CVE-2011-3597

Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor...

CVE-2011-3597

Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor...

ImpressPages CMS 1.0.12 Code Execution

======= Summary ======= Name: Remote code execution in ImpressPages CMS Release Date: 5 January 2012 Reference: NGS00109 Discoverer: David Middlehurst Vendor: ImpressPages Vendor Reference: Systems Affected: ImpressPages CMS 1.0.12 Risk: High Status: Published ======== TimeLine ======== Discovere...

Perl Digest improper control of generation of code

Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor...

phpcms 2 0 0 8 product.php the pagesize parameter code injection vulnerability-vulnerability warning-the black bar safety net

SSV-Appdir: phpcms Published: 2011-10-12 Affected version: phpcms 2 0 0 8 Vulnerability description: phpcms 2 0 0 8 of the code due to the template parameter improper handling can lead to arbitrary execution of arbitrary code file. The specific code triggering the path is this: phpcms/yp/product...

Perl Digest improper control of generation of code

Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor...

PHP Support Tickets 2.2 Code Execution

Exploit Title: PHP Support Tickets v2.2 Code Exec Google Dork: "PHP Support Tickets v2.2" Date: 26.09.2010 Author: brainpillow Software Link: http://www.phpsupporttickets.com/ Version: 2.2 ==================================================================== Vuln. code: /classes/GUI/abstract.GUI.p...

PHP Support Tickets 2.2 - Code Execution

Exploit Title: PHP Support Tickets v2.2 Code Exec Google Dork: "PHP Support Tickets v2.2" Date: 26.09.2010 Author: brainpillow Software Link: http://www.phpsupporttickets.com/ Version: 2.2 ==================================================================== Vuln. code: /classes/GUI/abstract.GUI.p...

Phpaa Cms admin backend to get Shell – 0day-vulnerability warning-the black bar safety net

Edit Site Settings in the site name Content: 1 2 3" ;?& gt;? php eval$POSTc?& gt;; And then the word links: data/website.inc.php eval$POSTc...

CVE-2011-1760

utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument...

Design/Logic Flaw

utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument...

CVE-2011-1760

CVE-2011-1760 affects utils/opcontrol in OProfile 0.9.6 and earlier. The root cause is an eval injection possibility via shell metacharacters in the -e argument, enabling local users to gain privileges. Reports in connected documents confirm impact on affected distributions (e.g., EulerOS advisor...

CVE-2011-1760

utils/opcontrol in OProfile 0.9.6 and earlier might allow local users to conduct eval injection attacks and gain privileges via shell metacharacters in the -e argument...

PHP168 arbitrary code execution GET SHELL vulnerability-vulnerability warning-the black bar safety net

Vulnerability description: PHP168 whole Station is the PHP field of the current most powerful build system, The code is all open source, can be extremely convenient for secondary development, all modules can be freely installed and removed, the individual user is completely free to use. PHP168 V6...

WordPress plugin Is-human remote command execution vulnerability-vulnerability warning-the black bar safety net

The Is-human wordpress a comment validation plugin. Today in the inj3ct0r saw this plugin vulnerability exp: server/wp-content/plugins/is-human/engine. php? action=log-reset&type=ihoptions;passthruwhoami;error Wherein the passthruwhoamihere you can perform any command, such as ls, uname, etc. But...

PHP168 V6. 0 2 vulnerability-vulnerability warning-the black bar safety net

PHP168 V6. 0 2 vulnerability 0day details Brief description: PHP168 in some function using the eval function,but an array is not the first test of the,the result can be submitted to arbitrary code execution. Detailed description: ----------------------------- Registration. I don't know Brother,...

WordPress Plugin Is-human 1.4.2 - Remote Command Execution

WordPress Plugin Is-human 1.4.2 - Remote Command Execution Exploit Title: is-human 1.4.2 and prior Worpdress plugin. Date: 16.05.2011 Author: neworder www.neworder-ind.net Software Link: http://wordpress.org/extend/plugins/is-human/ Version: 1.4.2 Tested on: Linux Platform The vulnerability exist...

WordPress Plugin Is-human 1.4.2 - Remote Command Execution

Exploit Title: is-human 1.4.2 and prior Worpdress plugin. Date: 16.05.2011 Author: neworder www.neworder-ind.net Software Link: http://wordpress.org/extend/plugins/is-human/ Version: 1.4.2 Tested on: Linux Platform The vulnerability exists in /is-human/engine.php . It is possible to take control ...

WordPress Is-Human Plugin - Remote Command Execution Vulnerability

The vulnerability exists in /is-human/engine.php. It takes control of the eval function via the "type" parameter, when the "action" is set to log-reset. Solution Point the $ishum-get array variable into $ishum-getih and point it to php stored function errorlog if you want to close the execution...

Is-Human 1.4.2 WordPress Plugin Command Execution

Exploit Title: is-human 1.4.2 and prior Worpdress plugin. Date: 16.05.2011 Author: neworder www.neworder-ind.net Software Link: http://wordpress.org/extend/plugins/is-human/ Version: 1.4.2 Tested on: Linux Platform The vulnerability exists in /is-human/engine.php . It is possible to take control ...