Lucene search
K

61 matches found

OSV
OSV
added 2019/06/18 12:15 a.m.11 views

CVE-2019-12868

app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP fileexists function is used with user-controlled entries, and phar:// URLs trigger deserialization...

7.2CVSS7.3AI score
Exploits0References2
Prion
Prion
added 2019/06/18 12:15 a.m.13 views

Deserialization of untrusted data

app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP fileexists function is used with user-controlled entries, and phar:// URLs trigger deserialization...

6.5CVSS7.2AI score0.03434EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/06/17 12:0 a.m.18 views

CVE-2019-12868

app/Model/Server.php in MISP 2.4.109 allows remote command execution by a super administrator because the PHP fileexists function is used with user-controlled entries, and phar:// URLs trigger deserialization...

7.3AI score0.03434EPSS
Exploits0References2
CVE
CVE
added 2019/06/17 12:0 a.m.52 views

CVE-2019-12868

CVE-2019-12868 (MISP 2.4.109) is a remote command execution vulnerability in the PHP component at app/Model/Server.php . The root cause is the use of PHP’s file_exists with user-controlled entries combined with phar:// URLs, which can trigger deserialization and allow a super administrator to exe...

7.2CVSS7.2AI score0.03434EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2017/07/05 12:0 a.m.51 views

PDNS Manager Remote Command Execution

Advisory: Remote Command Execution in PDNS Manager RedTeam Pentesting discovered that PDNS Manager is vulnerable to a remote command execution vulnerability, if for any reason the configuration file config/config-user.php does not exist. Details ======= Product: PDNS Manager Affected Versions: Gi...

0.5AI score
Exploits0
seebug.org
seebug.org
added 2016/11/04 12:0 a.m.24 views

CmsEasy front Desk arbitrary code execution vulnerability

Source link: https://xianzhi.aliyun.com/forum/read/215.html 在补丁页面http://www.cmseasy.cn/patch/show1116.html下载补丁CmsEasyforUploads20161012.zip Modified files no more 通过diff发现补丁中lib/default/toolact.php 392 row cutimageactionfunction is commented out Take a look at this function php /function...

6.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2015/10/30 10:7 a.m.30 views

CVE-2006-4481

The 1 fileexists and 2 imapreopen functions in PHP before 5.1.5 do not check for the safemode and openbasedir settings, which allows local users to bypass the settings. NOTE: the errorlog function is covered by CVE-2006-3011, and the imapopen function is covered by CVE-2006-1017...

9.3CVSS7.1AI score0.03032EPSS
Exploits2References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

DocMGR <= 0.54.2 (file_exists) Remote Commands Execution Exploit

No description provided by source. ?php ---docmgr0542inclxpl.php 0.30 12/02/2006 DocMGR = 0.54.2 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5, with shortopentag = On and registerglobals = On usage: launch from Apache, fill in requested...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Ignition 1.3 (page.php) Local File Inclusion Vulnerability

No description provided by source. Ignition 1.3 page Local File Inclusion Vulnerability disclosed by cOndemned download: http://launchpad.net/ignition/trunk/1.3/+download/ignition-1.3.tar.gz note: 1. Magicquotesgpc should be turned off in order to exploit this vulnerability 2. LFI bugs found by m...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/02/09 12:0 a.m.12 views

Easytalk任意文件包含漏洞

简要描述: 过滤不严。 详细说明: 在appaction.class.php中 public function index parent::tologin; $appname=trim$this-get'appname'; $action=$this-get'action';//直接调用方法 $out=urldecode$GET'out'; //是否开启应用 $app=M'Plugins'-where"directory='$appname' AND available=1"-find; $this-assign'app',$app; if !$app...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/09/30 8:30 p.m.6 views

php: paths with NULL character were considered valid

PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the fileexists function...

