PHP-Barcode 0.3pl1 Remote Code Execution

No description provided by source. PHP-Barcode 0.3pl1 Remote Code Execution The input passed to the code parameter is not sanitized and is used on a popen function. This allows remote command execution and also allows to see environment vars: Windows...

PT-2006-4419 · Invision · Invision Power Board

Name of the Vulnerable Software and Affected Versions: Invision Power Board version 1.3 Final Description: The issue concerns SQL injection vulnerabilities that could allow remote attackers to execute arbitrary SQL commands. This is allegedly possible via the CODE parameter in certain actions in...