HeffnerCMS 1.22 - index.php Local File Inclusion

HeffnerCMS 1.22 - index.php Local File Inclusion source: https://www.securityfocus.com/bid/43006/info HeffnerCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive...

SyndeoCMS Local File Include, Cross Site Scripting, and HTML Injection Vulnerabilities

SyndeoCMS is prone to a local file-include, a cross-site scripting, and an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. Exploiting the local file-include issue allows remote attackers to view or execute local files within the context of the...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Multi-lingual E-Commerce System 0.2 allow remote attackers to execute arbitrary PHP code via a URL in the includepath parameter to 1 checkout2-CYM.php, 2 checkout2-EN.php, 3 checkout2-FR.php, 4 cat-FR.php, 5 cat-EN.php, 6 cat-CYM.php, 7...

TBDev 2.0 - Remote File Inclusion / SQL Injection

source: https://www.securityfocus.com/bid/43004/info TBDev is prone to multiple input-validation vulnerabilities, including a remote file-include issue and an SQL-injection issue. A successful exploit may allow an attacker to execute malicious code within the context of the webserver process,...

ccTiddly 'cct_base' Parameter Multiple Remote File Include Vulnerabilities

ccTiddly is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible. ccTiddly 1.7.6 is vulnerable; oth...

TCMS - Multiple Input Validation Vulnerabilities

TCMS - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/42766/info TCMS is prone to multiple input-validation vulnerabilities, including a local file-include vulnerability, a local file-disclosure vulnerability, multiple SQL-injection vulnerabilities, and multip...

TCMS - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/42766/info TCMS is prone to multiple input-validation vulnerabilities, including a local file-include vulnerability, a local file-disclosure vulnerability, multiple SQL-injection vulnerabilities, and multiple cross-site scripting vulnerabilities. An...

Dedecms <= V5.6 Final模板执行漏洞

Dedecms V5.6 Final版本中的各个文件存在一系列问题，经过精心构造的含有恶意代表的模板内容可以通过用户后台的上传附件的功能上传上去，然后通过SQL注入修改附加表的模板路径为我们上传的模板路径，模板解析类：include/incarchivesview.php没有对模板路径及名称做任何限制，则可以成功执行恶意代码。 1、member/articleedit.php文件（注入）： //漏洞在member文件夹下普遍存在，$dedeaddonfields是由用户提交的，可以被伪造，伪造成功即可带入sql语句，于是我们可以给附加表的内容进行update赋值。 … //分析处理附加表...

Open-Realty 2.5.7 - Local File Disclosure

" sh.php"; ? include the image and sh.php will be generated. proceed with sh.php MAGICQUOTES must be 'off' and %00 must not be replaced with \0. / print "\n\n\n"; print "LFI discovery and implementation: Nikola Petrov [email protected]\n"; print "Date: 05.09.2009\n"; print "\n\n"; if$argc 5...

MailForm 1.2 Remote File Include Vulnerability

Exploit for php platform in category web applications ============================================== MailForm 1.2 Remote File Include Vulnerability ============================================== Exploit Title: MailForm Remote File Include Date: 14-8-2010 Author: LoSt.HaCkEr / aDaMTRoJaN Software...

PHP-Nuke-8.1-seo-Arabic Remote File Include Vulnerabilty

Exploit for php platform in category web applications ======================================================== PHP-Nuke-8.1-seo-Arabic Remote File Include Vulnerabilty ======================================================== Exploit Title: PHP-Nuke-8.1-seo-Arabic Remote File Include Date: 12-8-20...

clearBudget 0.9.8 - Remote File Inclusion

clearBudget 0.9.8 - Remote File Inclusion Exploit Title: clearBudget v0.9.8 Remote File Include Date: 10/08/2010 Author: Offensive [email protected] Red-Stone On Community ! Software Link: http://www.clearbudget.net Version : v0.9.8 Tested on: Windows XP C0nditi0ns : PHP Version 4.x.x Expl0it...

Clearsite 'header.php' Remote File Include Vulnerability

Clearsite is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. OpenVAS Vulnerability Test $Id:...

ClearSite RFI Vulnerability (Aug 2010) - Active Check

ClearSite is prone to a remote file include RFI vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

clearBudget v0.9.8 RFI Vulnerability

Exploit for php platform in category web applications ==================================== clearBudget v0.9.8 RFI Vulnerability ==================================== Exploit Title: clearBudget v0.9.8 Remote File Include Author: Offensive email protected Red-Stone On Community ! Software Link:...

68KB v1.0.0rc4 Remote File Include Vulnerability

================================================ 68KB v1.0.0rc4 Remote File Include Vulnerability ================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' /' / /' 0 0 /, // ,/ / 1 1 // /' / // /' / /' 0 0 / / / / / / 1 1 / ...

ccTiddly v1.7.6 Multiple Remote File Include Vulnerability

Exploit for php platform in category web applications ========================================================== ccTiddly v1.7.6 Multiple Remote File Include Vulnerability ==========================================================...

68designs 68kb Multiple Remote File Include Vulnerabilities

68designs 68kb is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user- supplied data. Exploiting these issues may allow an attacker to compromise the application and the computer; other attacks are also possible. OpenVAS Vulnerability Test $Id:...

68designs 68kb Multiple RFI Vulnerabilities (Aug 2010) - Active Check

68designs 68kb is prone to multiple remote file include RFI vulnerabilities because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

68KB 1.0.0rc4 - Remote File Inclusion

==================================================== 68KB v1.0.0rc4 Remote File Include Vulnerability ==================================================== Vendor: http://68kb.com download: http://github.com/68designs/68KB/downloads Author: eidelweiss Contact: g1xsystematwindowslive.com Original...