5CVSS6.9AI score0.05363EPSS
Exploits2References4
seebug.org
seebug.org
added 2013/04/23 12:0 a.m.286 views

ecshop最新2.7.3版本后台本地包含漏洞

简要描述: ecshop最新2.7.3版本后台本地包含漏洞 详细说明: admin/integrate.php文件,110行 $code = empty$GET'code' ? '' : trim$GET'code'; if empty$code || fileexistsROOTPATH . DATADIR . '/integrate' . $code . 'log.php' sysmsg$LANG'lostintalllog', 1; includeROOTPATH . DATADIR . '/integrate' . $code . 'log.php'; 1. $code 未过滤 ...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2013/02/22 12:0 a.m.26 views

Piwigo任意文件泄露和任意文件删除漏洞

BUGTRAQ ID: 58016 Piwigo是用PHP编写的相册脚本。 Piwigo 2.4.6及其他版本没有正确验证install.php脚本的 'dl'参数值,在实现上存在安全漏洞,攻击者可利用这些漏洞查看受影响计算机上的任意文件,删除受影响应用上下文内的任意文件。 0 Piwigo Piwigo 2.4.6 厂商补丁: Piwigo ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://piwigo.org/bugs/view.php?id=2843...

6.9AI score
Exploits0
CVE
CVE
added 2011/01/18 7:0 p.m.228 views

CVE-2006-7243

PHP before 5.3.4 accepts a NUL (\0) in a pathname, enabling context-dependent bypass of access restrictions (example: .php\0.jpg) via file_exists; remediation involves upgrading to a fixed PHP version (5.3.4+; later advisories note 5.4.41+/5.5.x+/5.6.x fixes). The CVE-2015-4025/4026 entries ackno...

5CVSS7.4AI score0.05363EPSS
Exploits2References26Affected Software1
UbuntuCve
UbuntuCve
added 2011/01/18 12:0 a.m.66 views

CVE-2006-7243

PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the fileexists function...

5CVSS7AI score0.05363EPSS
Exploits2References3
Packet Storm
Packet Storm
added 2010/05/14 12:0 a.m.29 views

Joomla Seber Cart 1.0.0.1x Local File Disclosure

========================================================================================================= o Joomla Component Seber Cart Local File Disclosure Vulnerability Software : comsebercart version 1.0.0.1x Vendor : http://www.seber.com.au/ Author : AntiSecurity NoGe Vrs-hCk OoNBoY Paman zx...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2010/05/14 12:0 a.m.27 views

Joomla Component Seber Cart (getPic.php) Local File Disclosure Vulnerability

No description provided by source. ========================================================================================================= o Joomla Component Seber Cart Local File Disclosure Vulnerability Software : comsebercart version 1.0.0.1x Vendor : http://www.seber.com.au/ Author :...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/07/14 12:0 a.m.12 views

CodeDB 1.1.1 - list.php Local File Inclusion

CodeDB 1.1.1 - list.php Local File Inclusion Name : CodeDB list.php lang Local File Inclusion Vulnerability Author : cOndemned Greetz : ZaBeaTy, str0ke, irk4z, GregStar, doctor, Adish, Avantura ; Source : // list.php 2. $lang = htmlspecialchars$GET'lang'; // ok, but.... for what ? lol 7...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/20 12:0 a.m.39 views

FireAnt 1.3 - &#039;index.php&#039; Local File Inclusion

Name : FireAnt v1.3 Local File Inclusion Vulnerability Author : cOndemned Dork : use Your brain : Greetz : ZaBeaTy, str0ke, GregStar, irk4z, Sandtalker & Avantura ; Source : // index.php 8. $page = "buglist"; //default page 9. if !empty$GET'page' 10. $page = striptags$GET'page'; 99. if...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/06/20 12:0 a.m.64 views

FireAnt 1.3 (index.php page) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications =============================================================== FireAnt 1.3 index.php page Local File Inclusion Vulnerability =============================================================== Name : FireAnt v1.3 Local File Inclusion...

7.1AI score
Exploits0
Rows per page
Query Builder