8856 matches found
PHP-Nuke Dance Music Module - 'index.php' Local File Inclusion
source: https://www.securityfocus.com/bid/25806/info Dance Music is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized remote user to view files and execute local scripts in the context of the...
PHP-Nuke addon Nuke Mobile Entartainment LFI Vulnerability
Exploit for unknown platform in category web applications ========================================================== PHP-Nuke addon Nuke Mobile Entartainment LFI Vulnerability ========================================================== Nuke Mobile Entartainment AsbMay's Group ... Vuln. Code :...
phpsyncml <= 0.1.2 Remote File Include Vulnerabilities
No description provided by source. ======================================================================== || || || || || || || || || || || || ======================================================================== ======================================================================== phpsync...
phpsyncml <= 0.1.2 Remote File Include Vulnerabilities
Exploit for unknown platform in category web applications ====================================================== phpsyncml = 0.1.2 Remote File Include Vulnerabilities ====================================================== ======================================================================== ||...
phpsyncml-rfi.txt
======================================================================== || || || || || || || || || || || || ======================================================================== ======================================================================== phpsyncml = 0.1.2 Remote File Include...
Mambo / Joomla! Multiple Components 'mosConfig_live_site' Parameter Remote File Include
A third-party component for Mambo or Joomla! is running on the remote host. At least one such component is affected by a remote file include vulnerability due to improper sanitization of user-supplied input to the 'mosConfiglivesite' parameter before using it to include PHP code. Provided the PHP...
Coppermine Photo Gallery 1.4.12 - 'referer' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25698/info Coppermine Photo Gallery is prone to a cross-site scripting issue and a local file-include issue. Attackers can exploit these issues to steal cookie-based authentication credentials, execute arbitrary code, and retrieve arbitrary content within...
CARE2X php Integ Hospital Info System 2G Deployment 2.2 Multi Remote File Include
X---- w w w . u N k n 0 w n . e u ----X CARE2X php Integ Hospital Info System 2G Deployment 2.2 Multi Remote File Include ::Home: http://care2x.org/ http://sourceforge.net/projects/care2002/ ::Vuln Type : Remote File Include RFI ::Discovered by : iNs ::Vuln Code: /language/en/encopyrite.php ?php...
CRS Manager ($DOCUMENT_ROOT) Multi Remote File Include
X---- w w w . u N k n 0 w n . e u ----X CRS Managercrsmanager Multi Remote File Include ::Home: http://crsmanager.berlios.de ::Vuln Type : Remote File Include RFI ::Discovered by : iNs ::Vuln Code: index.php login.php ?php require $DOCUMENTROOT."/../admin/settings/conf.php"; PoC:...
phpreality-rfi.txt
|-------------------------------------------------------------------------------| | | | phpRealty 0.02 MGR Remote File include | | | | Script : phpRealty | | Version : 0.02 | | Authord : QTRinux | | Contact : Qataro at hotmail dot com | | Vendor : http://phprealty.budissy.com/phprealty/v0.02/ | |...
Pulsewiki And Pawfaliki 0.5.1 - 'index.php' Local File Inclusion
source: https://www.securityfocus.com/bid/25575/info Pulsewiki and Pawfaliki are prone to a local file-include vulnerability because the software fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts...
Claroline 1.x - admincampusProblem.php?view Cross-Site Scripting
Claroline 1.x - admincampusProblem.php?view Cross-Site Scripting source: https://www.securityfocus.com/bid/25521/info Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities. An attacker could exploit these issues to execute local script code in...
Claroline 1.x - adminadminusers.php?dir Cross-Site Scripting
Claroline 1.x - adminadminusers.php?dir Cross-Site Scripting source: https://www.securityfocus.com/bid/25521/info Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities. An attacker could exploit these issues to execute local script code in the...
Claroline 1.x - '/admin/adminusers.php?dir' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25521/info Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities. An attacker could exploit these issues to execute local script code in the context of the application and access sensitive data, which m...
Claroline 1.x - '/admin/campusProblem.php?view' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25521/info Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities. An attacker could exploit these issues to execute local script code in the context of the application and access sensitive data, which m...
Claroline 1.x - '/admin/advancedUserSearch.php?action' Cross-Site Scripting
source: https://www.securityfocus.com/bid/25521/info Claroline is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities. An attacker could exploit these issues to execute local script code in the context of the application and access sensitive data, which m...
someryc-rfi.txt
SomeryC = v0.2.4 Remote File Include Vendor: http://someryc.mostpopularcomic.com download http://someryc.mostpopularcomic.com/sC024.zip found by: Katatafish [email protected] d0rk: "powered by someryc" vuln-code/admin/system/include.php: if $start .... include"$skindir/header.php";...
SomeryC 0.2.4 - 'include.php?skindir' Remote File Inclusion
SomeryC = v0.2.4 Remote File Include Vendor: http://someryc.mostpopularcomic.com download http://someryc.mostpopularcomic.com/sC024.zip found by: Katatafish [email protected] d0rk: "powered by someryc" vuln-code/admin/system/include.php: if $start .... include"$skindir/header.php";...
CVE-2007-4536
TorrentTrader 1.07 and earlier sets insecure permissions for files in the root directory, which allows attackers to execute arbitrary PHP code by modifying 1 disclaimer.txt, 2 sponsors.txt, and 3 banners.txt, which are used in an include call. NOTE: there might be local attack vectors that extend...
Arcadem 2.01 - index.php Remote File Inclusion
Arcadem 2.01 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/25432/info Arcadem is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and t...