11 matches found
EUVD-2007-5859
Malware in sbrugna...
EUVD-2007-5274
Malware in sbrugna...
IDMOS 1.0 - site_absolute_path Multiple Remote File Inclusions
IDMOS 1.0 - siteabsolutepath Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/29868/info IDMOS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromis...
IDM-OS 1.0 - Filename File Disclosure
IDM-OS 1.0 - Filename File Disclosure --==+================================================================================+==-- --==+ idmos1.0 Remote File Discolousure Vulnerability +==-- --==+================================================================================+==-- Author: MhZ91...
CVE-2007-5889
CVE-2007-5889 describes PHP remote file inclusion vulnerabilities in IDMOS 1.0 Alpha (aka Phoenix). The affected components are the admin-facing scripts (admin.php, menu_add.php, menu_operation.php) under the administrator/ path, where a URL passed to site_absolute_path can cause arbitrary PHP co...
CVE-2007-5889
Multiple PHP remote file inclusion vulnerabilities in IDMOS 1.0 Alpha aka Phoenix allow remote attackers to execute arbitrary PHP code via a URL in the siteabsolutepath parameter to 1 admin.php, 2 menuadd.php, and 3 menuoperation.php in administrator/, different vectors than CVE-2007-5294...
CVE-2007-5293
Multiple cross-site scripting XSS vulnerabilities in IDMOS 1.0-beta aka Phoenix allow remote attackers to inject arbitrary web script or HTML via the 1 errmsg parameter to error.php and the 2 content parameter to templates/simple/ia.php...
Remote file inclusion
PHP remote file inclusion vulnerability in core/aural.php in IDMOS 1.0-beta aka Phoenix allows remote attackers to execute arbitrary PHP code via a URL in the siteabsolutepath parameter...
CVE-2007-5294
PHP remote file inclusion vulnerability in core/aural.php in IDMOS 1.0-beta aka Phoenix allows remote attackers to execute arbitrary PHP code via a URL in the siteabsolutepath parameter...
CVE-2007-5294
PHP remote file inclusion vulnerability in core/aural.php in IDMOS 1.0-beta aka Phoenix allows remote attackers to execute arbitrary PHP code via a URL in the siteabsolutepath parameter...
CVE-2007-5294
CVE-2007-5294 affects IDMOS 1.0-beta (aka Phoenix); a PHP remote file inclusion flaw exists in core/aural.php that allows an attacker to execute arbitrary PHP code via a site_absolute_path URL parameter. The description confirms remote code execution via a crafted URL, but the connected documents...