25 matches found
EUVD-2007-2060
Malware in sbrugna...
EUVD-2007-2059
Malware in sbrugna...
EUVD-2001-1278
Malware in sbrugna...
Actionpoll 1.1 Actionpoll.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23504/info Actionpoll is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the...
Actionpoll 1.1.1 db/PollDB.php CONFIG_DATAREADERWRITER Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...
Actionpoll 1.1.1 db/DataReaderWriter.php CONFIG_DB Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0, and possibly 1.1.1, allow remote attackers to execute arbitrary PHP code via a URL in 1 the CONFIGPOLLDB parameter to actionpoll.php or 2 the CONFIGDB parameter to db/DataReaderWriter.php, different vectors...
CVE-2007-2065
PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIGDATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this information is unknown; the...
Remote file inclusion
PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIGDATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this information is unknown; the...
CVE-2007-2064
Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0, and possibly 1.1.1, allow remote attackers to execute arbitrary PHP code via a URL in 1 the CONFIGPOLLDB parameter to actionpoll.php or 2 the CONFIGDB parameter to db/DataReaderWriter.php, different vectors...
CVE-2007-2065
PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIGDATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this information is unknown; the...
CVE-2007-2064
CVE-2007-2064 describes multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0 (and possibly 1.1.1). The flaws allow an attacker to execute arbitrary PHP code by supplying a URL in the CONFIG_POLLDB parameter to actionpoll.php or in the CONFIG_DB parameter to db...
CVE-2007-2065
CVE-2007-2065 is a PHP remote file inclusion vulnerability affecting Robert Ladstaetter ActionPoll 1.1.1, in which an attacker can execute arbitrary PHP code by supplying a URL in the CONFIG_DATAREADERWRITER parameter to db/PollDB.php. This describes a separate vector from CVE-2001-1297. The prov...
Actionpoll远程文件包含漏洞
Actionpoll是一款基于PHP的WEB应用程序。 Actionpoll不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Actionpoll.php'脚本对用户提交的'CONFIGPOLLDB'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 Actionpoll 1.1 目前没有解决方案提供: http://sourceforge.net/projects/actionpoll http://www.example.com/script...
ActionPoll Script (actionpoll.php) Remote File Include // starhack.org
-------------------------------------------------- ActionPoll Script actionpoll.php Remote File Include -------------------------------------------------- Author : SekoMirza Date Found : April 14 2007 Location : French // ... Critical Lvl : critical Impact : System access Where : From Remote...
action-rfi.txt
-------------------------------------------------- ActionPoll Script actionpoll.php Remote File Include -------------------------------------------------- Author : SekoMirza Date Found : April 14 2007 Location : French // ... Critical Lvl : critical Impact : System access Where : From Remote...
Actionpoll 1.1 - 'Actionpoll.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/23504/info Actionpoll is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are als...
Actionpoll 1.1 - Actionpoll.php Remote File Inclusion
Actionpoll 1.1 - Actionpoll.php Remote File Inclusion source: https://www.securityfocus.com/bid/23504/info Actionpoll is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the...
Actionpoll 1.1.1 - '/db/PollDB.php?CONFIG_DATAREADERWRITER' Remote File Inclusion
source: https://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...
Actionpoll 1.1.1 - '/db/DataReaderWriter.php?CONFIG_DB' Remote File Inclusion
source: https://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...