61 matches found
CVE-2007-4641
Directory traversal vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to include and execute arbitrary local files via a .. dot dot in the page parameter, as demonstrated by injecting code into an Apache log file...
Directory traversal
Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 allows remote attackers to include arbitrary files via a .. dot dot sequence in the op parameter, as demonstrated by injecting PHP code into Apache log files via the URL and User-Agent HTTP header...
CVE-2007-1636
Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 allows remote attackers to include arbitrary files via a .. dot dot sequence in the op parameter, as demonstrated by injecting PHP code into Apache log files via the URL and User-Agent HTTP header...
CVE-2007-1636
Directory traversal vulnerability in index.php in RoseOnlineCMS 3 B1 allows remote attackers to include arbitrary files via a .. dot dot sequence in the op parameter, as demonstrated by injecting PHP code into Apache log files via the URL and User-Agent HTTP header...
CVE-2007-1539
Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. dot dot sequence in the modulename parameter, as demonstrated via a static PHP code injection attack in an Apache log file...
CVE-2007-1539
Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. dot dot sequence in the modulename parameter, as demonstrated via a static PHP code injection attack in an Apache log file...
CVE-2007-1539
The CVE-2007-1539 entry concerns a Directory traversal vulnerability in the pragmaMX Landkarten 2.1 module, specifically in inc/map.func.php, where an attacker can include arbitrary files through a .. sequence in the module_name parameter. This was demonstrated via a static PHP code injection in ...
VMware ESX多个敏感信息泄露漏洞
VMware ESX Server是一个适用于任何系统环境的企业级虚拟计算机软件。 VMware ESX Server的管理界面使用了两个Cookies(vmware.mui.kid和vmware.mui.sid)中的会话ID。会话ID格式是私有的,包含有简单base64编码格式的用户帐号和口令。如果攻击者可以通过任何机制(如跨站脚本攻击)访问了Cookies的话,就可以获取认证凭据。 VMware ESX Server的管理界面允许用户更改口令。如果是root用户的话,还可以更改其他用户的口令。在更改口令时,会通过一个HTML表单要求用户输入并确认新的口令,然后通过HTTP...
XMB 1.9.6 Final - 'basename()' Remote Command Execution
!/usr/bin/php -q -d shortopentag=on ? echo "XMB = 1.9.6 Final basename 'langfilenew' arbitrary local inclusion / remote commands xctn\n"; echo "by rgod [email protected]\n"; echo "site: http://retrogod.altervista.org\n"; echo "dork: "Powered by XMB"\n\n"; / works regardless of php.ini settings /...
BASE base_qry_common.php file include
Added: 06/23/2006 CVE: CVE-2006-2685 BID: 18298 OSVDB: 25770 Background Snort is an open-source intrusion detection system. The Basic Analysis and Security Engine BASE is a web interface for analyzing Snort results. Problem If the registerglobals PHP option is enabled, the baseqrycommon.php scrip...
php iCalendar <= 2.21 (Cookie) Remote Code Execution Exploit
Exploit for unknown platform in category web applications ============================================================ php iCalendar arbitrary local inclusion through cookies\r\n"; echo "by rgod rgodautisticiorg\r\n"; short explaination: phpICal stores language & template user preferences inside...
PHP iCalendar 2.21 - cookie Remote Code Execution
PHP iCalendar 2.21 - cookie Remote Code Execution !/usr/bin/php -q -d shortopentag=on arbitrary local inclusion through cookies\r\n"; echo "by rgod rgodautisticiorg\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; short explaination: phpICal stores language & template user preferences...
php iCalendar <= 2.21 (Cookie) Remote Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "php iCalendar =2.21 "cookielanguage"/"cookiestyle" remote cmmnds xctn\r\n"; echo "- arbitrary local inclusion through cookies\r\n"; echo "by rgod rgodATautisticiDOTorg\r\n"; echo "site:...
PHP iCalendar 2.21 - 'cookie' Remote Code Execution
!/usr/bin/php -q -d shortopentag=on arbitrary local inclusion through cookies\r\n"; echo "by rgod rgodautisticiorg\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; short explaination: phpICal stores language & template user preferences inside cookies. Theese values are used to include...
Simple PHP Blog 0.4.7.1 - Remote Command Execution
!/usr/bin/perl use IO::Socket; print "Simple PHP Blog this works with magicquotesgpc = Off\r\n\r\n"; short explaination: we have this code in install05.php: ... script is not deleted after installation, so, if magicquotesgpc = Off, you can include an arbitrary file from local resources, poc:...
wagora420_xpl.txt
W-agora 4.2.0 Remote code execution / cross site scripting poc exploit software: site: http://w-agora.net/en/index.php description: "W-Agora is a web publishing and forum software. It allows you and your visitors to store and display messages, files, share discussions and other information on you...
CVE-2003-0844
modgzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via 1 a symlink attack on predictable temporary filenames on Unix systems, or 2 an NTFS hard link on Windows systems when the...
CVE-2003-0843
Format string vulnerability in modgzipprintf for modgzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding...
CVE-2003-0843
CVE-2003-0843 concerns a format-string vulnerability in mod_gzip_printf within mod_gzip (v1.3.26.1a and earlier, possibly later builds) when running in debug mode and handling HTTP requests with Accept-Encoding: gzip. A remote attacker can cause arbitrary code execution by supplying format-string...
Potential remote root in CodeBlue log scanner
TITLE: Potential remote root in CodeBlue log scanner NAME: DEMI SEX GOD FROM HELL ADV 00001 DATE: YES, PLEASE MAIL ME IF YOU ARE FEMALE send pictures CRAZY TRACKING NUMBER THAT MAKES IT LOOK LIKE I HAVE SOME MASSIVE DATABASE OF JUAREZ: 7363A64B02 Props to dme@! Information ----------- About:...