phpBB XS 0.58 - 'functions.php' Remote File Inclusion

Author: AzzCoder Vendor: http://www.phpbbxs.eu/ Vulnerable File: includes/functions.php Vulnerable Code: //The phpbbrootpath isn't initialize includeonce $phpbbrootpath . './includes/functionscategorieshierarchy.' . $phpEx ; Method To Use:...

CVE-2006-4456

CVE-2006-4456 affects phpECard 2.1.4 and earlier. It is a PHP remote file inclusion vulnerability in functions.php that allows an attacker to execute arbitrary PHP code by providing a URL in the include_path parameter. The NVD entry lists a base score of 7.5 (HIGH) with network access and low att...

PHPECard 2.1.4 - functions.php Remote File Inclusion

PHPECard 2.1.4 - functions.php Remote File Inclusion ============================================================================================== phpECard functions.php Remote File Inclusion Exploit ===============================================================================================...

phpECard <= 2.1.4 (functions.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications =================================================================== phpECard = 2.1.4 functions.php Remote File Include Vulnerability ===================================================================...

phpECard &lt;= 2.1.4 (functions.php) Remote File Include Vulnerability

No description provided by source. ============================================================================================== phpECard functions.php Remote File Inclusion Exploit =============================================================================================== Critical Level :...

OZJournal v1.5 - XSS

OZJournal v1.5 Homepage: http://ozjournals.awardspace.com/index.php Affected files: search input box index.php viewing archives show comment page ---------------------------------------- XSS vulnerability via search input box: Data isn't properly sanatized before being displayed. For a PoC in the...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in ScozNews 1.2.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONFIGmainpath parameter in 1 functions.php, 2 template.php, 3 news.php, 4 help.php, 5 mail.php, 6 Admin/admincats.php, 8 Admin/adminedit.php, 9...

ScozNews 1.2.1 - mainpath Remote File Inclusion

ScozNews 1.2.1 - mainpath Remote File Inclusion DEVIL TEAM THE BEST POLISH TEAM ScozNews v1.2.1 - Remote File Include Find by Kacper Rahim. Greetings For ALL DEVIL TEAM members, Special DragonHeart : Contact: [email protected] or http://www.devilteam.yum.pl dork: "Powered By ScozNews"...

Sql injection

SQL injection vulnerability in @1 File Store 2006.03.07 allows remote attackers to execute arbitrary SQL commands via the id parameter to 1 functions.php and 2 user.php in the libs directory, 3 edit.php and 4 delete.php in control/files/, 5 edit.php and 6 delete.php in control/users/, 7 edit.php,...

CVE-2006-1104

Pixelpost

[eVuln] Teca Diary PE SQL Injection Vulnerability

New eVuln Advisory: Teca Diary PE SQL Injection Vulnerability http://evuln.com/vulns/75/summary.html --------------------Summary---------------- eVuln ID: EV0075 CVE: CVE-2006-0729 Software: Teca Diary PE Sowtware's Web Site: http://www.teca-scripts.com Versions: 1.0 Critical Level: Moderate Type...

Sql injection

SQL injection vulnerability in functions.php in Teca Diary PE 1.0 allows remote attackers to execute arbitrary SQL commands via the 1 yy, 2 mm, and 3 dd parameters...

CVE-2006-0729

SQL injection vulnerability in functions.php in Teca Diary PE 1.0 allows remote attackers to execute arbitrary SQL commands via the 1 yy, 2 mm, and 3 dd parameters...

CVE-2006-0471

Cross-site scripting XSS vulnerability in the bbcode function in functions.php in my little homepage my little forum, as last modified in June 2005, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags...

CVE-2006-0471

CVE-2006-0471 describes a cross-site scripting (XSS) vulnerability in the bbcode function of functions.php in the My Little homepage / My Little Forum package (last modified June 2005). The flaw allows remote attackers to inject arbitrary JavaScript via a javascript: URI used in BBcode link tags,...

CVE-2006-0471

Cross-site scripting XSS vulnerability in the bbcode function in functions.php in my little homepage my little forum, as last modified in June 2005, allows remote attackers to inject arbitrary Javascript via a javascript URI in BBcode link tags...

Cross site scripting

Cross-site scripting XSS vulnerability in SaralBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via a website field in a new comment to view.php, which is not properly handled in the comment function in functions.php...

CVE-2006-0346

Cross-site scripting XSS vulnerability in SaralBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via a website field in a new comment to view.php, which is not properly handled in the comment function in functions.php...

CVE-2006-0233

Cross-site scripting XSS vulnerability in functions.php in microBlog 2.0 RC-10 allows remote attackers to inject arbitrary web script and HTML via a javascript: URI in a url BBcode tag...

[eVuln] microBlog BBCode XSS Vulnerability

New eVuln Advisory: microBlog BBCode XSS Vulnerability http://evuln.com/vulns/36/summary/bt/ --------------------Summary---------------- Software: microBlog Sowtware's Web Site: http://www.stamcar.com/projekti/microblog/ Versions: 2.0 RC-10 Critical Level: Harmless Type: Cross-Site Scripting Clas...