8 matches found
BASE base_qry_common Remote File Include
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/projects/Framework/ require 'msf/core' class Metasploit3 'BASE...
BASE base_qry_common Remote File Include
This module exploits a remote file inclusion vulnerability in the baseqrycommon.php file in BASE 1.2.4 and earlier. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BASE baseqrycommon Remote Fil...
BASE 1.2.4 - base_qry_common.php Remote File Inclusion (Metasploit)
BASE 1.2.4 - baseqrycommon.php Remote File Inclusion Metasploit This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
CVE-2006-2685
creationtimestamp| type| source ---|---|--- 2008-06-14 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9908 2010-11-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16897 2018-05-29 15:50:33+00:00| seen|...
BASE base_qry_common.php file include
Added: 06/23/2006 CVE: CVE-2006-2685 BID: 18298 OSVDB: 25770 Background Snort is an open-source intrusion detection system. The Basic Analysis and Security Engine BASE is a web interface for analyzing Snort results. Problem If the registerglobals PHP option is enabled, the baseqrycommon.php scrip...
BASE base_qry_common.php file include
Added: 06/23/2006 CVE: CVE-2006-2685 BID: 18298 OSVDB: 25770 Background Snort is an open-source intrusion detection system. The Basic Analysis and Security Engine BASE is a web interface for analyzing Snort results. Problem If the registerglobals PHP option is enabled, the baseqrycommon.php scrip...
CVE-2006-2685
PHP remote file inclusion vulnerability in Basic Analysis and Security Engine BASE 1.2.4 and earlier, with registerglobals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASEpath parameter to 1 baseqrycommon.php, 2 basestatcommon.php, and 3...
CVE-2006-2685
CVE-2006-2685 affects BASE 1.2.4 and earlier. When PHP register_globals is enabled, the base_qry_common.php script accepts a BASE_path parameter that can include arbitrary files, enabling remote PHP code execution via (1) base_qry_common.php, (2) base_stat_common.php, or (3) includes/base_include...