75 matches found
Mambo Component bigAPE-Backup 1.1 - Remote File Inclusion
Mambo Component bigAPE-Backup 1.1 - Remote File Inclusion / Notes: globals bypass with a multipart/form-data POST PHP4 = 4.4.0 PHP5 = 5.0.5 http://www.hardened-php.net/globals-problem /str0ke / C Y BE R - W A R R i O R T I M mambo combabackup 1.1 Component mosConfigabsolutepath Remote File...
Mambo Component bigAPE-Backup 1.1 - Remote File Inclusion
/ Notes: globals bypass with a multipart/form-data POST PHP4 = 4.4.0 PHP5 = 5.0.5 http://www.hardened-php.net/globals-problem /str0ke / C Y BE R - W A R R i O R T I M mambo combabackup 1.1 Component mosConfigabsolutepath Remote File Inclusion Vulnerabilities Author: mdx Class : Remote cont@ct:...
Immunity Canvas: DOKUWIKI_EXEC
Name| dokuwikiexec ---|--- CVE| CVE-2006-2878 Exploit Pack| CANVAS Description| DokuWiki Spell Checker Embedded Link Arbitrary PHP Code Execution Notes| CVE Name: CVE-2006-2878 VENDOR: DokuWiki Repeatability: Infinite References: 'http://www.hardened-php.net/advisory042006.119.html' CVSS: 7.5 DOR...
FreeBSD : pear-XML_RPC -- remote PHP code injection vulnerability (e65ad1bf-0d8b-11da-90d0-00304823c0d3)
A Hardened-PHP Project Security Advisory reports : When the library parses XMLRPC requests/responses, it constructs a string of PHP code, that is later evaluated. This means any failure to properly handle the construction of this string can result in arbitrary execution of PHP code. This new...
Advisory 01/2006: PHP ext/session HTTP Response Splitting Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: PHP ext/session HTTP Response Splitting Vulnerability Release Date: 2006/01/12 Last Modified: 2006/01/12 Author: Stefan Esser [email protected] Application: PHP5 = 5.1.1...
Advisory 26/2005: TinyMCE Compressor Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: TinyMCE Compressor Vulnerabilities Release Date: 2005/12/29 Last Modified: 2005/12/29 Author: Stefan Esser [email protected] Application: TinyMCE Compressor = 1.0.5...
GLSA-200511-18 : phpSysInfo: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200511-18 phpSysInfo: Multiple vulnerabilities Christopher Kunz from the Hardened-PHP Project discovered that phpSysInfo is vulnerable to local file inclusion, cross-site scripting and a HTTP Response Splitting attacks. Impact : A...
Hardened-PHP Project Security Advisory 2005-21.81
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Multiple vulnerabilities in phpSysInfo Release Date: 2005/11/13 Last Modified: 2005/11/12 Author: Christopher Kunz Application: phpSysInfo 2.4 and prior Severity: Cross-Site...
[SA17441] phpSysInfo "register_globals" Emulation Layer Overwrite Vulnerability
TITLE: phpSysInfo "registerglobals" Emulation Layer Overwrite Vulnerability SECUNIA ADVISORY ID: SA17441 VERIFY ADVISORY: http://secunia.com/advisories/17441/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Manipulation of data, Exposure of sensitive information WHERE: From remote...
[Full-disclosure] Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: phpMyAdmin Local File Inclusion Vulnerability Release Date: 2005/10/22 Last Modified: 2005/10/22 Author: Stefan Esser [email protected] Application: phpMyAdmin = 2.6.4-p...
[Full-disclosure] Advisory 11/2005: Multiple vulnerabilities in Contrexx
Hardened PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Multiple vulnerabilities in Contrexx Release Date: 2005/07/21 Last Modified: 2005/07/18 Author: Christopher Kunz [email protected] Application: Contrexx 1.0.5 Severity: Cross-Site Scripting, SQL injection...
Hardened-PHP Project Security Advisory 2005-11.59
Hardened PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Multiple vulnerabilities in Contrexx Release Date: 2005/07/21 Last Modified: 2005/07/18 Author: Christopher Kunz Application: Contrexx 1.0.5 Severity: Cross-Site Scripting, SQL injection and information disclosure, passwo...
Advisory 10/2005: Yawp/YaWiki Remote URL Include Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: Yawp/YaWiki Remote URL Include Vulnerability Release Date: 2005/07/12 Last Modified: 2005/07/12 Author: Stefan Esser [email protected] Application: Yawp = 1.0.6 Severity...
GLSA-200506-21 : Trac: File upload vulnerability
The remote host is affected by the vulnerability described in GLSA-200506-21 Trac: File upload vulnerability Stefan Esser of the Hardened-PHP project discovered that Trac fails to validate the 'id' parameter when uploading attachments to the wiki or the bug tracking system. Impact : A remote...
PunBB 1.2.4 - 'id' SQL Injection
!/usr/bin/python | || | | | | | | | || || \ | |/ || '|/ |/ -| ' \ / -/ |||| /| || / ||||,||| ,|||||||,| || |||||| Proof of concept code from the Hardened-PHP Project -= PunBB 1.2.4 =- changeemail SQL injection exploit user-supplied data within the database is still user-supplied data import...