Lucene search
+L

497 matches found

Packet Storm
Packet Storm
added 2008/07/15 12:0 a.m.30 views

pluck-lfi.txt

www.BugReport.ir AmnPardaz Security Research Team Title: Pluck Local File inclusion Vendor: http://www.pluck-cms.org Bug: Local File Inclusion Vulnerable Version: 4.5.1 prior versions also may be affected Exploitation: Remote with browser Fix: N/A - Description: Pluck is a content management...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2008/07/15 12:0 a.m.44 views

Pluck Local File inclusion

www.BugReport.ir AmnPardaz Security Research Team Title: Pluck Local File inclusion Vendor: http://www.pluck-cms.org Bug: Local File Inclusion Vulnerable Version: 4.5.1 prior versions also may be affected Exploitation: Remote with browser Fix: N/A - Description: Pluck is a content management...

7AI score
Exploits0
0day.today
0day.today
added 2008/07/14 12:0 a.m.14 views

Pluck 4.5.1 (blogpost) Local File Inclusion Vulnerability (win only)

Exploit for unknown platform in category web applications ==================================================================== Pluck 4.5.1 blogpost Local File Inclusion Vulnerability win only ==================================================================== AmnPardaz Security Research Team...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/07/14 12:0 a.m.42 views

Pluck CMS 4.5.1 (Windows) - blogpost Local File Inclusion

Pluck CMS 4.5.1 Windows - blogpost Local File Inclusion www.BugReport.ir AmnPardaz Security Research Team Title: Pluck Local File inclusion Vendor: http://www.pluck-cms.org Bug: Local File Inclusion Vulnerable Version: 4.5.1 prior versions also may be affected Exploitation: Remote with browser Fi...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/07/14 12:0 a.m.36 views

Pluck CMS 4.5.1 (Windows) - 'blogpost' Local File Inclusion

www.BugReport.ir AmnPardaz Security Research Team Title: Pluck Local File inclusion Vendor: http://www.pluck-cms.org Bug: Local File Inclusion Vulnerable Version: 4.5.1 prior versions also may be affected Exploitation: Remote with browser Fix: N/A - Description: Pluck is a content management...

7.4AI score
Exploits0
Prion
Prion
added 2007/08/08 1:17 a.m.14 views

Directory traversal

Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when registerglobals is enabled, allows remote attackers to read arbitrary local files via a .. dot dot in the file parameter. NOTE: CVE and a reliable third party dispute this vulnerability because the code uses a fixed argume...

5CVSS7AI score0.01479EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2007/08/08 1:17 a.m.17 views

Remote file inclusion

PHP remote file inclusion vulnerability in data/inc/theme.php in Pluck 4.3, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: A reliable third party disputes this vulnerability because the applicable include is within a...

6.8CVSS7.8AI score0.01553EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2007/08/08 1:17 a.m.18 views

CVE-2007-4181

PHP remote file inclusion vulnerability in data/inc/theme.php in Pluck 4.3, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: A reliable third party disputes this vulnerability because the applicable include is within a...

6.8CVSS7.5AI score0.01553EPSS
Exploits1References5
NVD
NVD
added 2007/08/08 1:17 a.m.15 views

CVE-2007-4180

Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when registerglobals is enabled, allows remote attackers to read arbitrary local files via a .. dot dot in the file parameter. NOTE: CVE and a reliable third party dispute this vulnerability because the code uses a fixed argume...

5CVSS6.7AI score0.01479EPSS
Exploits0References5
Cvelist
Cvelist
added 2007/08/08 1:11 a.m.21 views

CVE-2007-4180

Directory traversal vulnerability in data/inc/theme.php in Pluck 4.3, when registerglobals is enabled, allows remote attackers to read arbitrary local files via a .. dot dot in the file parameter. NOTE: CVE and a reliable third party dispute this vulnerability because the code uses a fixed argume...

6.7AI score0.01479EPSS
Exploits0References5
Cvelist
Cvelist
added 2007/08/08 1:11 a.m.29 views

CVE-2007-4181

PHP remote file inclusion vulnerability in data/inc/theme.php in Pluck 4.3, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: A reliable third party disputes this vulnerability because the applicable include is within a...

7.5AI score0.01553EPSS
Exploits1References5
CVE
CVE
added 2007/08/08 1:11 a.m.46 views

CVE-2007-4181

Pluck 4.3 is affected by a reported PHP remote file inclusion in data/inc/theme.php when register_globals is enabled, potentially allowing arbitrary PHP code execution via a dir parameter. The core dispute in the public records notes that the vulnerable include occurs inside a function that does ...

6.8CVSS7.5AI score0.01553EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2007/08/08 1:11 a.m.41 views

CVE-2007-4180

Affects Pluck 4.3: directory traversal in data/inc/theme.php via the file parameter (..), exploitable when register_globals is enabled. The claim is that remote reading of local files is possible, but the note across sources indicates this vulnerability is disputed because the code uses a fixed a...

5CVSS6.7AI score0.01479EPSS
Exploits0References5Affected Software1
Packet Storm
Packet Storm
added 2007/08/08 12:0 a.m.16 views

pluck-rfi.txt

Aria-Security Team Pluck 4.3 Remote File Inclusion Vendor: http://www.pluck-cms.org/ /path/data/inc/theme.php if Registerglobal was set as ON then we can use the $dir variable for RFI isfile$dir."/".$file $files=$file; else $dirs=$dir."/".$file; if$dirs foreach $dirs as $dir include...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2007/08/08 12:0 a.m.5 views

PT-2007-5375 · Pluck · Pluck

Name of the Vulnerable Software and Affected Versions: Pluck version 4.3 Description: The issue allows remote attackers to potentially read arbitrary local files via a .. dot dot in the file parameter in the data/inc/theme.php file when register globals is enabled. However, it's noted that the co...

5CVSS6.8AI score0.01479EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2007/08/08 12:0 a.m.8 views

PT-2007-5376 · Pluck · Pluck

Name of the Vulnerable Software and Affected Versions: Pluck version 4.3 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter when register globals is enabled. However, a reliable third party disputes this vulnerability, stating that the...

6.8CVSS7.7AI score0.01553EPSS
Exploits1References7
securityvulns
securityvulns
added 2007/08/03 12:0 a.m.100 views

Pluck 4.3 themes.php Remote File Inclusion and disclosure

Aria-Security Team Pluck 4.3 Remote File Inclusion Vendor: http://www.pluck-cms.org/ /path/data/inc/theme.php if Registerglobal was set as ON then we can use the $dir variable for RFI isfile$dir."/".$file $files=$file; else $dirs=$dir."/".$file; if$dirs foreach $dirs as $dir include...

1.2AI score
Exploits0
Rows per page
Query Builder