8856 matches found
Sandbox Multiple Remote Vulnerabilities
Sandbox is prone to multiple remote vulnerabilities, including multiple SQL-injection vulnerabilities, a local file-include vulnerability, and multiple arbitrary-file-upload vulnerabilities. Exploiting these issues could allow an attacker to upload and execute arbitrary code within the context of...
i-Gallery - Multiple Vulnerabilities
i-Gallery - Multiple Vulnerabilities ============================================================== i-Gallery --Multiple Vulnerability ============================================================== Name : i-Gallery --Multiple Vulnerability Date : july 9,2010 Critical Level :VERY HIGH vendor URL :...
Joomla Component (com_booklibrary) Remote File Include Vulnerablility
Exploit for php platform in category web applications ===================================================================== Joomla Component combooklibrary Remote File Include Vulnerablility =====================================================================...
Sandbox Multiple Remote Vulnerabilities
Sandbox is prone to multiple remote vulnerabilities, including multiple SQL-injection vulnerabilities, a local file-include vulnerability, and multiple arbitrary-file-upload vulnerabilities. Exploiting these issues could allow an attacker to upload and execute arbitrary code within the context of...
i-Gallery - Multiple Vulnerabilities
============================================================== i-Gallery --Multiple Vulnerability ============================================================== Name : i-Gallery --Multiple Vulnerability Date : july 9,2010 Critical Level :VERY HIGH vendor URL : http://www.b-cp.com Author : ..::...
Кража MySQL соединения посредством Remote File Include.
0x001-Вступление 0x002-Функция mysqlclose 0x003-Подопытные скрипты 0x004-Демонстрация атаки 0x001-Втсупление В этой мини-статье будет идти речь о том, как можно использовать RFIRemote File Include для кражи у серверного веб-сценария соединение с СУБД MySQL, и последуещего внедрения SQL кода SQL...
Joomla Component com_mtree <= 1.0 Remote File Include Vulnerability
Exploit for php platform in category web applications =================================================================== Joomla Component commtree = 1.0 Remote File Include Vulnerability =================================================================== InformatioN Title : Joomla Mosets Tree =...
nuBuilder Local File Include and Cross Site Scripting Vulnerabilities
nuBuilder is prone to a local file-include vulnerability and a cross- site scripting vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the...
i-Gallery Multiple Vulnerability
Exploit for php platform in category web applications ================================ i-Gallery Multiple Vulnerability ================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /'...
TELUS Security Labs VR - iSCSI target Multiple Implementations iSNS Stack Buffer Overflow
iSCSI target Multiple Implementations iSNS Stack Buffer Overflow TSL ID: FSC20100701-01 1. Affected Software iSCSI Enterprise Project iscsitarget 1.4.20.1 and prior SCST project iscsi-scst 1.0.1.1 and prior tgt project tgt 1.0.5 and prior References: http://iscsitarget.sourceforge.net/...
NTSOFT BBS E-Market Professional Cross Site Scripting
+================================================================================================+ + NTSOFT BBS E-Market Professional & XSS and Remote Execution Evil code + +================================================================================================+ Authors: Ivan Sanchez...
Поиск уязвимостей в веб приложениях
В этой статье я собрал интересные на мой взгляд ошибки в php скриптах. Но для начала, описание некоторых параметров PHP-интерпретатора: Цитата: registerglobals = ON - все переменные регистрируются как глобальные; magicquotesgpc = ON - в массивах POST, GET, COOKIE экранируются кавычки и опасные...
DedeCmsV5. 6 local contains another use-vulnerability warning-the black bar safety net
Article author: jannock Continued local contains include/arc.datalist.class.php $codefile = isset$needCode ? $needCode : $cfgsoftlang; iffileexistsDEDEINC.'/ code/datalist.'.$ codefile.'. inc' requireonceDEDEINC.'/ code/datalist.'.$ codefile.'. inc'; Contains this file can contain . inc file type...
PHP Remote File Include Generic Code Execution
This module can be used to exploit any generic PHP file include vulnerability, where the application includes code like the following: This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PHP Remote...
The Matt Wright Guestbook.pl - Arbitrary Command Execution (Metasploit)
$Id: guestbookssiexec.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
PHP code execution vulnerability-summary-vulnerability warning-the black bar safety net
Reference from:http://php-security.org/2010/05/20/mops-submission-07-our-dynamic-php/index.html A code execution function In PHP you can execute the Code of the function. Such as eval , assert , theand system and exec and shellexec and passthru and escapeshellcmd and pcntlexec , etc. demo code 1....
DEDECMS website management system plus/carbuyaction. php local include vulnerability-vulnerability warning-the black bar safety net
DedeCms based on PHP+MySQL technology development, supporting Windows, Linux, Unix and other server platforms, from the 2 0 0 4 year began to publish the first version began, so far has released five large version. DedeCms in a simple, robust, flexible, open source several features occupied the...
PHPortal 1.2 - 'gunaysoft.php' Remote File Inclusion
Tilte: phportal1.2 gunaysoft.php Remote File Include Vulnerability Author..................: Ma3sTr0-Dz Location ...............: ALGERIA Software ...............: phportal1.2 Impact..................: Remote Advisory ...............: exploit-db.com Site Software ..........:...
PithCMS 'lang' Parameter Local File Include Vulnerability
PithCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the...
PithCMS <= 0.9.5 LFI Vulnerability - Active Check
PithCMS is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...