Обратный петь в директории PHPNuke/Gallery (directory traversal)

Обрытный путь в параметре include PHP-скрипта modules.php...

NSFOCUS SA2001-06 : Microsoft IIS ssinc.dll Buffer Overflow Vulnerability

NSFOCUS Security AdvisorySA2001-06 Topic: Microsoft IIS ssinc.dll Buffer Overflow Vulnerability Release DateЈє 2001-08-17 CVE CAN ID : CAN-2001-0506 BUGTRAQ ID : 3190 Affected system: ================ - Microsoft IIS 4.0 - Microsoft IIS 5.0 Impact: ========= NSFOCUS Security Team has found a buff...

Basilix Webmail 1.0 - File Disclosure

Basilix Webmail 1.0 - File Disclosure source: https://www.securityfocus.com/bid/2995/info Basilix is a web-based mail application. It offers features such as mail attachments, address book, multiple language and theme support. During operation, Basilix opens a PHP include file using a variable as...

Basilix Webmail 1.0 - File Disclosure

source: https://www.securityfocus.com/bid/2995/info Basilix is a web-based mail application. It offers features such as mail attachments, address book, multiple language and theme support. During operation, Basilix opens a PHP include file using a variable as the filename that can be supplied...

(SRADV00010) Remote command execution vulnerabilities in SquirrelMail

================================================= Secure Reality Pty Ltd. Security Advisory 10 SRADV00010 http://www.securereality.com.au ================================================= Title Remote command execution vulnerabilities in SquirrelMail Released 2/7/2001 Vulnerable Versions up to an...

CVE-2001-0043

phpGroupWare before 0.9.7 allows remote attackers to execute arbitrary PHP commands by specifying a malicious include file in the phpgwinfo parameter of the phpgw.inc.php program...

SRADV00006.txt

================================================= Secure Reality Pty Ltd. Security Advisory 6 SRADV00006 http://www.securereality.com.au ================================================= Title Remote command execution vulnerabilities in phpGroupWare Released 6/11/2000 Vulnerable Versions below...

ssibug

ssi server sides include is a cgi proggie that comes by default with thttpd web server, I am not sure about others. ssi has a nasty bug with regards to the PATHTRANSLATED env var. As you can see the contents of PATHTRANSLATED get copied into pathtranslated which get's fopen'ed later. It does no...

CVE-1999-0561

IIS has the exec function enabled for Server Side Include SSI files...

CVE-1999-0561

CVE-1999-0561 affects IIS where the #exec function is enabled for Server Side Include (SSI) files. The root cause is the SSI #exec handling, enabling potential command execution. Affected product: IIS; vulnerability details and exploitation status are not fully provided in the supplied documents....

The Matt Wright Guestbook.pl 2.3.1 - Server-Side Include

The Matt Wright Guestbook.pl 2.3.1 - Server-Side Include $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

The Matt Wright Guestbook.pl 2.3.1 - Server-Side Include

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Matt Wright...

CVE-1999-0561

IIS has the exec function enabled for Server Side Include SSI files...

PT-1996-1019 · Sendmail · Sendmail

Name of the Vulnerable Software and Affected Versions: Sendmail affected versions not specified Description: The issue allows local users to write to a file and gain group permissions via a .forward or :include: file. Recommendations: At the moment, there is no information about a newer version...