CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

seebug.org•added 2008/12/09 12:0 a.m.•31 views

XOOPS 2.3.1 Multiple Local File Inclusion Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-040 Application: XOOPS Versions Affected: 2.3.1 Vendor URL: http://www.xoops.org/ Bug: Multiple Local File Include Exploits: YES Reported: 10.11.2008 Vendor response: 10.11.2008 Solution: YES Date of Publ...

Packet Storm•added 2008/12/09 12:0 a.m.•40 views

XOOPS 2.3.1 Local File Inclusions

Exploit DB•added 2008/12/08 12:0 a.m.•35 views

XOOPS 2.3.1 - Multiple Local File Inclusions

exploitpack•added 2008/12/08 12:0 a.m.•29 views

XOOPS 2.3.1 - Multiple Local File Inclusions

XOOPS 2.3.1 - Multiple Local File Inclusions Digital Security Research Group DSecRG Advisory DSECRG-08-040 Application: XOOPS Versions Affected: 2.3.1 Vendor URL: http://www.xoops.org/ Bug: Multiple Local File Include Exploits: YES Reported: 10.11.2008 Vendor response: 10.11.2008 Solution: YES Da...

Exploit DB•added 2008/12/04 12:0 a.m.•25 views

NPDS < 08.06 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/33051/info NPDS is prone to multiple input-validation vulnerabilities: - Multiple local file-include vulnerabilities - An HTML-injection vulnerability - Multiple SQL-injection vulnerabilities - Multiple cross-site scripting vulnerabilities Exploiting thes...

exploitpack•added 2008/12/02 12:0 a.m.•45 views

Fantastico - index.php Local File Inclusion

Fantastico - index.php Local File Inclusion source: https://www.securityfocus.com/bid/32578/info Fantastico is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts ...

seebug.org•added 2008/11/19 12:0 a.m.•25 views

Pluck CMS 4.5.3 (g_pcltar_lib_dir) Local File Inclusion Vulnerability

No description provided by source. Hello, bugtraq. Digital Security Research Group DSecRG Advisory DSECRG-08-039 Application: Pluck CMS Versions Affected: 4.5.3 Vendor URL: http://www.pluck-cms.org/ Bug: Local File Include Exploits: YES Reported: 25.08.2008 Vendor Response: 30.08.2008 Solution: Y...

securityvulns•added 2008/11/19 12:0 a.m.•63 views

[DSECRG-08-039] Local File Include Vulnerability in Pluck CMS 4.5.3

Hello, bugtraq. Digital Security Research Group DSecRG Advisory DSECRG-08-039 Application: Pluck CMS Versions Affected: 4.5.3 Vendor URL: http://www.pluck-cms.org/ Bug: Local File Include Exploits: YES Reported: 25.08.2008 Vendor Response: 30.08.2008 Solution: YES Date of Public Advisory:...

7AI score

Packet Storm•added 2008/11/19 12:0 a.m.•40 views

DSECRG-08-039.txt

exploitpack•added 2008/11/18 12:0 a.m.•27 views

Pluck CMS 4.5.3 - g_pcltar_lib_dir Local File Inclusion

Pluck CMS 4.5.3 - gpcltarlibdir Local File Inclusion Hello, bugtraq. Digital Security Research Group DSecRG Advisory DSECRG-08-039 Application: Pluck CMS Versions Affected: 4.5.3 Vendor URL: http://www.pluck-cms.org/ Bug: Local File Include Exploits: YES Reported: 25.08.2008 Vendor Response:...

Packet Storm•added 2008/11/18 12:0 a.m.•19 views

phpfan-rfi.txt

remote file include script: phpfan 3.3.4 download from:http://ishallnotcare.org/mint/pepper/tillkruess/downloads/tracker.php?url=http%3A//scriptsextra.ishallnotcare.org/phpfanbasic334.zip ............................................................................ vul: includeonce $includepath...

Exploit DB•added 2008/11/18 12:0 a.m.•50 views

Pluck CMS 4.5.3 - 'g_pcltar_lib_dir' Local File Inclusion

0day.today•added 2008/11/18 12:0 a.m.•31 views

Pluck CMS 4.5.3 (g_pcltar_lib_dir) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ===================================================================== Pluck CMS 4.5.3 gpcltarlibdir Local File Inclusion Vulnerability ===================================================================== Hello, bugtraq. Digital Security...

canvas•added 2008/11/13 11:30 a.m.•56 views

Immunity Canvas: JOOMLARSS_RFI

Name| joomlarssrfi ---|--- CVE| CVE-2008-5053 Exploit Pack| CANVAS Description| Joomla Simple RSS Reader Remote File Include Notes| CVSS: 10.0 Repeatability: Infinite VENDOR: Joomla CVE Url: https://vulners.com/cve/CVE-2008-5053 CVE Name: CVE-2008-5053...

10CVSS6.8AI score0.63276EPSS

Exploits2

securityvulns•added 2008/10/28 12:0 a.m.•37 views

bcoos 1.0.13 Remote File Include Vulnerability

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + bcoos 1.0.13 Remote File Include Vulnerability + + + + Discovered by DeltahackingTEAM + + + + WwW.DeltaHacking.Net + + + + + + + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ AUTHOR :...

2AI score

Atlassian•added 2008/10/27 5:18 a.m.•22 views

Confluence administrators (who are not necessarily sys admins) can configure whitelist

A user who has the "Confluence Administrator" permission, but not necessarily the "System Administrator" permission, can configure the new URL whitelist for the HTML-include and RSS macros. Is this good enough, from a security point of view?...

2.2AI score

Exploits0Affected Software1

Packet Storm•added 2008/10/27 12:0 a.m.•21 views

bcoos-rfi.txt

seebug.org•added 2008/10/25 12:0 a.m.•39 views

phpGroupWare远程执行命令漏洞

由于它不正确的调用了include函数，可能允许包含远程的恶意文件，并导致在受影响主机上执行任意命令。（以web server运行权限，通常是'nobody'）由于phpGroupWare的库包含文件放在浏览器可访问的目录下，因此攻击者可以直接调用这些包含文件，由于其中的一个包含文件phpgw.inc.php是用include 函数时是通过变量完成的，用户可以通过Web接口定义这个变量的内容，导致远程主机上的文件可以被包含进来。如果攻击者设置一个有效的php文件，就可能在受攻击的主机上执行任意命令。有问题的代码部分，如下： include$phpgwinfo server...