51 matches found
EUVD-2007-5152
Malware in sbrugna...
EUVD-2008-3587
Malware in sbrugna...
EUVD-2005-4025
Malware in sbrugna...
EUVD-2007-5153
Malware in sbrugna...
EUVD-2008-7023
Malware in sbrugna...
Quicksilver Forums <= 1.4.2 RCE Exploit (windows only)
No description provided by source. Author: GiReX Homepage: girex.altervista.org Date: 24/11/2008 CMS: Quicksilver Forums = 1.4.2 Site: http://www.quicksilverforums.com/ Bug: Local File Inclusion Exploit: Remote Command Execution Note: Works with windows servers only Works regardless php.ini...
Quicksilver Forums <= 1.2.1 (set) Remote File Include Vulnerability
No description provided by source. WWW.SecurityWall.orG Quicksilver Forums v1.2.0+1.2.1 setincludepath Remote File Inclusion Vulnerabilities Author: mdx Class : Remote cont@ct: bilkopatathotmaildotcom v1.2.0+v1.2.1 Code: activeutil.php? requireonce $set'includepath' . '/lib/bbcode.php'; Exploit:...
Secunia Research: Quicksilver Forums Backup Information Disclosure
====================================================================== Secunia Research 17/03/2010 - Quicksilver Forums Backup Information Disclosure - ====================================================================== Table of Contents Affected...
Secunia Research: Quicksilver Forums "mysqldump" Password Disclosure
====================================================================== Secunia Research 17/03/2010 - Quicksilver Forums "mysqldump" Password Disclosure - ====================================================================== Table of Contents Affected...
Quicksilver Forums Local File Include and Arbitrary File Upload Vulnerabilities
Quicksilver Forums is prone to a local file-include vulnerability and an arbitrary-file-upload vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues to upload arbitrary files onto the webserver, execute arbitrary local files...
Quicksilver Forums Local File Include and Arbitrary File Upload Vulnerabilities
Quicksilver Forums is prone to a local file-include vulnerability and an arbitrary-file-upload vulnerability because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, a...
Quicksilver Forums Detection
This host is running Quicksilver Forums. OpenVAS Vulnerability Test $Id: quicksilverforumsdetect.nasl 5739 2017-03-27 14:48:05Z cfi $ Quicksilver Forums Detection Authors: Michael Meyer Copyright: Copyright c 2010 Greenbone Networks GmbH This program is free software; you can redistribute it and/...
Quicksilver Forums Detection
This host is running Quicksilver Forums. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.100503";...
CVE-2008-7064
Directory traversal vulnerability in the getlang function in global.php in Quicksilver Forums 1.4.2 and earlier, as used in QSF Portal before 1.4.5, when running on Windows, allows remote attackers to include and execute arbitrary local files via a "" backslash in the lang parameter to index.php,...
Directory traversal
Directory traversal vulnerability in the getlang function in global.php in Quicksilver Forums 1.4.2 and earlier, as used in QSF Portal before 1.4.5, when running on Windows, allows remote attackers to include and execute arbitrary local files via a "" backslash in the lang parameter to index.php,...
CVE-2008-7064
Directory traversal vulnerability in the getlang function in global.php in Quicksilver Forums 1.4.2 and earlier, as used in QSF Portal before 1.4.5, when running on Windows, allows remote attackers to include and execute arbitrary local files via a "" backslash in the lang parameter to index.php,...
CVE-2008-7064
CVE-2008-7064 affects Quicksilver Forums 1.4.2 and earlier and QSF Portal before 1.4.5. The vulnerability is a directory traversal via the lang parameter in index.php that accepts a backslash () in Windows, bypassing a protection that only checks for forward slashes and can lead to including/exec...
PT-2009-2533 · Quicksilver +1 · Quicksilver Forums +2
Name of the Vulnerable Software and Affected Versions: Quicksilver Forums versions 1.4.2 and earlier QSF Portal versions prior to 1.4.5 Description: The issue allows remote attackers to include and execute arbitrary local files via a "" backslash in the lang parameter to "index.php". This bypasse...
quicksilverforums-rce.txt
Author: GiReX Homepage: girex.altervista.org Date: 24/11/2008 CMS: Quicksilver Forums get'lang' $lang = $this-get'lang'; if strstr$lang, '/' || !fileexists$path . 'languages/' . $lang . '.php' $lang = 'en'; include $path . 'languages/' . $lang . '.php'; As you can see, Quicksilver filter can be...
Quicksilver Forums <= 1.4.2 RCE Exploit (windows only)
Exploit for unknown platform in category web applications ====================================================== Quicksilver Forums get'lang' $lang = $this-get'lang'; if strstr$lang, '/' || !fileexists$path . 'languages/' . $lang . '.php' $lang = 'en'; include $path . 'languages/' . $lang . '.php...