Lucene search
+L

69 matches found

exploitpack
exploitpack
added 2014/03/15 12:0 a.m.13 views

OpenX 2.8.x - Multiple Cross-Site Request Forgery Vulnerabilities

OpenX 2.8.x - Multiple Cross-Site Request Forgery Vulnerabilities source: https://www.securityfocus.com/bid/66251/info OpenX is prone to multiple cross-site request-forgery vulnerabilities. Exploiting these issues may allow a remote attacker to perform certain unauthorized actions. This may lead ...

0.7AI score
Exploits0
Prion
Prion
added 2010/04/27 3:30 p.m.20 views

Authentication flaw

Unspecified vulnerability in OpenX 2.8.1 and 2.8.2 allows remote attackers to bypass authentication and obtain access to an Administrator account via unknown vectors, possibly related to www/admin/install.php, www/admin/install-plugins.php, and other www/admin/ files...

7.5CVSS7.2AI score0.02339EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2009/08/18 9:0 p.m.3 views

DEBIAN-CVE-2009-2853

Wordpress before 2.8.3 allows remote attackers to gain privileges via a direct request to 1 admin-footer.php, 2 edit-category-form.php, 3 edit-form-advanced.php, 4 edit-form-comment.php, 5 edit-link-category-form.php, 6 edit-link-form.php, 7 edit-page-form.php, and 8 edit-tag-form.php in wp-admin...

10CVSS7AI score0.04711EPSS
Exploits3References1
Exploit DB
Exploit DB
added 2009/07/01 12:0 a.m.44 views

CMS chainuk 1.2 - Multiple Vulnerabilities

CMS Chainuk = v.1.2 Vulns Home: Cms.tut.su Dork: "Cms.tut.su, 2009 g." eLwauxc 14.06.2 LFI /index.php --------------------------------------------------------------------------- 6: if isset$GET 'id' 7: 8: color=white$id = $GET 'id';/color 9: 10: else 11: 12: $id = $index; 13: 14: if fileexists...

7AI score
Exploits0
OpenVAS
OpenVAS
added 2009/06/30 12:0 a.m.19 views

Campsite 'g_campsiteDir' Remote and Local File Inclusion Vulnerabilities

This host is running Campsite and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodcampsitemultvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Campsite 'gcampsiteDir' Remote and Local File Inclusion Vulnerabilities Authors: Sharath S Copyright: Copyright c 2009 SecPod,...

7.5CVSS0.5AI score0.05692EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2009/06/23 9:30 p.m.2 views

CVE-2009-2182

Multiple PHP remote file inclusion vulnerabilities in Campsite 3.3.0 RC1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALSgcampsiteDir parameter to 1 adpopup.php, 2 camphtml.php, 3 initcontent.php, 4 logout.php, 5 menu.php, and 6 set-author.php in admin-files/; 7...

6.8CVSS6.1AI score0.01723EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2009/06/23 9:30 p.m.3 views

CVE-2009-2181

Cross-site scripting XSS vulnerability in admin-files/templates/listdir.php in Campsite 3.3.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the listbasedir parameter...

4.3CVSS5.7AI score0.02391EPSS
Exploits0References3
Cvelist
Cvelist
added 2009/06/23 9:21 p.m.20 views

CVE-2009-2182

Multiple PHP remote file inclusion vulnerabilities in Campsite 3.3.0 RC1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALSgcampsiteDir parameter to 1 adpopup.php, 2 camphtml.php, 3 initcontent.php, 4 logout.php, 5 menu.php, and 6 set-author.php in admin-files/; 7...

7.6AI score0.01723EPSS
Exploits0References1
seebug.org
seebug.org
added 2009/01/05 12:0 a.m.20 views

PNphpBB2 <= 1.2i (ModName) Multiple LFI Vulnerabilities

No description provided by source. +=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=+=--=--=--=--=--=-+ | PNphpBB2 = 1.2i ModName Multiple LFI Vulnerabilities | Note | +=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=+=--=--=--=--=--=-+ | discovered by athos -...

