1091 matches found
[SA15916] eGroupWare XML-RPC PHP Code Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability
Background The PEAR XML-RPC and phpxmlrpc libraries are both PHP implementations of the XML-RPC protocol. Description James Bercegay of GulfTech Security Research discovered that the PEAR XML-RPC and phpxmlrpc libraries fail to sanatize input sent using the "POST" method. Impact A remote attacker...
PHPXMLRPC Remote Code Execution
GulfTech Security Research June 29th, 2005 Vendor : Useful Information Inc. URL : http://phpxmlrpc.sourceforge.net/ Version : PHPXMLRPC 1.1 && Earlier Risk : Remote Command Execution Description: PHPXMLRPC aka XML-RPC For PHP is a PHP implementation of the XML-RPC web RPC protocol, and was...
CVE-2005-1921
CVE-2005-1921 is a remote PHP code execution vulnerability in PEAR XML_RPC (<=1.3.0) and PHPXMLRPC (
[SA15884] phpPgAds XML-RPC PHP Code Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
Serendipity XML-RPC for PHP Remote Code Injection
The version of Serendipity installed on the remote host is prone to remote code execution due to a failure of its bundled XML-RPC library to sanitize user-supplied input to the 'serendipityxmlrpc.php' script. This flaw may allow attackers to execute code remotely subject to the privileges of the...
[SA15810] phpMyFAQ XML-RPC PHP Code Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
PT-2005-2876 · Egroupware +10 · Egroupware +10
Name of the Vulnerable Software and Affected Versions: PEAR XML RPC versions 1.3.0 and earlier PHPXMLRPC versions 1.1 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement...
XML-RPC Library 1.3.0 - xmlrpc.php Remote Code Injection
XML-RPC Library 1.3.0 - xmlrpc.php Remote Code Injection tested and working /str0ke !/usr/bin/perl ilo-- This program is no GPL or has nothing to do with FSF, but some code was ripped from romansoft.. sorry, too lazy! xmlrpc bug by James from GulfTech Security Research...
[SA15895] Nucleus XML-RPC PHP Code Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
[SA15883] phpAdsNew XML-RPC PHP Code Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
XML-RPC Library <= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit
Exploit for unknown platform in category web applications =================================================================== XML-RPC Library \n"; print "special chars allowed are / and - \n\n"; read command line options my $options = GetOptions general options 'host=s' = $host, input host to...
XML-RPC Library 1.3.0 - 'xmlrpc.php' Remote Code Injection
tested and working /str0ke !/usr/bin/perl ilo-- This program is no GPL or has nothing to do with FSF, but some code was ripped from romansoft.. sorry, too lazy! xmlrpc bug by James from GulfTech Security Research. http://pear.php.net/bugs/bug.php?id=4692 xmlrpc drupal exploit, but James sais xoop...
Advisory 02/2005: Remote code execution in Serendipity
Hardened PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Remote code execution in Serendipity Release Date: 2005/06/29 Last Modified: 2005/06/29 Author: Christopher Kunz [email protected] Application: Serendipity = 0.8.2 Severity: Arbitrary remote code execution...
PEAR XML_RPC Remote Code Execution Vulnerability
GulfTech Security Research June 29th, 2005 Vendor : The PEAR Group URL : http://pear.php.net/package/XMLRPC/ Version : PEAR XMLRPC 1.3.0 && Earlier Risk : Remote Command Execution Description: PEAR XMLRPC is a PHP implementation of the XML-RPC web RPC protocol, and used by many different develope...
XML-RPC Library <= 1.3.0 (xmlrpc.php) Remote Code Injection Exploit
No description provided by source. tested and working /str0ke !/usr/bin/perl ilo-- This program is no GPL or has nothing to do with FSF, but some code was ripped from romansoft.. sorry, too lazy! xmlrpc bug by James from GulfTech Security Research. http://pear.php.net/bugs/bug.php?id=4692 xmlrpc...
[Full-disclosure] [DRUPAL-SA-2005-003] Drupal 4.6.2 / 4.5.4 fixes critical XML-RPC issue
---------------------------------------------------------------------------- Drupal security advisory DRUPAL-SA-2005-003 ---------------------------------------------------------------------------- Advisory ID: DRUPAL-SA-2005-003 Date: 2005-jun-29 Security risk: highly critical Impact: system...
[SA15855] PostNuke XML-RPC Library PHP Code Execution Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
WordPress 1.5.1.2 - xmlrpc Interface SQL Injection
WordPress 1.5.1.2 - xmlrpc Interface SQL Injection !/usr/bin/perl -w sorry for the late posting, had to test it. /str0ke Wordpress 1.5.1.2 Strayhorn // XMLRPC Interface SQL Injection By James Bercegay // http://www.gulftech.org/ // June 21 2005 Quick and dirty proof of concept that uses the XML R...
XML-RPC for PHP Remote Code Injection Vulnerability
Description XML-RPC for PHP is affected by a remote code-injection vulnerability. An attacker may exploit this issue to execute arbitrary commands or code in the context of the webserver. This may facilitate various attacks, including unauthorized remote access. XML-RPC for PHP 1.1 and prior...