25 matches found
EUVD-2007-2060
Malware in sbrugna...
EUVD-2007-2059
Malware in sbrugna...
EUVD-2001-1278
Malware in sbrugna...
Actionpoll 1.1 Actionpoll.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23504/info Actionpoll is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the...
Actionpoll 1.1.1 db/DataReaderWriter.php CONFIG_DB Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...
Actionpoll 1.1.1 db/PollDB.php CONFIG_DATAREADERWRITER Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...
CVE-2007-2065
PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIGDATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this information is unknown; the...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0, and possibly 1.1.1, allow remote attackers to execute arbitrary PHP code via a URL in 1 the CONFIGPOLLDB parameter to actionpoll.php or 2 the CONFIGDB parameter to db/DataReaderWriter.php, different vectors...
Remote file inclusion
PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIGDATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this information is unknown; the...
CVE-2007-2064
CVE-2007-2064 describes multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0 (and possibly 1.1.1). The flaws allow an attacker to execute arbitrary PHP code by supplying a URL in the CONFIG_POLLDB parameter to actionpoll.php or in the CONFIG_DB parameter to db...
CVE-2007-2065
PHP remote file inclusion vulnerability in db/PollDB.php in Robert Ladstaetter ActionPoll 1.1.1 allows remote attackers to execute arbitrary PHP code via a URL in the CONFIGDATAREADERWRITER parameter, a different vector than CVE-2001-1297. NOTE: the provenance of this information is unknown; the...
CVE-2007-2064
Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0, and possibly 1.1.1, allow remote attackers to execute arbitrary PHP code via a URL in 1 the CONFIGPOLLDB parameter to actionpoll.php or 2 the CONFIGDB parameter to db/DataReaderWriter.php, different vectors...
CVE-2007-2065
CVE-2007-2065 is a PHP remote file inclusion vulnerability affecting Robert Ladstaetter ActionPoll 1.1.1, in which an attacker can execute arbitrary PHP code by supplying a URL in the CONFIG_DATAREADERWRITER parameter to db/PollDB.php. This describes a separate vector from CVE-2001-1297. The prov...
Actionpoll远程文件包含漏洞
Actionpoll是一款基于PHP的WEB应用程序。 Actionpoll不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Actionpoll.php'脚本对用户提交的'CONFIGPOLLDB'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 Actionpoll 1.1 目前没有解决方案提供: http://sourceforge.net/projects/actionpoll http://www.example.com/script...
action-rfi.txt
-------------------------------------------------- ActionPoll Script actionpoll.php Remote File Include -------------------------------------------------- Author : SekoMirza Date Found : April 14 2007 Location : French // ... Critical Lvl : critical Impact : System access Where : From Remote...
ActionPoll Script (actionpoll.php) Remote File Include // starhack.org
-------------------------------------------------- ActionPoll Script actionpoll.php Remote File Include -------------------------------------------------- Author : SekoMirza Date Found : April 14 2007 Location : French // ... Critical Lvl : critical Impact : System access Where : From Remote...
Actionpoll 1.1 - 'Actionpoll.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/23504/info Actionpoll is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are als...
Actionpoll 1.1 - Actionpoll.php Remote File Inclusion
Actionpoll 1.1 - Actionpoll.php Remote File Inclusion source: https://www.securityfocus.com/bid/23504/info Actionpoll is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the...
Actionpoll 1.1.1 - '/db/DataReaderWriter.php?CONFIG_DB' Remote File Inclusion
source: https://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...
Actionpoll 1.1.1 - '/db/PollDB.php?CONFIG_DATAREADERWRITER' Remote File Inclusion
source: https://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...