CVE-2008-4346

CVE-2008-4346 : TalkBack has a directory traversal vulnerability allowing remote attackers to include and execute arbitrary local files via the language parameter. Affected versions include TalkBack 2.3.5 and other versions before 2.3.6.2 (and similar vector in comments.php as noted in CVE-2008-4...

CVE-2008-4115

TalkBack 2.3.6 allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function...

Information disclosure

TalkBack 2.3.6 allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function...

CVE-2008-4115

CVE-2008-4115 : The vulnerability affects TalkBack 2.3.6, where a remote attacker can disclose configuration information by directly requesting install/info.php, which calls the phpinfo function. The root cause is the information disclosure via phpinfo exposure through a non-authenticated, remote...

talkback-lfidisclose.txt

Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure + Discovered By SirGod + MorTal TeaM + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Local File Inclusion PoC 1 : http://target/path/comments.php?language=Local File%00 Example 1 :...

Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure Vulns

No description provided by source. + Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure + Discovered By SirGod + MorTal TeaM + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Local File Inclusion PoC 1 :...

Talkback 2.3.6 - Multiple Local File Inclusion PHPInfo Disclosure Vulnerabilities

Talkback 2.3.6 - Multiple Local File Inclusion PHPInfo Disclosure Vulnerabilities + Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure + Discovered By SirGod + MorTal TeaM + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Local File Inclusion...

Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure Vulns

Exploit for unknown platform in category web applications ===================================================================== Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure Vulns ===================================================================== + Talkback 2.3.6 Multiple Loc...

Talkback 2.3.6 - Multiple Local File Inclusion / PHPInfo Disclosure Vulnerabilities

Talkback 2.3.6 Multiple Local File Inclusion/PHPInfo Disclosure + Discovered By SirGod + MorTal TeaM + Greetz : E.M.I.N.E.M,Ras,Puscasmarin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke + Local File Inclusion PoC 1 : http://target/path/comments.php?language=Local File%00 Example 1 :...

Directory traversal

Directory traversal vulnerability in install/help.php in TalkBack 2.3.5, and other versions before 2.3.6.2, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter...

CVE-2008-3371

Directory traversal vulnerability in install/help.php in TalkBack 2.3.5, and other versions before 2.3.6.2, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter...

CVE-2008-3371

Directory traversal vulnerability in install/help.php in TalkBack 2.3.5, and other versions before 2.3.6.2, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter...

CVE-2008-3371

CVE-2008-3371 - Vulnerability in TalkBack 2.3.5 and earlier than 2.3.6.2 where the installer’s language parameter in install/help.php can be manipulated to perform directory traversal, allowing remote inclusion and execution of local files. The issue is a classic local file inclusion due to impro...

TalkBack 2.3.5 (language) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================ TalkBack 2.3.5 language Local File Inclusion Vulnerability ============================================================...

TalkBack 2.3.5 (language) Local File Inclusion Vulnerability

No description provided by source. ============================================================================================================= o TalkBack 2.3.5 Local File Inclusion Vulnerability Software : TalkBack version 2.3.5 Vendor : http://www.scripts.oldguy.us/talkback Author : NoGe Conta...

talkback-lfi.txt

============================================================================================================= o TalkBack 2.3.5 Local File Inclusion Vulnerability Software : TalkBack version 2.3.5 Vendor : http://www.scripts.oldguy.us/talkback Author : NoGe Contact : nogedotcodeatgmaildotcom...

TalkBack 2.3.5 - Language Local File Inclusion

TalkBack 2.3.5 - Language Local File Inclusion ============================================================================================================= o TalkBack 2.3.5 Local File Inclusion Vulnerability Software : TalkBack version 2.3.5 Vendor : http://www.scripts.oldguy.us/talkback Author ...

TalkBack 2.3.5 - 'Language' Local File Inclusion

============================================================================================================= o TalkBack 2.3.5 Local File Inclusion Vulnerability Software : TalkBack version 2.3.5 Vendor : http://www.scripts.oldguy.us/talkback Author : NoGe Contact : nogedotcodeatgmaildotcom...

talkback-rfi.txt

Opencosmo Security http://www.opencosmo.com ================================================================================================================================== TalkBack 2.2.7 Remote File Include Vulnerability Software : TalkBack version 2.2.7 Developer :...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in TalkBack 2.2.7 allow remote attackers to execute arbitrary PHP code via a URL in the 1 languagefile parameter to a comments-display-tpl.php and b addons/separate-comments-mod/my-comments-display-tpl.php and the 2 configcommentsformtpl paramete...