MiracleLinux 3 : php-5.1.6-45.0.1.AXS3 (AXSA:2014-794:03)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-794:03 advisory. Description : PHP is an HTML-embedded scripting language that allows developers to write dynamically generated web pages. PHP is ideal for writing...

Duplicator Pro 1.3.14 Local Information Disclosure

Product: Duplicator Pro Vendor: SnapCreek Website: https://snapcreek.com/ Discovered by: Evolution Hosting Version vulnerable: = 1.3.14 Fixed in: 1.3.15+ Vulnerability Type: Information Disclosure, local exposure of entire webinstallation content remotely triggerable: not for itself. Needs wp adm...

SOCA Access Control System 180612 - SQL Injection Vulnerability

Exploit for php platform in category web applications SOCA Access Control System 180612 SQL Injection And Authentication Bypass Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity...

Time And Expense Management System 3.0 SQL Injection

Exploit Title: Time and Expense Management System 3.0 - 'table' SQL Injection Dork: N/A Date: 2018-10-17 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.initechs.com/ Software Link: http://sourceforge.net/projects/tems/files/latest Version: 3.0 Category: Webapps Tested on:...

UBUNTU-CVE-2018-17082

The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the phphandler function in sapi/apache2handler/sapiapache2.c...

OV3 Online Administration 3.0 Parameter Traversal Arbitrary File Access

Summary With the decision to use the OV3 as a platform for your data management, the course is set for scalable, flexible and high-performance applications. Whether you use the OV3 for your internal data management or use it for commercial business applications such as shops, portals, etc. Thanks...

ATutor 2.2.1 Directory Traversal / Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'ATutor 2.2.1 Directory Traversal / Remote Code Execution', 'Description' = %q This module exploits a directory traversal...

Joomla! Component Realtyna RPL 8.9.2 - Persistent Cross-Site Scripting Cross-Site Request Forgery

Joomla! Component Realtyna RPL 8.9.2 - Persistent Cross-Site Scripting Cross-Site Request Forgery Realtyna RPL 8.9.2 Joomla Extension Persistent XSS And CSRF Vulnerabilities Vendor: Realtyna LLC Product web page: https://www.realtyna.com Affected version: 8.9.2 Summary: Realtyna CRM Client...

MyBB 1.8.x - Multiple Vulnerabilities

MyBB 1.8.x - Multiple Vulnerabilities Title: MyBB 1.8.X - Multiple Vulnerabilities Date: 13.11.2014 Tested on: Linux / Apache 2.2 / PHP 5 localhost Vendor: mybb.com Version: = 1.8.1 - Latest ATM Contact: [email protected] Author: Smash Latest MyBB forum software suffers on multiple...

HP-UX Update for Apache PHP HPSBUX00207

Check for the Version of Apache PHP OpenVAS Vulnerability Test HP-UX Update for Apache PHP HPSBUX00207 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

HP-UX Update for Apache PHP HPSBUX00207

Check for the Version of Apache PHP OpenVAS Vulnerability Test HP-UX Update for Apache PHP HPSBUX00207 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CuteNews 1.4.0 - Shell Injection Remote Command Execution

CuteNews 1.4.0 - Shell Injection Remote Command Execution ?php cutenxpl.php CuteNews 1.4.0possibly prior versions remote code execution by rgod site: http://rgod.altervista.org usage: launch form Apache, fill in requested fields, then go! make these changes in php.ini if you have troubles with th...

Debian DSA-073-1 : imp - 3 remote exploits

The Horde team released version 2.2.6 of IMP a web-based IMAP mail program which fixes three security problems. Their release announcement describes them as follows : - A PHPLIB vulnerability allowed an attacker to provide a value for the array element $PHPLIBlibdir, and thus to get scripts from...

killmod-0.69.lsm

killmod-0.69 killmod.php3 is a php front end that calls a simple shell script killmod.sh and allows you to use the +++ath0 bug to hang up older modems. ------------------------------------------------------------------------------------------------ killmod-0.69.tar.gz contains: --- README...