Lucene search
+L

343 matches found

rdot
rdot
added 2010/07/18 12:0 a.m.19 views

Особенности реализации PHP include.

Особенности реализации PHP Include. Введение. В данной заметке, я попытался объединить в одном месте все фичи, найденные в последнее время и позволяющие повысить эффективность атаки на основе PHP Include. Основы. Внедрение PHP-кода PHP Include — это уязвимость, заключающаяся в возможности внедрен...

7.3AI score
Exploits0
zdt
zdt
added 2009/11/25 12:0 a.m.29 views

OpenCSP Multiple Remote File Include Vulnerability

Exploit for unknown platform in category web applications ================================================== OpenCSP Multiple Remote File Include Vulnerability ==================================================...

7.1AI score
Exploits0
packetstorm
packetstorm
added 2009/10/30 12:0 a.m.48 views

Mambo Cache_Lite Class mosConfig_absolute_path Remote File Inclusion

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/projects/Framework/ require 'msf/core' class Metasploit3 'Mambo...

6.8CVSS0.3AI score0.18401EPSS
Exploits8
packetstorm
packetstorm
added 2009/03/26 12:0 a.m.21 views

Acute Control Panel 1.0.0 RFI / SQL Injection

Acute Control Panel 1.0.0 RFI/SQL Injection Auth Bypass + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote File Inclusion Vulnerable code in container.php ----------------------------------------------------------- -----------------------------------------------------------...

0.6AI score
Exploits0
zdt
zdt
added 2007/10/29 12:0 a.m.34 views

MySpace Resource Script (MSRS) 1.21 RFI Vulnerability

Exploit for unknown platform in category web applications ===================================================== MySpace Resource Script MSRS 1.21 RFI Vulnerability ===================================================== MSRS v.1.21 Remote File Inclusion Author Site : http://www.myspacepros.com/ POC...

7.1AI score
Exploits0
packetstorm
packetstorm
added 2007/10/23 12:0 a.m.27 views

reloadcms-lfi.txt

New Advisory: ReloadCMS http://reloadcms.com ——————–Summary—————- Software: ReloadCMS Sowtware’s Web Site: http://reloadcms.com/main/ Versions: 1.2.7 Critical Level: Moderate Type: Multiple Vulnerabilities Class: Remote Status: Unpatched PoC/Exploit: Available Solution: Not Available Discovered b...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/07/11 12:0 a.m.69 views

ISS Proventia Appliance multiple security vulnerabilities

SSH user accounts detection, crossite scripting, PHP include, protection bypass...

2.2AI score
Exploits0References1
exploitdb
exploitdb
added 2006/12/26 12:0 a.m.19 views

Luckybot 3 - 'DIR' Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/21765/info Multiple remote file-include vulnerabilities affect Luckybot because the application fails to properly sanitize user-supplied input before using it in a PHP 'include' function call. An attacker may leverage these issues to execute arbitrary...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2006/08/21 12:0 a.m.25 views

PHProjekt Content Management Module 0.6.1 - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/19628/info Multiple remote file-include vulnerabilities affect the Content Management module for PHProjekt because the application fails to properly sanitize user-supplied input before using it in a PHP 'include' function call. An attacker may leverage...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2006/08/21 12:0 a.m.28 views

Headline Portal Engine 0.x/1.0 - 'HPEInc' Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/19663/info Multiple remote file-include vulnerabilities affect HPE because the application fails to properly sanitize user-supplied input before using it in a PHP 'include' function call. An attacker may leverage these issues to execute arbitrary...

7.4AI score
Exploits0
nessus
nessus
added 2006/05/25 12:0 a.m.23 views

Nucleus CMS < 3.23 PLUGINADMIN.php DIR_LIBS Parameter Remote File Inclusion

Binary data 3633.prm...

5.1CVSS7.3AI score0.07071EPSS
Exploits1References3
nessus
nessus
added 2006/05/23 12:0 a.m.255 views

phpwcms spaw_control.class.php spaw_root Parameter Remote File Inclusion

The remote host is running phpwcms, an open source content management system written in PHP. The version of phpwcms installed on the remote host fails to sanitize user-supplied input to the 'spawroot' parameter before using it in PHP include functions in the...

2.6CVSS6.1AI score0.01649EPSS
Exploits1References2
nessus
nessus
added 2005/11/16 12:0 a.m.62 views

XOOPS xoopsConfig[language] Parameter Local File Inclusion (XOOPS_WFd205_xpl)

The remote installation of XOOPS fails to sanitize user-supplied input to the 'xoopsConfiglanguage' parameter of several xoopseditor scripts before using it in PHP 'include' functions. An unauthenticated attacker may be able to leverage these issues to read arbitrary local files and even execute...

6.4CVSS5.9AI score0.01724EPSS
Exploits1References2
packetstorm
packetstorm
added 2005/02/25 12:0 a.m.40 views

pmachineExec.txt

This is a multi-part message in MIME format. ------=NextPart000000001C516AC.9C269F50 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit pMachine Pro / pMachine Free Remote Code Execution vendor website: http://www.pmachine.com I. BACKGROUND PMachine is one of the most...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2005/02/20 12:0 a.m.58 views

[Full-Disclosure] pMachine Pro / pMachine Free Remote Code Execution

pMachine Pro / pMachine Free Remote Code Execution vendor website: http://www.pmachine.com I. BACKGROUND PMachine is one of the most flexible & creative on-line publishing tools available. With PMachine you can publish any kind of web content - from a basic weblog to an advanced, interactive...

1.4AI score
Exploits0
securityvulns
securityvulns
added 2004/06/04 12:0 a.m.73 views

PHP Include Exploit in Mail Manage EX v3.1.8 and maybe others.

Description: PHP Include Exploit in Mail Manage EX v3.1.8 Compromise: a malicious PHP script from an external host may be included and executed. Vulnerable Systems: all system using mmex.php v3.1.8 and maybe lower not tested. Details: The PHP Include exploit exist in de folowing code,...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2003/07/11 12:0 a.m.39 views

PHP-Include-Hack-Possibility in phpforum 2 RC-1

================================================ ------------------------------------------------ ------------www.bright-shadows.net------------ ------------------------------------------------ --------------theblacksheep&erik-------------- ------------------------------------------------...

7.8AI score
Exploits0
securityvulns
securityvulns
added 2002/12/21 12:0 a.m.37 views

XSS and PHP include bug in W-Agora

I have found some bugs in W-Agora's forum configuration filesystem. In the page editform.php, an admin or root user can open any file, with the "PHP Include bug". A sample of the script: editform.php ?php the script gets the parameter "file", puts ".php" after this, and includes the file in the...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2002/11/27 12:0 a.m.29 views

FreeNews &amp; News Evolution &#40;PHP&#41;

Informations : °°°°°°°°°°°°°° Problem : Include files a ------------------- Product : Freenews Version : 2.1 Website : http://www.prologin.fr ---------------------- b ------------------- Product : News Evolution Versions : 1.0, 2.0 Website : http://www.phpevolution.net ---------------------- PHP...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2002/06/15 12:0 a.m.11 views

ZeroBoard 4.1 - PHP Include File Arbitrary Command Execution

ZeroBoard 4.1 - PHP Include File Arbitrary Command Execution source: https://www.securityfocus.com/bid/5028/info Zeroboard is a PHP web board package available for the Linux and Unix platforms. Under some circumstances, it may be possible to include arbitrary PHP files. The head.php file does not...

0.2AI score
Exploits0
Rows per page
Query Builder