PUMA <= 1.0 RC 2 (config.php) Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 import re from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register class PUMARemoteFileIncludePOCBase: vulID = '63959' version = '1' vulDate = '2006-09-09' author = ' ' createDat...

CVE-2007-0487

The CVE-2007-0487 issue is a PHP remote file inclusion in FreeForum 0.9.0 (index.php) exploitable via the fpath parameter, allowing remote code execution. This vulnerability is associated with FreeForum 0.9.0’s index.php and the fpath parameter, and descriptions note that third-party researchers ...

PT-2007-1947 · Freeforum · Freeforum

Name of the Vulnerable Software and Affected Versions: FreeForum version 0.9.0 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter in the index.php file. However, this issue has been disputed by third-party researchers, stating that the...

CVE-2007-0487

PHP remote file inclusion vulnerability in index.php in FreeForum 0.9.0 allows remote attackers to execute arbitrary PHP code via a URL in the fpath parameter. NOTE: this issue has been disputed by third party researchers, stating that fpath variable is initialized before being used...

freeforum090-rfi.txt

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% FreeForum 0.9.0 =- index.php fpath Remote File Include Vulnerability Script: FreeForum Version: 0.9.0 URL: http://www.phpfreaks.com/scripts.php?action=gotoDownload&scriptid=616 Found By : BorN To K!LL %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% Bug in : index.php...

FreeForum 0.9.0 &lt;=- &#40;index.php fpath&#41; Remote File Include Vulnerability

FreeForum 0.9.0 =- index.php fpath Remote File Include Vulnerability Script: FreeForum Version: 0.9.0 URL: http://www.phpfreaks.com/scripts.php?action=gotoDownload&scriptid=616 Found By : BorN To K!LL Bug in : index.php code : include"$fpath/forum.php"; Explo!T :. ^^^^^ /index.php?fpath=SHe1L-CoD...

PUMA 1.0 RC 2 &#40;config.php&#41; Remote File Inclusion

+-------------------------------------------------------------------- + + PUMA 1.0 RC 2 config.php Remote File Inclusion + + Original advisory: + http://www.bb-pcsecurity.de/Websecurity/415/org/PUMA1.0RC2config.phpRFI.htm + +-------------------------------------------------------------------- + +...

PUMA <= 1.0 RC 2 (config.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications =============================================================== PUMA Declare $fpath! + - Deny direct access to config.php + - or modify code: + + if!isset$REQUEST'fpath' && !isset$GET'fpath' && !isset$POST'fpath' + //code of org. config.ph...