7697 matches found
Irokez CMS <= 0.7.1 Multiple Remote File Include Vulnerabilities
Exploit for unknown platform in category web applications ================================================================ Irokez CMS 11: requireonce "$GLOBALS'PTH''func'gallery.func.php"; + - 12: requireonce "$GLOBALS'PTH''classes'gallery.class.php"; + scripts/sitemap.scr.php, lines 13: + - 13:...
CVE-2006-6661
Variable overwrite vulnerability in blog.php in PHP-Update 2.7 and earlier allows remote attackers to overwrite arbitrary program variables and execute arbitrary PHP code via multiple vectors that use the extract function, as demonstrated by the 1 f, 2 newmessage, 3 newusername, 4 adminuser, and ...
CVE-2006-6661
Variable overwrite vulnerability in blog.php in PHP-Update 2.7 and earlier allows remote attackers to overwrite arbitrary program variables and execute arbitrary PHP code via multiple vectors that use the extract function, as demonstrated by the 1 f, 2 newmessage, 3 newusername, 4 adminuser, and ...
phpProfiles <= 3.1.2b Multiple Remote File Include Vulnerabilities
No description provided by source. +------------------------------------------------------------------------------------------- + phpProfiles = 3.1.2b Multiple Remote File Include Vulnerabilities +------------------------------------------------------------------------------------------- + Affect...
Mandrake Linux Security Advisory : sudo (MDKSA-2006:159)
Previous sudo updates were made available to sanitize certain environment variables from affecting a sudo call, such as PYTHONINSPECT, PERL5OPT, etc. While those updates were effective in addressing those specific environment variables, other variables that were not blacklisted were being made...
Multiple Sun Solaris vulnerabilities
Buffer overflow in ld.so doprf, directory traversal on parsing different environment variables in ld.so...
Visualshapers EzContents GLOBALS[rootdp]远程文件包含漏洞
Visualshapers EzContents是一款基于PHP的内容管理程序。 Visualshapers EzContents不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于多个脚本对用户提交的WEB参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 VisualShapers ezContents 2.0.3 漏洞提供者 DarkFig...
mxBB Module kb_mods 2.0.2 - Remote File Inclusion
| \ | / | \ \ / | | | | | \ / | \ \ / / | | | | '| | |/| |/ \ / / \ / / | | '| | | / | | || | | | | | | | | \ / | | | | || \ \ |/|| || ||,//\ / ||| ,|/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-= Knowledgebase kbmods...
Mambo Peoplebook Component 1.0 Remote File Include Vulnerability
No description provided by source. --------------------------------------------------------------------------- Peoplebook Mambo Component = v1.0 Remote File Include Vulnerabilities --------------------------------------------------------------------------- Author : Matdhule Date : August, 14th 20...
CVE-2006-6165
ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is...
CVE-2006-6165
ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is...
CVE-2006-6164
The CVE-2006-6164 entry concerns OpenBSD 3.9 and 4.0 where the _dl_unsetenv function in loader.c of the ELF ld.so fails to remove duplicate environment variables. This could allow local users to pass dangerous variables (e.g., LD_PRELOAD) to loading processes, potentially enabling privilege escal...
CVE-2006-6165
CVE-2006-6165 concerns ld.so in FreeBSD and NetBSD (and possibly other BSDs) that does not remove certain harmful environment variables before loading processes, enabling local privilege escalation by manipulating environment variables. The impact is described as local confidentiality, integrity,...
CVE-2006-6164
The dlunsetenv function in loader.c in the ELF ld.so in OpenBSD 3.9 and 4.0 does not properly remove duplicate environment variables, which allows local users to pass dangerous variables such as LDPRELOAD to loading processes, which might be leveraged to gain privileges...
CVE-2006-6165
ld.so in FreeBSD, NetBSD, and possibly other BSD distributions does not remove certain harmful environment variables, which allows local users to gain privileges by passing certain environment variables to loading processes. NOTE: this issue has been disputed by a third party, stating that it is...
PT-2006-6799 · Freebsd · Ld.So
Name of the Vulnerable Software and Affected Versions: ld.so in FreeBSD, NetBSD, and possibly other BSD distributions affected versions not specified Description: The issue allows local users to gain privileges by passing certain environment variables to loading processes, as ld.so does not remov...
Pearl Forums 2.4 - Multiple Remote File Inclusions
| \ | / | \ \ / | | | | | \ / | \ \ / / | | | | '| | |/| |/ \ / / \ / / | | '| | | / | | || | | | | | | | | \ / | | | | || \ \ |/|| || ||,//\ / ||| ,|/ ///////////////////////////////////////////////////////////////////////////////////////////////////////////// //Script:Pearl Forums...
OpenBSD 3.94.0 - ld.so Local Environment Variable Clearing
OpenBSD 3.94.0 - ld.so Local Environment Variable Clearing / source: https://www.securityfocus.com/bid/21188/info OpenBSD is prone to a local vulnerability that may allow attackers to pass malicious environment variables to applications, bypassing expected security restrictions. Attackers may be...
GLSA-200610-15 : Asterisk: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200610-15 Asterisk: Multiple vulnerabilities Asterisk contains buffer overflows in channels/chanmgcp.c from the MGCP driver and in channels/chanskinny.c from the Skinny channel driver for Cisco SCCP phones. It also dangerously...
SQL Injection in package SYS.DBMS_SQLTUNE_INTERNAL
Name SQL Injection in package SYS.DBMSSQLTUNEINTERNAL 6980745 DB10 Systems Affected Oracle 8i-10g Rel. 2 Severity High Risk Category SQL Injection Vendor URL http://www.oracle.com/ Author Alexander Kornbrust ak at red-database-security.com Advisory 18 October 2006 V 1.00 Advisory...