EUVD-2008-1085

Malware in sbrugna...

PT-2023-29084 · Unknown · Kc Group E-Commerce

Name of the Vulnerable Software and Affected Versions: KC Group E-Commerce Software versions through 20231123 Description: The issue affects the KC Group E-Commerce Software, allowing for Reflected XSS due to improper neutralization of input during web page generation. The vendor was contacted...

Yahoo Challenged on Claims Breach Was State-Sponsored Attack

As challenges mount against Yahoo’s attribution of a massive 2014 data breach to state-sponsored hackers, CISO Bob Lord yesterday confirmed that a cache of 200 million Yahoo accounts marketed this summer in an underground forum is unrelated to the breach. Speaking at the Structure Security...

GROUP-E head_auth.php远程文件包含漏洞

BUGTRAQ ID: 28024 CVECAN ID: CVE-2008-1074 GROUP-E是基于LAMP架构的企业协作软件。 GROUP-E的www/lib/headauth.php文件中没有正确地验证对CFGPREPENDFILE参数的输入，这允许攻击者包含任意本地或外部资源的文件。成功攻击要求打开了registerglobals。 GROUP-E GROUP-E 1.6.41 厂商补丁： GROUP-E ------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

CVE-2008-1074

PHP remote file inclusion vulnerability in lib/headauth.php in GROUP-E 1.6.41 allows remote attackers to execute arbitrary PHP code via a URL in the CFGPREPENDFILE parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in lib/headauth.php in GROUP-E 1.6.41 allows remote attackers to execute arbitrary PHP code via a URL in the CFGPREPENDFILE parameter...

CVE-2008-1074

CVE-2008-1074 affects GROUP-E 1.6.41, where lib/head_auth.php fails to validate CFG[PREPEND_FILE], enabling remote inclusion of arbitrary files and potential PHP code execution. Root cause: inadequate input validation for the PREPEND_FILE parameter leading to local/remote file inclusion. Impact: ...

CVE-2008-1074

PHP remote file inclusion vulnerability in lib/headauth.php in GROUP-E 1.6.41 allows remote attackers to execute arbitrary PHP code via a URL in the CFGPREPENDFILE parameter...

GROUP-E 1.6.41 (head_auth.php) Remote File Inclusion Vulnerability

No description provided by source. ┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rise...

GROUP-E 1.6.41 (head_auth.php) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== GROUP-E 1.6.41 headauth.php Remote File Inclusion Vulnerability ==================================================================...

GROUP-E 1.6.41 - 'head_auth.php' Remote File Inclusion

???????????????????????????????????????????????????????????????????????????????? ?? C r a C k E r ?? ?? T H E C R A C K O F E T E R N A L M I G H T ?? ?????????????????????????????????????????????????????????????????????????????? ????? From The Ashes and Dust Rises An Unimaginable crack.... ?????...