OpenX banner-edit.php File Upload PHP Code Execution

$Id: openxbanneredit.rb 9247 2010-05-08 03:07:51Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

CVE-2009-4836

Eval injection vulnerability in system/services/init.php in Movie PHP Script 2.0 allows remote attackers to execute arbitrary PHP code via the anticode parameter...

Sql injection

Eval injection vulnerability in system/services/init.php in Movie PHP Script 2.0 allows remote attackers to execute arbitrary PHP code via the anticode parameter...

CVE-2009-4836

Eval injection vulnerability in system/services/init.php in Movie PHP Script 2.0 allows remote attackers to execute arbitrary PHP code via the anticode parameter...

Code injection

lib.php in Zeroboard 4.1 pl7 allows remote attackers to execute arbitrary PHP code via a crafted parameter name, possibly related to nowconnect.php...

PAJAX - Remote Command Execution (Metasploit)

$Id: pajaxremoteexec.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

CVE-2009-4818

Unrestricted file upload vulnerability in upload.php in PHPSimplicity Simplicity oF Upload 1.3.2 allows remote attackers to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif...

CVE-2010-1528

PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the content parameter...

CVE-2010-1153

PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable...

CVE-2010-1360

CVE-2010-1360 affects FAQEngine 4.24.00. It involves multiple PHP remote file inclusion vulnerabilities that allow an attacker to execute arbitrary PHP code by supplying a URL in the path_faqe parameter to any of 13 PHP entry points (attachs.php, backup.php, badwords.php, categories.php, changepw...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Direct News 4.10.2, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 admin/menu.php and 2 library/lib.menu.php; and the adminroot parameter to 3...

CVE-2010-1266

Multiple PHP remote file inclusion vulnerabilities in WebMaid CMS 0.2-6 Beta and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 template, 2 menu, 3 events, and 4 SITEROOT parameters to template/babyweb/index.php; the 5 modules and 6 copyright parameters to...

CVE-2009-4750

PHP remote file inclusion vulnerability in home.php in Top Paidmailer allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...

CVE-2010-1055

Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magicquotesgpc is disabled and registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the configforuminstalled parameter to 1 forum/adminLogin.php and 2 forum/userLogin.php...

eFront 'langname' Parameter Traversal Local File Inclusion

The version of eFront running on the remote web server is affected by a local file inclusion vulnerability due to improper sanitization of user-supplied input to the 'langname' parameter of the language.php script before using it to include PHP code. Regardless of PHP's 'registerglobals' setting,...

DEDECMS v5. 5 Final select_soft_post.php vulnerability-vulnerability warning-the black bar safety net

Author:st0p Today only from Wolves Security Team to see toby57 large cattle released"DEDECMS v5. 5 GBK Final one. vulnerability"this article,the original address:http://bbs.wolvez.org/topic/125/ Your own local testing a bit,covering the SESSION this little chicken threat is true,because the reque...

CVE-2010-0678

PHP remote file inclusion vulnerability in includes/moderation.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the includesdirectory parameter...

Open Flash Chart/Pwiki Remote Code Execution Vulnerability

Exploit for unknown platform in category web applications ========================================================== Open Flash Chart/Pwiki Remote Code Execution Vulnerability ========================================================== Author: GoLdeN-z3r0 Title: Open Flash Chart/Pwiki Remote Code...

phpLDAPadmin < 1.2 Local File Inclusion

Binary data 5291.prm...

CVE-2009-4543

PHP remote file inclusion vulnerability in index.php in Cromosoft Technologies Facil Helpdesk 2.3 Lite allows remote attackers to execute arbitrary PHP code via a URL in the lng parameter. NOTE: this can also be leveraged to include and execute arbitrary local files via .. dot dot sequences...