134 matches found
CCMail Update.PHP远程文件包含漏洞
CCMail是一款基于PHP的WEB应用程序。 CCMail不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Update.PHP'脚本对用户提交的'functiondir'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 Cicoandcico CcMail 1.0.1 目前没有解决方案提供: http://www.cicoandcico.com !/usr/bin/perl CcMail 1.0 Remote File Inclusion Exploit...
CcMail 1.0.1 (update.php functions_dir) Remote File Inclusion Exploit
No description provided by source. !/usr/bin/perl CcMail 1.0 Remote File Inclusion Exploit Download Script http://www.cicoandcico.com/download/ccmail/ccmail1.0.1.tar.gz Bug Found & coded By CrackersChild [email protected] Kullanimi perl cra.pl perl cra.pl http://site.com/...
CVE-2007-1043
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to 1 update.php and 2 config.php...
EUVD-2007-1040
Ezboo webstats, possibly 3.0.3, allows remote attackers to bypass authentication and gain access via a direct request to 1 update.php and 2 config.php...
CVE-2007-1043
CVE-2007-1043 concerns Ezboo Webstats (possibly v3.0.3), where an authentication bypass enables remote access via direct requests to 1) update.php and 2) config.php. Multiple sources corroborate a remote, unauthenticated bypass affecting the product, with a CVSS v2 base score of 7.5 (HIGH) and ne...
vtiger CRM <= 4.2 (calpath) Multiple Remote File Include Vulnerabilities
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV54$2006 ----------------------------------------------------------------------------------------------- ECHOADV54$2006vtiger CRM =4.2 calpath Multiple Remote File Inclusion...
vTiger CRM 4.2 - calpath Multiple Remote File Inclusions
vTiger CRM 4.2 - calpath Multiple Remote File Inclusions \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV54$2006 ----------------------------------------------------------------------------------------------- ECHOADV54$2006vtiger CRM =4.2 calpath Multiple...
vTiger CRM 4.2 - 'calpath' Multiple Remote File Inclusions
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV54$2006 ----------------------------------------------------------------------------------------------- ECHOADV54$2006vtiger CRM =4.2 calpath Multiple Remote File Inclusion Vulnerability...
vtiger -- multiple remote file inclusion vulnerabilities
Dedi Dwianto a.k.a theday reports: Input passed to the "$calpath" parameter in update.php is not properly verified before being used. This can be exploited to execute arbitrary PHP code by including files from local or external resources...
osCommerce 2.2 - extras Source Code Disclosure
osCommerce 2.2 - extras Source Code Disclosure ---- osCommerce \n"; print nl2brhtmlentitiesimplode$readme, ' '; print "Continue\n"; print "\n"; exit; ... google search: inurl:"extras/update.php" intext:mysql.php -display...
CVE-2005-2819
DownFile 1.3 allows remote attackers to gain administrator privileges via a direct request to 1 update.php, 2 del.php, and 3 addform.php...
CVE-2005-2819
CVE-2005-2819 affects DownFile 1.3. Remote attackers can gain administrator privileges through direct HTTP requests to update.php, del.php, and add_form.php. The provided materials describe the affected components and impact but do not specify the underlying root cause or a verified exploit metho...
osCommerce update.php readme_file Parameter Arbitrary File Disclosure
The osCommerce installation on the remote host has a supplementary script, 'extras/update.php', that fails to validate user-supplied input to the 'readmefile' parameter before using that to display a file. An attacker can exploit this flaw to read arbitrary files on the remote host, such as the...
osCommerce 2.2 - update.php Information Disclosure
osCommerce 2.2 - update.php Information Disclosure source: https://www.securityfocus.com/bid/14294/info osCommerce is prone to an information-disclosure vulnerability. An attacker could exploit this vulnerability to display the contents of any file normally readable by the webserver process...