23 matches found
EUVD-2008-4464
Malware in sbrugna...
EUVD-2008-4465
Malware in sbrugna...
Crux Gallery <= 1.32 (index.php theme) Local File Inclusion Vulnerability
========================================================= ? Crux Gallery Osirys and darkjoker 14. $m = $GET'm'; 15. $p = $GET'p'; 16. $dir = $GET'dir'; 17. requireonce"main.php"; 18. requireonce"themes/".$theme."/theme.php"; $theme isn't declared, so you can include any file...
Crux Gallery <= 1.32 Insecure Cookie Handling Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Crux Gallery = 1.32 / Insecure Cookie Handling Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Program: Crux Gallery Version: = 1,32 File affected: admin/ Download:...
CVE-2008-4483
Directory traversal vulnerability in index.php in Crux Gallery 1.32 and earlier, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the theme parameter...
CVE-2008-4484
main.php in Crux Gallery 1.32 and earlier allows remote attackers to gain administrative access by setting the name parameter to "users," as demonstrated via index.php...
Code injection
main.php in Crux Gallery 1.32 and earlier allows remote attackers to gain administrative access by setting the name parameter to "users," as demonstrated via index.php...
Directory traversal
Directory traversal vulnerability in index.php in Crux Gallery 1.32 and earlier, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the theme parameter...
CVE-2008-4483
The CVE-2008-4483 vulnerability affects Crux Gallery 1.32 and earlier, where directory traversal via a .. in the theme parameter allows remote inclusion of local files when magic_quotes_gpc is disabled. Affected component: index.php. Root cause: improper handling of the theme parameter enabling l...
CVE-2008-4483
Directory traversal vulnerability in index.php in Crux Gallery 1.32 and earlier, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the theme parameter...
CVE-2008-4484
CVE-2008-4484 affects Crux Gallery 1.32 and earlier. The main.php file vulnerability allows remote attackers to gain administrative access by supplying a name parameter value of "users" (demonstrated via index.php). The NVD entry lists a public description and CVSS v2 base score of 6.8 (MEDIUM) w...
CVE-2008-4484
main.php in Crux Gallery 1.32 and earlier allows remote attackers to gain administrative access by setting the name parameter to "users," as demonstrated via index.php...
Crux Gallery <= 1.32 (index.php theme) Local File Inclusion Vulnerability
No description provided by source. +=========================================================+ +=========================================================+ ? Crux Gallery = 1.32 Local File Inclusion Vulnerability ? Discovered On: 01/10/2008 PHP.ini MagicQuotesGpc = Off...
Crux Gallery <= 1.32 (index.php theme) Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ========================================================================= Crux Gallery Osirys and darkjoker 14. $m = $GET'm'; 15. $p = $GET'p'; 16. $dir = $GET'dir'; 17. requireonce"main.php"; 18. requireonce"themes/".$theme."/theme.php";...
Crux Gallery 1.32 - theme Local File Inclusion
Crux Gallery 1.32 - theme Local File Inclusion +=========================================================+ +=========================================================+ ? Crux Gallery Osirys and darkjoker 14. $m = $GET'm'; 15. $p = $GET'p'; 16. $dir = $GET'dir'; 17. requireonce"main.php"; 18...
Crux Gallery 1.32 - 'theme' Local File Inclusion
+=========================================================+ +=========================================================+ ? Crux Gallery Osirys and darkjoker 14. $m = $GET'm'; 15. $p = $GET'p'; 16. $dir = $GET'dir'; 17. requireonce"main.php"; 18. requireonce"themes/".$theme."/theme.php"; $theme isn...
cruxgallery-lfi.txt
+=========================================================+ +=========================================================+ ? Crux Gallery Osirys and darkjoker 14. $m = $GET'm'; 15. $p = $GET'p'; 16. $dir = $GET'dir'; 17. requireonce"main.php"; 18. requireonce"themes/".$theme."/theme.php"; $theme isn...
Crux Gallery <= 1.32 / Insecure Cookie Handling Vulnerability
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Crux Gallery = 1.32 / Insecure Cookie Handling Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Program: Crux Gallery Version: = 1,32 File affected: admin/ Download: http://www.arzdev.com/downloads/8/Crux Fou...
Crux Gallery <= 1.32 Insecure Cookie Handling Vulnerability
No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Crux Gallery = 1.32 / Insecure Cookie Handling Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Program: Crux Gallery Version: = 1,32 File affected: admin/ Download:...
crux-cookie.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Crux Gallery eNYe-Sec - www.enye-sec.org Program description by the author website Bug Exploit Note: POST is not checked and you can enter all by GET. Also you can create a simple perl script to send GET and POST packages. Navigate by...