WORK system 4.0.57 Remote File Includes Vulnerability

Exploit for php platform in category web applications Exploit Title: WORK system 4.0.57 Remote File Includes Vulnerability Google Dork: "Worksystem Version 4.0.57" Date: 22/12/2011 Author: Dr.5RaB Software Link http://sourceforge.net/projects/worksystem/files/latest/download: Version: 4.0.57 Test...

Uiga Personal Portal Cross Site Scripting / Blind SQL Injection

Exploit Title: Uiga Personal Portal Multiple Vulnerability Date: 2011 Author: Eyup CELIK Version: All Version Tested on: All versions are Vulnerability Web Site: www.eyupcelik.com.tr ISSUE Blind SQL Injection and XSS can be done using the command input Vulnerable Page: index.php cart.php...

Information disclosure

WSN Software 6.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/prestart.php and certain other files...

CVE-2011-3792

Pixelpost 1.7.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/functionsfeeds.php and certain other files...

CVE-2011-3128

WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 treats unattached attachments as published, which might allow remote attackers to obtain sensitive data via vectors related to wp-includes/post.php...

[Заметка] SSI Web shell

1. Введение В данной заметке я рассмотрю примеры использования SSI, для обхода ограничений php в частности. 2. Теория SSI Server Side Includes — включения на стороне сервера — несложный язык для динамической «сборки» веб-страниц на сервере из отдельных составных частей и выдачи клиенту...

WeBid 1.0.2 - converter.php Remote Code Execution

WeBid 1.0.2 - converter.php Remote Code Execution checkmysql$res, $query, LINE, FILE; 157. $itemtitle = mysqlresult$res, 0, 'title'; Input passed through $REQUEST'auctionid' isn't properly sanitised before being used in the SQL query at line 154. - Vulnerable code to SQL injection works with...

Ubuntu 10.10 : linux vulnerabilities (USN-1160-1)

Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. CVE-2010-4529 Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc...

CVE-2009-5077

CRE Loaded before 6.2.14 allows remote attackers to bypass authentication and gain administrator privileges via vectors related to a modified PHPSELF variable, which is not properly handled by 1 includes/applicationtop.php and 2 admin/includes/applicationtop.php...

PT-2011-1331 · Cre Loaded · Cre Loaded

Name of the Vulnerable Software and Affected Versions: CRE Loaded versions prior to 6.2.14 Description: The issue allows remote attackers to bypass authentication and gain administrator privileges. This is related to a modified PHP SELF variable, which is not properly handled by includes in the...

WordPress WPtouch Plugin <= 1.9.20 - XSS

Because of this vulnerability in lib/includes/auth.inc.php, the attackers can inject arbitrary web script or HTML via the "wptouchsettings" parameter to include/adsense-new.php. Solution Update the plugin...

CVE-2010-4257

CVE-2010-4257 is a SQL injection in WordPress up to version 3.0.2 affecting the do_trackbacks function in wp-includes/comment.php. The vulnerability allows remote authenticated users to execute arbitrary SQL commands via the Send Trackbacks field due to improper input sanitization. Related adviso...

Wordpress function do_trackbacks() SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================================== Wordpress function dotrackbacks SQL Injection Vulnerability ============================================================== Description: SQL injection vulnerability in dotrackbacks...

Pulse CMS Basic Local File Inclusion Vulnerability

Exploit for php platform in category web applications ================================================== Pulse CMS Basic Local File Inclusion Vulnerability ================================================== I. DESCRIPTION --------------------------------------- A vulnerability exists in the...

Zen Cart 1.3.9h Local File Inclusion Vulnerability

Zen Cart 1.3.9h Local File Inclusion Vulnerability Name Zen Cart Vendor http://www.zen-cart.com Versions Affected 1.3.9h Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-11-03 X. INDEX I. ABOUT THE APPLICATION II...

Apache mod_include Buffer Overflow (CVE-2004-0940)

Apache HTTP server is the most widely deployed web server on the Internet. Apache HTTP server is capable of running on a Microsoft Windows and wide variety of Unix-like platforms. A vulnerability exists in the Apache web server's Server Side Includes SSI functionality. A specially crafted file ca...

Analysis DEDECMS 5.5 datalistcp.class.php includes-vulnerability warning-the black bar safety net

Author:st0p Reprint please indicate the source http://www.st0p.org A long time ago just to see someone made the hole, always wanted to over write the analysis?, has recently been to stay in the UBUNTU install things.. Old forget it. Sometimes some friend add me teach him to find the hole and...

CVE-2010-0678

The vulnerability CVE-2010-0678 affects Katalog Stron Hurricane 1.3.5 (and possibly earlier) via a PHP remote file inclusion in includes/moderation.php when register_globals is enabled. An attacker can supply a URL in the includes_directory parameter to execute arbitrary PHP code on the server. T...

ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability

ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-095 December 9, 2009 -- CVE ID: CVE-2009-3849 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...

Power BB 1.8.3 Remote File Includes

Exploit for unknown platform in category web applications =================================== Power BB 1.8.3 Remote File Includes =================================== Sites : http://powerwd.net Download : http://www.phpexplorer.com/Goster/536 Download : http://sourceforge.net/projects/pbb/ Power B...