EUVD-2006-3611

Malware in sbrugna...

EUVD-2007-1480

Malware in sbrugna...

Remote file inclusion

PHP remote file inclusion vulnerability in template.class.php in Carbonize Lazarus Guestbook before 1.7.3 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter to admin.php, probably due to a dynamic variable evaluation vulnerability...

CVE-2007-1486

PHP remote file inclusion vulnerability in template.class.php in Carbonize Lazarus Guestbook before 1.7.3 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter to admin.php, probably due to a dynamic variable evaluation vulnerability...

CVE-2007-1486

CVE-2007-1486 describes a PHP remote file inclusion in Carbonize Lazarus Guestbook prior to version 1.7.3. The vulnerability is triggered in template.class.php when processing include_path in admin.php, due to a dynamic variable evaluation vulnerability, allowing an attacker to execute arbitrary ...

Lazarus Guestbook (admin.php)Remote File Include Expliot

Lazarus Guestbook admin.phpRemote File Include Expliot D.Script: http://www.carbonize.co.uk Dork: "Powered by Lazarus Guestbook from carbonize.co.uk" Discovered by Crackman Homepage: http://www.b0rizq.biz Greetz To :B0rizq & redcasper & Draknaz kaiba & brokenproxy and all freind Exploit:...

CVE-2006-3616

CVE-2006-3616 : The provided records indicate multiple cross-site scripting (XSS) vulnerabilities in Carbonize Lazarus Guestbook 1.6 and earlier. The issues allow remote attackers to inject arbitrary web script or HTML via (1) the show parameter in codes-english.php and (2) the img parameter in p...