remote Command Execution (2)
!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argcNo new score set"; elseif $score $data $file1 = "snakescore.txt"; $file2 = "snakesetby.txt"; $file1h = fopen$file1, 'w' or die"can't open file"; $file2h = fopen$file2, 'w' or die"can't open file"...
MyCMS 0.9.8 - Remote Command Execution (1)
!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n";...