7 matches found
PHPBB2 Page_Header.PHP SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6888/info A SQL injection vulnerability has been reported in phpBB2. phpBB2, in some cases, does not sufficiently sanitize user-supplied input which is used when constructing SQL queries. As a result, attackers may supply...
Traidnt up 2.0 (report.php trtext) Blind SQL Injection Vulnerability
Traidnt up is a php online upload script assignmessage,charset$errors."انتظر سوف يتم تحويلك للملف مرة أخري".""; $traidnt-display"message.tpl"; else $ip = getenv'REMOTEADDR'; $reportquery = $db-query" INSERT INTO report reportkey ,reportwhy ,reportip VALUES '$fileid', '$trtext', '$ip';";...
PHP 5.4/5.3弃用函数eregi() memory_limit绕过漏洞
PHP 是一种HTML内嵌式的语言,PHP与微软的ASP颇有几分相似,都是一种在服务器端执行的嵌入HTML文档的脚本语言,语言的风格有类似于C语言,现在被很多的网站编程人员广泛的运用。 PHP 5.3之后版本弃用了基于POSIX正则表达式的函数,在5.4.0版本中,仍然使用这些函数,导致了绕过memorylimit,通过eregi耗尽内存。 0 PHP 5.4.0 厂商补丁: PHP --- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.php.net PoC: 127 cat sym.php ?php...
WAP-Motor 18.0 File Inclusion
=============================================================== Wap-motor Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 + Discovered By : Inj3ct0r + Site : Inj3ct0r.com + support e-mail :...
picoflatcms060-lfi.txt
PicoFlatCMS 0.6.0 LFI http://www.sourceforge.net/projects/picoflatcms Same old thing: http://site/index.php?pagina=C:\boot.ini Fixme: if eregi"://", $pagina || eregi"?", $pagina $pagina = ""; include "notfound.php"; else include $pagina;...
psnews-lfi.txt
o bug /". . . . .-' -...-'/ o o , . o -...--".\ vuln.: PsNews 1.1 show.php newspath Local File Inclusion author: [email protected] download: http://www.strefaphp.net/index.php?page=download&what=download&fid=12 dork: "Powered by PsNews" ; /news/show.php: ... iferegi"://", $newspath die"Nieautoryzowa...
CVE-2006-3013
Interpretation conflict in resetpw.php in phpBannerExchange before 2.0 Update 6 allows remote attackers to execute arbitrary SQL commands via an email parameter containing a null %00 character after a valid e-mail address, which passes the validation check in the eregi PHP command. NOTE: it could...