8 matches found
Remote file inclusion
PHP remote file inclusion vulnerability in index/main.php in Aztek Forum 4.00 allows remote authenticated administrators to execute arbitrary PHP code via a URL in the PFtopurl parameter...
Design/Logic Flaw
Aztek Forum 4.00 allows remote attackers to obtain sensitive information via a direct request to forum.php with the fid=XD query string, which reveals the path in an error message...
CVE-2007-0596
PHP remote file inclusion vulnerability in index/main.php in Aztek Forum 4.00 allows remote authenticated administrators to execute arbitrary PHP code via a URL in the PFtopurl parameter...
Double free
common/safety.php in Aztek Forum 4.00 allows remote attackers to enter certain data containing %22 sequences URL encoded double quotes and other potentially dangerous manipulations by sending a cookie, which bypasses the blacklist matching against the GET and PUT superglobal arrays...
CVE-2007-0598
The CVE-2007-0598 issue affects Aztek Forum 4.00, specifically the forum/load.php component. The vulnerability arises from improper handling of the fid cookie by forum.php, enabling remote attackers to inject and execute arbitrary SQL commands via the cookie value. The NVD entry notes a high seve...
CVE-2007-0596
CVE-2007-0596 affects Aztek Forum 4.00. The vulnerability is a PHP remote file inclusion in index/main.php, exploitable via a URL in the PF[top_url] parameter. It can allow remote authenticated administrators to execute arbitrary PHP code. The connected documents provide no explicit remediation o...
Aztek Forum 4.00 (myadmin.php) User Privilege Escalation Exploit
No description provided by source. !/usr/bin/perl use IO::Socket; Aztek Forum 4.00 Change User Rights Remote Exploit only if the magicquote are : OFF Hum hum , sorry for my bad english i'm french ; Note : Before using this exploit you must create a count on the board : And this count will receive...
Aztek Forum 4.00 (myadmin.php) User Privilege Escalation Exploit
Exploit for unknown platform in category web applications ================================================================ Aztek Forum 4.00 myadmin.php User Privilege Escalation Exploit ================================================================ !/usr/bin/perl use IO::Socket; Aztek Forum 4.0...