EUVD-2006-0694

Malware in sbrugna...

DocMGR <= 0.54.2 (file_exists) Remote Commands Execution Exploit

No description provided by source. ?php ---docmgr0542inclxpl.php 0.30 12/02/2006 DocMGR = 0.54.2 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested...

docMGR 1.1.2 Cross Site Scripting

------------------------------------------------------------------------ Software................docMGR 1.1.2 Vulnerability...........Reflected Cross-site Scripting Threat Level............Low 1/5 Download................http://www.docmgr.org/ Discovery Date..........5/12/2011 Tested...

DocMGR 1.1.2 - &#039;history.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/47861/info DocMGR is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...

DocMGR 1.1.2 - history.php Cross-Site Scripting

DocMGR 1.1.2 - history.php Cross-Site Scripting source: https://www.securityfocus.com/bid/47861/info DocMGR is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

Cross site request forgery (csrf)

process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable...

CVE-2006-0687

process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable...

CVE-2006-0687

CVE-2006-0687 concerns DocMGR 0.54.2. A flaw in process.php leaves the local variable $siteModInfo uninitialized, enabling a remote attacker to abuse a modified includeModule and siteModInfo to include arbitrary local files (and possibly remote files). The vulnerability arises from direct request...

CVE-2006-0687

process.php in DocMGR 0.54.2 does not initialize the $siteModInfo variable when a direct request is made, which allows remote attackers to include arbitrary local files or possibly remote files via a modified includeModule and siteModInfo variable...

DocMGR &lt;= 0.54.2 arbitrary remote inclusion

--------------- DocMGR = 0.54.2 arbitrary remote inclusion -------------------- software: site: http://www.docmgr.org/ description: "DocMGR is a complete, web-based Document Management System DMS. It allows for the storage of any file type, and supports full-text indexing of the most popular...

docmgr_0542_incl_xpl

--------------- DocMGR Results For "".$searchString."" "; $option = null; if defined"USELDAP" if defined"GLOBALADMIN" $option"searchbase" = LDAPBASE; else $option"searchbase" = SEARCHBASE; //create our sear...

[SA18803] DocMGR process.php File Inclusion Vulnerability

TITLE: DocMGR process.php File Inclusion Vulnerability SECUNIA ADVISORY ID: SA18803 VERIFY ADVISORY: http://secunia.com/advisories/18803/ CRITICAL: Highly critical IMPACT: Exposure of sensitive information, System access WHERE: From remote SOFTWARE: DocMGR 0.x http://secunia.com/product/8021/...

DocMGR &lt;= 0.54.2 (file_exists) Remote Commands Execution Exploit

No description provided by source. ?php ---docmgr0542inclxpl.php 0.30 12/02/2006 DocMGR = 0.54.2 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested...

DocMGR 0.54.2 - file_exists Remote Command Execution

DocMGR 0.54.2 - fileexists Remote Command Execution works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "The quality of decision is like the well-timed swoop of a falcon which enables it to strike and destroy i...

DocMGR 0.54.2 - &#039;file_exists&#039; Remote Command Execution

works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "The quality of decision is like the well-timed swoop of a falcon which enables it to strike and destroy its victim." errorreporting0;...

DocMGR <= 0.54.2 (file_exists) Remote Commands Execution Exploit

Exploit for unknown platform in category web applications ================================================================ DocMGR works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "The quality of decision is...