82 matches found
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Thierry Leriche Restaurant Management System ReMaSys 0.5 allow remote attackers to execute arbitrary PHP code via a URL in 1 the DIRROOT parameter to a global.php, or the 2 DIRPAGE parameter to b template/fr/page.php or c...
Php168 v 4.0 sp global.php 写入漏洞
在global.php中有这样的代码: function loginlogs$username,$password global $timestamp,$onlineip; $logdb="$username\t$password\t$timestamp\t$onlineip"; @includePHP168PATH."cache/adminloginlogs.php"; $writefile="$value $jj++; $writefile.="\$logdb=\"$value\";"; if$jj200 break;...
sunshop v4 >> RFI
vendor : turnkeywebtools.com by : s3rv3rhack3r [email protected] bugz: ++++++++++++++++++++ include/payment/payflowpro.php include $abspath."/include/payment/payflowpro/pfpro.class.php"; ++++++++++++++++++++ global.php requireonce $abspath."/libsecure.php"; ++++++++++++++++++++ libsecure.php inclu...
PNews Global.PHP远程文件包含漏洞
PNews是一款基于PHP的新闻管理程序。 PNews不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'Global.PHP'脚本对用户提交的'nbs'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 pNews Systems pNews 1.1 http://sourceforge.net/projects/phpnews-system/ http://www.example.com/includes/global.php?nbs=shell?...
Cwfm <= 0.9.1 (Language) Remote File Inclusion Vulnerability
No description provided by source. +-------------------------------------------------------------------- + + Cwfm-0.9.1 Language Remote File Inclusion + + Original advisory: + + http://www.bb-pcsecurity.de/Websecurity/301/org/Cwfm-0.9.1LanguageRemoteFileInclusion.htm +...
PHP Live Helper <= 2.0 (abs_path) Remote File Inclusion Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV43$2006 ------------------------------------------------------------------------------ ECHOADV43$2006 PHP Live Helper = 2.0 abspath Remote File Inclusion...
administr8.txt
=================================================================================================== + = + Administr8 = 0.3b Remot File Include Vulnerability = + = + = + = +Affected Script: Administr8 = 0.3b = + = +Author: Kelli Shaver = + = +website : http://www.kellishaver.com/ = + = +Release...
CVE-2006-5104
SQL injection vulnerability in global.php in Jelsoft vBulletin 2.x allows remote attackers to execute arbitrary SQL commands via the templatesused parameter...
Vbulletin-2.x.txt
Hello,, Vbulletin 2.X sql injection Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] This is sql injection in vbulletin systems the injection is in the global.php file we can use it global.php?templatesused=/ the query will be...
CVE-2006-5104
The CVE-2006-5104 entry concerns Jelsoft vBulletin 2.x, where a SQL injection vulnerability exists in the global.php handling of the templatesused parameter. The underlying issue allows remote attackers to craft input that leads to arbitrary SQL execution, as reported in multiple sources (NVD ent...
PNewsv1.1.0.txt
PNews v1.1.0 nbs Remote File Inclusion Affected Software..:PNews v1.1.0 download...:http://sourceforge.net/project/showfiles.php?groupid=35550 Class .............: Remote File Inclusion Risk ..............: high Found by ..........: CvIr.System Contact ...........: CvIr.Systematgmail.com Affected...
Vbulletin 2.X sql injection
Hello,, Vbulletin 2.X sql injection Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] This is sql injection in vbulletin systems the injection is in the global.php file we can use it global.php?templatesused=/ the query will be...
PNews v1.1.0 (nbs) Remote File Inclusion
PNews v1.1.0 nbs Remote File Inclusion Affected Software..:PNews v1.1.0 download...:http://sourceforge.net/project/showfiles.php?groupid=35550 Class .............: Remote File Inclusion Risk ..............: high Found by ..........: CvIr.System Contact ...........: CvIr.Systematgmail.com Affected...
pNews 1.1.0 - 'nbs' Remote File Inclusion
PowerNews v1.1.0 nbs Remote File Inclusion Affected Software .: PowerNews v1.1.0 Download..: http://sourceforge.net/project/showfiles.php?groupid=35550 Class .............: Remote File Inclusion Risk ..............: high Found by ..........: CvIr.System Contact ...........: CvIr.Systematgmail.com...
pNews 1.1.0 - nbs Remote File Inclusion
pNews 1.1.0 - nbs Remote File Inclusion PowerNews v1.1.0 nbs Remote File Inclusion Affected Software .: PowerNews v1.1.0 Download..: http://sourceforge.net/project/showfiles.php?groupid=35550 Class .............: Remote File Inclusion Risk ..............: high Found by ..........: CvIr.System...
pNews <= 1.1.0 (nbs) Remote File Include Vulnerability
No description provided by source. PowerNews v1.1.0 nbs Remote File Inclusion Affected Software .: PowerNews v1.1.0 Download..: http://sourceforge.net/project/showfiles.php?groupid=35550 Class .............: Remote File Inclusion Risk ..............: high Found by ..........: CvIr.System Contact...
pNews <= 1.1.0 (nbs) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ====================================================== pNews = 1.1.0 nbs Remote File Include Vulnerability ====================================================== PowerNews v1.1.0 nbs Remote File Inclusion Affected Software .: PowerNews...
CVE-2006-4707
CVE-2006-4707 is an XSS vulnerability in MyBB 1.1.7, exploitable through the Admin CP login form (admin/global.php) by supplying malicious input in the query string ($_SERVER[PHP_SELF]). The NVD record notes a CVSS v2 base score of 6.8 (Medium) with impacts to confidentiality, integrity, and avai...
[KAPDA]MyBB 1.1.7 ~ admin/global.php ~ XSS Attack
ORIGINAL ADVISORY: http://myimei.com/security/2006-08-17/mybb-117-adminglobalphp-xss-attack.html http://kapda.ir/page-advisory.html ——————-Summary—————- Software: MyBB Sowtware’s Web Site: http://www.mybboard.com Versions: 1.1.7 Class: Remote Status: Unpatched Exploit: Available Solution: Availab...
cwfm091.txt
+-------------------------------------------------------------------- + + Cwfm-0.9.1 Language Remote File Inclusion + + Original advisory: + + http://www.bb-pcsecurity.de/Websecurity/301/org/Cwfm-0.9.1LanguageRemoteFileInclusion.htm +...