38 matches found
EUVD-2008-1862
Malware in sbrugna...
EUVD-2006-4532
Malware in sbrugna...
EUVD-2008-1861
Malware in sbrugna...
exbb <= 0.22 (lfi/rfi) Multiple Vulnerabilities
No description provided by source. ==================================================================================================== / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / /...
ExBB Italiano <= 0.2 exbb[home_path] Remote File Include Vulnerability
No description provided by source...
ExBB 1.9.1 Home_Path Parameter Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/19787/info ExBB is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing...
CVE-2008-1862
ExBB Italia 0.22 and earlier only checks GET requests that use the QUERYSTRING for certain path manipulations, which allows remote attackers to bypass this check via 1 POST or 2 COOKIE variables, a different vector than CVE-2006-4488. NOTE: this can be leveraged to conduct PHP remote file inclusi...
CVE-2008-1861
Directory traversal vulnerability in modules/threadstop/threadstop.php in ExBB Italia 0.22 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the exbbdefaultlang parameter...
Remote file inclusion
ExBB Italia 0.22 and earlier only checks GET requests that use the QUERYSTRING for certain path manipulations, which allows remote attackers to bypass this check via 1 POST or 2 COOKIE variables, a different vector than CVE-2006-4488. NOTE: this can be leveraged to conduct PHP remote file inclusi...
Directory traversal
Directory traversal vulnerability in modules/threadstop/threadstop.php in ExBB Italia 0.22 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the exbbdefaultlang parameter...
CVE-2008-1861
CVE-2008-1861 affects ExBB Italia version 0.22 and earlier. A directory traversal flaw in modules/threadstop/threadstop.php allows remote attackers to include and execute arbitrary local files via a .. in the exbb[default_lang] parameter when register_globals is enabled and magic_quotes_gpc is di...
CVE-2008-1862
ExBB Italia 0.22 and earlier only checks GET requests that use the QUERYSTRING for certain path manipulations, which allows remote attackers to bypass this check via 1 POST or 2 COOKIE variables, a different vector than CVE-2006-4488. NOTE: this can be leveraged to conduct PHP remote file inclusi...
CVE-2008-1861
Directory traversal vulnerability in modules/threadstop/threadstop.php in ExBB Italia 0.22 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the exbbdefaultlang parameter...
CVE-2008-1862
ExBB Italia 0.22 and earlier are affected by PHP remote file inclusion vulnerabilities. The CVE-2008-1862 family describes checks on GET requests via QUERY_STRING that can be bypassed using POST or COOKIE variables, enabling RFI through URLs in the exbb[home_path] or new_exbb[home_path] parameter...
ExBB <= 0.22 (LFI/RFI) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ====================================================== ExBB | |||| /| / / ==================================================================================================== This is a public Exploit...
ExBB 0.22 - LocalRemote File Inclusion
ExBB 0.22 - LocalRemote File Inclusion ==================================================================================================== / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ==================================================================================================== This is a...
ExBB <= 0.22 (LFI/RFI) Multiple Remote Vulnerabilities
No description provided by source. ==================================================================================================== / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / /...
ExBB 0.22 - Local/Remote File Inclusion
==================================================================================================== / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / ==================================================================================================== This is a public Exploit...
ExBB Italia userstop.php远程文件包含漏洞
ExBB Italia是一款意大利语的论坛程序。 ExBB Italia在处理用户请求时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 ExBB Italia的modules/userstop/userstop.php脚本没有正确验证exbbhomepath参数的输入: include$exbb'homepath'.'modules/userstop/data/userstopconf.php';...
ExBB_ITA_v2.txt
ExBB Italiano Patched! Thanks to Flippo. "; Exploits - http://localhost/forum/modules/threadstop/threadstop.php?newexbbhomepath=phpcmdpath - http://localhost/forum/modules/userstop/userstop.php?exbbhomepath=phpcmdpath -...