CVE-2007-2988

A certain admin script in Inout Meta Search Engine sends a redirect to the web browser but does not exit when administrative credentials are missing, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a request to admin/createengine.php followed by a request to...

CVE-2007-2988

The CVE-2007-2988 entry describes a vulnerability in the Inout Meta Search Engine: an admin script redirects the browser but does not exit when admin credentials are missing, enabling remote attackers to inject arbitrary PHP code via a sequence of requests to admin/create_engine.php and then admi...

Open redirect

Unspecified vulnerability in the admin script in Open Business Management OBM before 2.0.0 allows remote attackers to have an unknown impact by calling the script "in txt mode from a browser."...

CVE-2007-2316

Technical details for CVE-2007-2316 are not publicly available in the provided documents. Monitor for updates.

PT-2007-1294 · Jobline · Jobline

Name of the Vulnerable Software and Affected Versions: Jobline version 1.1.1 Description: A remote file inclusion issue exists, allowing remote attackers to execute arbitrary code via a URL in the mosConfig absolute path parameter in the admin.jobline.php script. Recommendations: For Jobline...

LinksCaffe 2.0/3.0 - Authentication Bypass

source: https://www.securityfocus.com/bid/19763/info LinksCaffe is prone to an authentication-bypass vulnerability because of a lack of required authentication on the application's administrative script. An attacker can use administrative functions simply by knowing the script's name and location...

CVE-2006-2890

Pixelpost 1-5rc1-2 and earlier, when registerglobals is enabled, allows remote attackers to gain administrator privileges and conduct other attacks by setting the SESSION"pixelpostadmin" parameter to 1 in calls to admin scripts such as admin/viewinfo.php...

os-x/PPC Add user r00t 219 bytes

Exploit for os-x/ppc platform in category shellcode ================================ os-x/PPC Add user r00t 219 bytes ================================ / PPC OS X / Darwin Shellcode by B-r00t. 2003. open; write; close; execve; exit; See ASM below. 219 Bytes! / char shellcode =...

FreeBSD : mailman XSS in admin script (104)

The following package needs to be updated: mailman %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg3cb88bb267a611d880e30020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

PT-2002-1564 · Apache · Apache

Name of the Vulnerable Software and Affected Versions: popper mod versions 1.2.1 and earlier Description: The issue concerns the PHP administration script in popper mod, which relies on Apache .htaccess authentication. This allows remote attackers to gain privileges if the script is not properly...

CVE-2002-0579

WorkforceROI Xpede 4.1 allows remote attackers to gain privileges as an Xpede administrator via a direct HTTP request to the /admin/adminproc.asp script, which does not prompt for a password...