8828 matches found
CRS Manager ($DOCUMENT_ROOT) Multi Remote File Include
X---- w w w . u N k n 0 w n . e u ----X CRS Managercrsmanager Multi Remote File Include ::Home: http://crsmanager.berlios.de ::Vuln Type : Remote File Include RFI ::Discovered by : iNs ::Vuln Code: index.php login.php ?php require $DOCUMENTROOT."/../admin/settings/conf.php"; PoC:...
phpreality-rfi.txt
|-------------------------------------------------------------------------------| | | | phpRealty 0.02 MGR Remote File include | | | | Script : phpRealty | | Version : 0.02 | | Authord : QTRinux | | Contact : Qataro at hotmail dot com | | Vendor : http://phprealty.budissy.com/phprealty/v0.02/ | |...
Pulsewiki And Pawfaliki 0.5.1 - 'index.php' Local File Inclusion
source: https://www.securityfocus.com/bid/25575/info Pulsewiki and Pawfaliki are prone to a local file-include vulnerability because the software fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts...
Claroline 1.x - adminadminusers.php?dir Cross-Site Scripting
Claroline 1.x - adminadminusers.php?dir Cross-Site Scripting source: https://www.securityfocus.com/bid/25521/info Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities. An attacker could exploit these issues to execute local script code in the...
Claroline 1.x - '/admin/advancedUserSearch.php?action' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25521/info Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities. An attacker could exploit these issues to execute local script code in the context of the application and access sensitive data, which m...
Claroline 1.x - admincampusProblem.php?view Cross-Site Scripting
Claroline 1.x - admincampusProblem.php?view Cross-Site Scripting source: https://www.securityfocus.com/bid/25521/info Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities. An attacker could exploit these issues to execute local script code in...
Claroline 1.x - '/admin/adminusers.php?dir' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25521/info Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities. An attacker could exploit these issues to execute local script code in the context of the application and access sensitive data, which m...
Claroline 1.x - '/admin/campusProblem.php?view' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25521/info Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities. An attacker could exploit these issues to execute local script code in the context of the application and access sensitive data, which m...
someryc-rfi.txt
SomeryC = v0.2.4 Remote File Include Vendor: http://someryc.mostpopularcomic.com download http://someryc.mostpopularcomic.com/sC024.zip found by: Katatafish [email protected] d0rk: "powered by someryc" vuln-code/admin/system/include.php: if $start .... include"$skindir/header.php";...
SomeryC 0.2.4 - 'include.php?skindir' Remote File Inclusion
SomeryC = v0.2.4 Remote File Include Vendor: http://someryc.mostpopularcomic.com download http://someryc.mostpopularcomic.com/sC024.zip found by: Katatafish [email protected] d0rk: "powered by someryc" vuln-code/admin/system/include.php: if $start .... include"$skindir/header.php";...
CVE-2007-4536
TorrentTrader 1.07 and earlier sets insecure permissions for files in the root directory, which allows attackers to execute arbitrary PHP code by modifying 1 disclaimer.txt, 2 sponsors.txt, and 3 banners.txt, which are used in an include call. NOTE: there might be local attack vectors that extend...
Arcadem 2.01 - index.php Remote File Inclusion
Arcadem 2.01 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/25432/info Arcadem is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and t...
Note:the IIS under another dangerous ISAPI extension-a vulnerability warning-the black bar safety net
We first look at a report on the SSI: SSI what is the use? The reason you want to pull to the ssi, because shtml--server-parsed HTML of the acronym. Contains embedded server-side include command in the HTML text. In is transmitted to the browser before the server will SHTML document is completely...
mcLinksCounter 1.2 Remote File Include by iNs
App Name : mcLinksCounter 1.2 HomePage: http://www.phpforums.net Vuln type : Remote File Include RFI Vuln Discovered by : iNs BUG: on file stats.php ,login.php ,detail.php : include "$langfile"; PoC: http://www.site.com/path/stats.php?langfile=sH3lLz? iNs @ uNkn0wn.eu Gr33tz t0: uNkn0wn.eu - iD -...
Butterfly online vistors counter 1.08 RFI
App Name : Butterfly online vistors counter v.1.08 HomePage : http://www.phoenix.frihost.net/butterfly/readme.php Vuln type : Remote File Include RFI Vulnerability Discovered by : iNs Vuln Code: visitor.php includeonce $SERVER"DOCUMENTROOT" . "/butterfly/custom.php"; // include settings POC:...
dalai-rfi.txt
============================================================================================== Dalai Forum Remote File Inclusion Exploit =============================================================================================== DORK : "Dalai Forum"...
My_REFERER v.1.08 Remote File Include
App Name : MyREFERER v.1.08 HomePage : http://www.phoenix.frihost.net/referer/readme.php Vuln type : Remote File Include RFI Vulnerability Discovered by : iNs Vuln Code: login.php include"$value"; POC: htttp://site.com/path/login.php?value=SHELL.txt?? iNs @ uNkn0wn.eu Gr33tz t0: uNkn0wn.eu - iD -...
Dalai Forum 1.1 - 'forumreply.php' Local File Inclusion
source: https://www.securityfocus.com/bid/25361/info Dalai Forum is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts...
Systme de vote en temps rel v1.0 Remote File include Bug
//////////////////////////////////////////// Systиme de vote en temps rйel v1.0 Remote File nclude Bug //////////////////////////////////////////// Author : CrackersChild //////////////////////////////////////////// Contact : [email protected] & http://karanliktaoynayanlar.com &...
systemedevote-rfi.txt
//////////////////////////////////////////// Système de vote en temps réel v1.0 Remote File İnclude Bug //////////////////////////////////////////// Author : CrackersChild //////////////////////////////////////////// Contact : [email protected] & http://karanliktaoynayanlar.com &...