7.1AI score
Exploits0
EUVD
EUVD
added 2008/08/07 8:0 p.m.5 views

EUVD-2008-3495

LoveCMS 1.6.2 does not require administrative authentication for 1 addblock.php, 2 blocks.php, and 3 themes.php in system/admin/, which allows remote attackers to change the configuration or execute arbitrary PHP code via addition of blocks, and other vectors...

7.5CVSS7.8AI score0.03428EPSS
Exploits0References6
0day.today
0day.today
added 2008/04/06 12:0 a.m.16 views

Prozilla Topsites 1.0 Arbitrary Edit/Add Users Vulnerability

Exploit for unknown platform in category web applications ============================================================ Prozilla Topsites 1.0 Arbitrary Edit/Add Users Vulnerability ============================================================...

7.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2007/08/09 12:0 a.m.10 views

PT-2007-5481 · Unknown · X-Script Guestbook

Name of the Vulnerable Software and Affected Versions: Guestbook Script version 1.9 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the script root parameter to various PHP files, including 'delete.php', 'edit.php', 'inc/common.inc.php', 'database.php',...

9.8CVSS7.7AI score0.0157EPSS
Exploits0References5
0day.today
0day.today
added 2007/07/03 12:0 a.m.53 views

MyCMS <= 0.9.8 Remote Command Execution Exploit

Exploit for unknown platform in category web applications =============================================== MyCMS 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0;...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/05/30 12:0 a.m.27 views

inoutse-exec.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc this is not a protection for two reasons: i everyone can make a cookie with false credentials ii there isn't any exit or die function after header'Location: index.php' Now look at create...

Exploits0
0day.today
0day.today
added 2007/05/29 12:0 a.m.18 views

Inout Search Engine (all version) Remote Code Execution Exploit

Exploit for unknown platform in category web applications =============================================================== Inout Search Engine all version Remote Code Execution Exploit =============================================================== !/usr/bin/php -q -d shortopentag=on this is not a...

7.1AI score
Exploits0
Prion
Prion
added 2007/04/18 3:19 a.m.15 views

Authentication flaw

MyBlog 0.9.8 and earlier allows remote attackers to bypass authentication requirements via the admin cookie parameter to certain admin files, as demonstrated by admin/settings.php...

7.5CVSS7.5AI score0.06552EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2007/01/30 4:0 p.m.1 views

EUVD-2007-0559

Multiple PHP remote file inclusion vulnerabilities in Xero Portal 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter to 1 adminlinkdb.php, 2 adminforumprune.php, 3 adminextensions.php, 4 adminboard.php, 5 adminattachments.php, or 6 adminusers.php in...

7.5CVSS7.6AI score0.09917EPSS
Exploits0References12
exploitpack
exploitpack
added 2006/08/07 12:0 a.m.26 views

PHP Simple Shop 2.0 - abs_path Remote File Inclusion

PHP Simple Shop 2.0 - abspath Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV44$2006 ------------------------------------------------------------------------------ ECHOADV44$2006 PHP Simple Shop = 2.0 abspath Remote File Inclusion...

0.2AI score
Exploits0
0day.today
0day.today
added 2006/08/07 12:0 a.m.35 views

PHP Simple Shop <= 2.0 (abs_path) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ===================================================================== PHP Simple Shop = 2.0 abspath Remote File Inclusion Vulnerability ===================================================================== \ /\ \ / | \ \ | / \ // / | \ |...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2006/06/26 12:0 a.m.26 views

indexu501.txt

Discovered By CrAshoVeRrIdE indexu remote file include -------------------------- site of script:http://www.nicecoder.com/ ------------------------------------------------- Vulnerable: INDEXU v5.0.1 file include ------------ include$admintemplatepath."msg.php"; admintemplatepath parameter File...

7.4AI score
Exploits0
Rows per page
Query Builder