AllMyLinks 0.x - footer.inc.php Arbitrary Code Execution

AllMyLinks 0.x - footer.inc.php Arbitrary Code Execution source: https://www.securityfocus.com/bid/9664/info Reportedly the AllMyPHP applications AllMyGuests, AllMyLinks and AllMyVisitors are prone to a remote file include vulnerability. The issue is due to insufficient filtering of URI passed...

VisualShapers EZContents 1.x2.0 - db.php Arbitrary File Inclusion

VisualShapers EZContents 1.x2.0 - db.php Arbitrary File Inclusion source: https://www.securityfocus.com/bid/9638/info It has been reported that ezContents may be prone to a file include vulnerability in multiple modules. The problem reportedly exists because remote users may influence the...

phpscripts.txt

Informations : °°°°°°°°°°°°°° Website : http://www.phpscripts-fr.net Version : all Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° config/fonctions.lib.php dernierscommentaires.php admin.php ------------------------------------------------------------------ if !isset$rep $rep = './...

Laurent Adda Les Commentaires 2.0 - PHP Script 'fonctions.lib.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external files containing arbitrary PHP code to be executed on a vulnerable system. All...

Laurent Adda Les Commentaires 2.0 - PHP Script derniers_commentaires.php Remote File Inclusion

Laurent Adda Les Commentaires 2.0 - PHP Script dernierscommentaires.php Remote File Inclusion source: https://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include...

HotNews 0.x - hotnews-engine.inc.php3?config[header] Remote File Inclusion

HotNews 0.x - hotnews-engine.inc.php3?configheader Remote File Inclusion source: https://www.securityfocus.com/bid/9357/info HotNews is prone to multiple file include vulnerabilities. This will permit remote attackers to cause malicious PHP scripts from attacker-controlled servers to be included...

easydynamic.txt

Producr:EasyDynamicPages v.2.0: Advanced Portal Management System Vendors:http://software.stoitsov.com Bug :include Risk:Cao Author:tsbeginnervnc Web : www.security.com.vn ------------------------------------- Introduction : system, personal or business site or what you need. The goal is to have ...

CVE-2003-0628

PeopleSoft Gateway Administration servlet gateway.administration in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include SSI files via an HTTP request with an invalid value...

CVE-2003-0863

The phpchecksafemodeincludedir function in fopenwrappers.c of PHP 4.3.x returns a success value 0 when the safemodeincludedir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP...

PT-2003-2139 · Phpkit · Phpkit

Name of the Vulnerable Software and Affected Versions: PHPKIT versions 1.6.02 through 1.6.03 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the contact email parameter in the include.php file. Recommendations: For PHPKIT versions...

Advanced Poll : PHP Code Injection, File Include, Phpinfo

Informations : °°°°°°°°°°°°° Language : PHP Product : Advanced Poll Version : 2.0.2 Textfile Website : http://www.proxy2.de Problems : - PHP Code Injection - File Include - Phpinfo PHP Code/Location : °°°°°°°°°°°°°°°°°°° comments.php :...

CVE-2003-0863

The phpchecksafemodeincludedir function in fopenwrappers.c of PHP 4.3.x returns a success value 0 when the safemodeincludedir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP...

CVE-2003-0863

CVE-2003-0863 affects PHP 4.3.x: php_check_safe_mode_include_dir returns success (0) when safe_mode_include_dir is not configured, differing from the prior failure and potentially enabling remote file include vulnerabilities in PHP applications. The applicable remediation cited in connected docum...

Simpnews include file Vulnerability

original File name : PUPET-simpnews.txt date releases : july 15, 2003 Informations : ========================= Advisory Name: Simpnews include file Vulnerability Author: PUPET [email protected] Discover by: PUPET [email protected] Website vendor : http://www.boesch-it.de/ Versions : tested on V2.01 -...

PHP-Include-Hack-Possibility in phpforum 2 RC-1

================================================ ------------------------------------------------ ------------www.bright-shadows.net------------ ------------------------------------------------ --------------theblacksheep&erik-------------- ------------------------------------------------...

phpBB 2.0.4 Remote php File Include Exploit

No description provided by source. // / phpBB 2.0.4 Remote AdminStyles.PHP ThemeInfo.CFG File Include / / / / Exploit made on June 2003 by Spoofed Existence / / / / Patch : http://www.phpbb.com/phpBB/viewtopic.php?t=113826 / // include stdio.h include sys/types.h include sys/socket.h include...

compaq.txt

SSI vulnerability in Compaq Web Based Management Agent ====================================================== Type of vulnerabilities: Server Side Include injection. Exploitable. Stack overflows and access violations. Exploitable? Creation of script objects. Exploitable? Affected Software: Compaq...

pMachine (PHP) : Include() Security Hole

Informations : °°°°°°°°°°°°° Language : PHP Version : Free 2.2.1 Website : http://www.pmachine.com Problem : Include Security Hole PHP Code/Location : °°°°°°°°°°°°°°°°°°° This will work if registerglobals is ON OR OFF. /pm/lib.inc.php : ------------------------------------------------------------...

pMachine.txt

Informations : °°°°°°°°°°°°° Language : PHP Version : Free 2.2.1 Website : http://www.pmachine.com Problem : Include Security Hole PHP Code/Location : °°°°°°°°°°°°°°°°°°° This will work if registerglobals is ON OR OFF. /pm/lib.inc.php : ------------------------------------------------------------...

CVE-2003-0224

Buffer overflow in ssinc.dll for Microsoft Internet Information Services IIS 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include SSI directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun."...