Directory traversal

Directory traversal vulnerability in ibrowser.php in the CMScout 2.09 IBrowser TinyMCE Plugin 1.4.1, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via a .. dot dot in the lang parameter. NOTE: some of these details are obtained from third party information...

CVE-2010-5281

CMScout 2.09 IBrowser TinyMCE Plugin 1.4.1 is affected by a directory traversal in ibrowser.php. When magic_quotes_gpc is disabled, an attacker can read arbitrary files by injecting a .. into the lang parameter. This is a true vulnerability with CVE-2010-5281 documented by NVD (base score 6.8, ve...

SocialCMS Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

e107 ibrowser.php zend_has_del() Function Remote Code Execution

The 'e107handlers/tinymce/plugins/ibrowser/ibrowser.php' script included with the version of e107 installed on the remote host contains a programming flaw that may allow an unauthenticated, remote attacker to execute arbitrary PHP code on the affected host, subject to the privileges of the web...

e107-GLOBALS-php.txt

!/usr/bin/php -q -d shortopentag=on ? printr' -------------------------------------------------------------------------------- e107 = 0.75 GLOBALS overwrite/ZendHashDelKeyOrIndex remote commands execution exploit by rgod [email protected] site: http://retrogod.altervista.org dork: "This site is...

e107 <= 0.75 (GLOBALS Overwrite) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ============================================================== e107 = 0.75 GLOBALS Overwrite Remote Code Execution Exploit ============================================================== !/usr/bin/php -q -d shortopentag=on ? printr'...