PHP IRC Bot pbot - 'eval()' Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'PHP IRC Bot pbot eval Remote Code...

PHP IRC Bot pbot eval() Remote Code Execution

This module allows remote command execution on the PHP IRC bot pbot by abusing the usage of eval in the implementation of the .php command. In order to work, the data to connect to the IRC server and channel where find pbot must be provided. The module has been successfully tested on the version ...

Eaton Network Shutdown Module view_list.php paneStatusListSortBy Parameter eval() Call Remote PHP Code Execution

The version of the Eaton Network Shutdown Module hosted on the remote web server does not sanitize user input to the 'paneStatusListSortBy' parameter of the 'viewlist.php' script before using it as part of a command to be executed via PHP's 'eval' function. An unauthenticated, remote attacker can...

Discuz! X2. 5 latest GetShell0day detailed use-vulnerability warning-the black bar safety net

I heard that Discuz! This time and out of vulnerability, this was a GetShell vulnerabilities. This exploit is relatively new, it should be a lot of stations haven't updated it. Affects versions: 2 0 1 2 0 4 0 7, beta, rc Discuz! X2. 5 Release 2 0 1 2 0 4 0 7 edition in pregreplace using the e...

Active Collab "chat module" Remote PHP Code Injection Exploit

This module exploits an arbitrary code injection vulnerability in the chat module that is part of Active Collab versions 2.3.8 and earlier by abusing a pregreplace using the /e modifier and its replacement string using double quotes. The vulnerable function can be found in...

CVE-2012-2414

main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to...

DEBIAN-CVE-2012-2414

main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to...

MySQLDumper 1.24.4 - 'menu.php' PHP Remote Code Execution

source: https://www.securityfocus.com/bid/53310/info MySQLDumper is prone to a vulnerability that lets remote attackers execute arbitrary code because the application fails to sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary PHP code within the context of the...

VulnCheck KEV: CVE-2011-10033

The WordPress plugin is-human = v1.4.2 contains an eval injection vulnerability in /is-human/engine.php that can be triggered via the 'type' parameter when the 'action' parameter is set to 'log-reset'. The root cause is unsafe use of eval on user-controlled input, which can lead to execution...

LotusCMS 3.0 eval() Remote Command Execution

This module exploits a vulnerability found in Lotus CMS 3.0's Router function. This is done by embedding PHP code in the 'page' parameter, which will be passed to a eval call, therefore allowing remote code execution. The module can either automatically pick up a 'page' parameter from the default...

phpcms-exp 0day-vulnerability warning-the black bar safety net

Reprinted from dis9.com ---------------------- ? php errorreportingEERROR; settimelimit0; $keyword=’inurl:about/joinus’ ; // batch keywords $timeout = 1; $stratpage = 1; $lastpage = 1 0 0 0 0 0 0 0; for $i=$stratpage ; $i=$lastpage ; $i++ $array=ReadBaiduList$keyword,$timeout,$i; foreach $array a...

Sql injection

Eval injection vulnerability in zp-core/zp-extensions/viewersizeimage.php in ZENphoto 1.4.2, when the viewersizeimage plugin is enabled, allows remote attackers to execute arbitrary PHP code via the viewersizeimagesaved cookie...

CVE-2012-0993

CVE-2012-0993 concerns Zenphoto 1.4.2. The vulnerability is an eval() code-injection in zp-core/zp-extensions/viewer_size_image.php, triggered when the viewer_size_image_saved cookie is not sanitized and the viewer_size_image plugin is enabled. An attacker can craft the cookie to execute arbitrar...

glibc: insufficient quoting in the locale command output

locale/programs/locale.c in locale in the GNU C Library aka glibc or libc6 before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function...

CVE-2011-3832

Eval injection vulnerability in config.php in Support Incident Tracker aka SiT! 3.65 allows remote authenticated administrators to execute arbitrary PHP code via the applicationname parameter in a save action...

Design/Logic Flaw

Eval injection vulnerability in config.php in Support Incident Tracker aka SiT! 3.65 allows remote authenticated administrators to execute arbitrary PHP code via the applicationname parameter in a save action...

CVE-2011-3832

SiT! (Support Incident Tracker) 3.65 is affected by an eval/code-injection vulnerability in config.php. The issue allows remote authenticated administrators to execute arbitrary PHP code via the application_name parameter during a save action, due to the use of an eval-like construct in evaluatin...

perl security vulnerabilities

It's possible to inject eval expression into digest module constructor. Off-by-one overflow in decodexs...

Mandriva Update for perl MDVSA-2012:009 (perl)

Check for the Version of perl OpenVAS Vulnerability Test Mandriva Update for perl MDVSA-2012:009 perl Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Mandriva Update for perl MDVSA-2012:008 (perl)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...