EUVD-2006-0694

Malware in sbrugna...

DocMGR <= 0.54.2 (file_exists) Remote Commands Execution Exploit

No description provided by source. ?php ---docmgr0542inclxpl.php 0.30 12/02/2006 DocMGR = 0.54.2 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested...

docMGR 1.1.2 Cross Site Scripting

------------------------------------------------------------------------ Software................docMGR 1.1.2 Vulnerability...........Reflected Cross-site Scripting Threat Level............Low 1/5 Download................http://www.docmgr.org/ Discovery Date..........5/12/2011 Tested...

DocMGR 1.1.2 - history.php Cross-Site Scripting

DocMGR 1.1.2 - history.php Cross-Site Scripting source: https://www.securityfocus.com/bid/47861/info DocMGR is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

DocMGR 1.1.2 - &#039;history.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/47861/info DocMGR is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

Cross site request forgery (csrf)

process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable...

CVE-2006-0687

process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable...

CVE-2006-0687

CVE-2006-0687 concerns DocMGR 0.54.2. A flaw in process.php leaves the local variable $siteModInfo uninitialized, enabling a remote attacker to abuse a modified includeModule and siteModInfo to include arbitrary local files (and possibly remote files). The vulnerability arises from direct request...

CVE-2006-0687

process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable...

DocMGR &lt;= 0.54.2 arbitrary remote inclusion

--------------- DocMGR = 0.54.2 arbitrary remote inclusion -------------------- software: site: http://www.docmgr.org/ description: "DocMGR is a complete, web-based Document Management System DMS. It allows for the storage of any file type, and supports full-text indexing of the most popular...

docmgr_0542_incl_xpl

--------------- DocMGR Results For "".$searchString."" "; $option = null; if defined"USELDAP" if defined"GLOBALADMIN" $option"searchbase" = LDAPBASE; else $option"searchbase" = SEARCHBASE; //create our sear...

[SA18803] DocMGR process.php File Inclusion Vulnerability

TITLE: DocMGR process.php File Inclusion Vulnerability SECUNIA ADVISORY ID: SA18803 VERIFY ADVISORY: http://secunia.com/advisories/18803/ CRITICAL: Highly critical IMPACT: Exposure of sensitive information, System access WHERE: From remote SOFTWARE: DocMGR 0.x http://secunia.com/product/8021/...

DocMGR <= 0.54.2 (file_exists) Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ================================================================ DocMGR works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "The quality of decision is...

DocMGR 0.54.2 - file_exists Remote Command Execution

DocMGR 0.54.2 - fileexists Remote Command Execution works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "The quality of decision is like the well-timed swoop of a falcon which enables it to strike and destroy i...

DocMGR &lt;= 0.54.2 (file_exists) Remote Commands Execution Exploit

No description provided by source. ?php ---docmgr0542inclxpl.php 0.30 12/02/2006 DocMGR = 0.54.2 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested...

DocMGR 0.54.2 - &#039;file_exists&#039; Remote Command Execution

works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "The quality of decision is like the well-timed swoop of a falcon which enables it to strike and destroy its victim." errorreporting0;...